eu.gotbstgifts.click/za/i13s22/brand/loot/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click
164.92.232.111302 Found 0 B URL HTTP/1.1 eu.gotbstgifts.click/za/i13s22/brand/loot/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click
IP 164.92.232.111:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /za/i13s22/brand/loot/?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click HTTP/1.1
Host: eu.gotbstgifts.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Sep 2022 22:00:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 21:36:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Py-Ai1JXpkMGYGGIW4O28j9sFA2mFAm6pyUvLDETamOWGbTRe5jblA==
Age: 1421
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12643
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 22:00:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HtY7bBNhLXcVSmDxw1x6fJRllUjlTroaAX1xX4fUiy_h2k_-1qnUvA==
age: 74684
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8381ba621a9b202bde5ec3bcd20ad919
0afd1894d3d992b8e1533be813aee49b225d3d59
0965ef6aa3fdfd440377f6ead48b9f1bbd01ffa6406a2c9d804c7b9f3f759781
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0965EF6AA3FDFD440377F6EAD48B9F1BBD01FFA6406A2C9D804C7B9F3F759781"
Last-Modified: Thu, 01 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18926
Expires: Sat, 03 Sep 2022 03:15:27 GMT
Date: Fri, 02 Sep 2022 22:00:01 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:00:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click
3.70.16.242302 Found 260 B URL HTTP/2 7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click
IP 3.70.16.242:0
File type HTML document, ASCII text, with no line terminators
Hash eda39533a142b06973ac116c3ba157f6
65436e1b1ec50b977cec89d087cca7bdc51fdc5c
406f802e205ee533c2c0229688db486ee1c9c2f05a88f0053268466fc2399349
GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3?ts=08e29a07-b84a-41cf-a9c0-1cb114072fbc&camp=&zone=&landid=5a5fd104-d4f2-4417-a787-24b2c6d68a43&osv=Android%2010.0&isp=Google%20Cloud&tid=08e29a07-b84a-41cf-a9c0-1cb114072fbc&key=eyJ0aW1lc3RhbXAiOiIxNjYyMTU1OTgyIiwiaGFzaCI6ImQyNzFiOTRhYmZlNzQ5NjdkNTU0MWUzZDUwYWEzMDQ5ODc5MmUwNjUifQ==&td=ss.redirectsstm.click&bemobdata=c=355dfe33-d410-4b38-a6d1-7311b04bc3fd..l=5a5fd104-d4f2-4417-a787-24b2c6d68a43..a=0..b=2..r=ss.redirectsstm.click HTTP/1.1
Host: 7ktpj.bemobtrcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: openresty
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/html; charset=utf-8
content-length: 260
access-control-allow-origin: *
location: https://ungroudonchan.com/4/4598789?ymid=Kmt8p3KT7dupDLXC4BHV6C&var=074b5bba-80ab-4a33-86df-edbd736e35eb
set-cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Sat, 03 Sep 2022 22:00:01 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:bcad9fbed5d562e339b2ddf45707a26c=0-0-10; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Sat, 03 Sep 2022 22:00:02 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=Kmt8p3KT7dupDLXC4BHV6C; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Sat, 03 Sep 2022 22:00:02 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 140.722ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 21:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 22:21:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: INwVHpP-ArKL7e8FsjWbnn3DnYwKV0g9TZ1EE5z0yJoIzdX2uPw_Lw==
Age: 1306
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 99349a3f0f77bf9ffb93a0dd112106de
996fdc95fc85fa871164d00ac8b5bc1c0218625a
c8d656fb3e812d499978e1c4da72345fcd9ce6e666d7486c4db718405d789546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8D656FB3E812D499978E1C4DA72345FCD9CE6E666D7486C4DB718405D789546"
Last-Modified: Fri, 02 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Sat, 03 Sep 2022 00:32:53 GMT
Date: Fri, 02 Sep 2022 22:00:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:02 GMT
Last-Modified: Fri, 02 Sep 2022 20:34:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b5d905b051e12497fdb9964a2324661
a8625e003f903127e8b329beac3ef65559149311
ddb5d3a8c7b856ab4358b1a5b8afa245cb74013215789a540942b3824eea1036
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDB5D3A8C7B856AB4358B1A5B8AFA245CB74013215789A540942B3824EEA1036"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12439
Expires: Sat, 03 Sep 2022 01:27:21 GMT
Date: Fri, 02 Sep 2022 22:00:02 GMT
Connection: keep-alive
ungroudonchan.com/favicon.ico
139.45.197.238204 No Content 0 B URL HTTP/2 ungroudonchan.com/favicon.ico
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=9ca8c4047faf41cdac93ab06d7a2772d; oaidts=1662156002
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Sep 2022 22:00:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=589687614752432299&subid1=4598789&cost=0.000228&rdk=rk1
157.90.33.71302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=589687614752432299&subid1=4598789&cost=0.000228&rdk=rk1
IP 157.90.33.71:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=589687614752432299&subid1=4598789&cost=0.000228&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Sep 2022 22:00:02 GMT
content-length: 0
x-trace: 246d0e5c2ac45c819a4c0feb0ade6bb4
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
set-cookie: rauid=khctRnL5RcKCQZUA_Or9kg; expires=Sat, 02 Sep 2023 22:00:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 02 Sep 2022 22:00:02 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +QBjoM5dPTrM7fqSmsb6qQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ncDHs/kc7VvV+jELvPAM9lSXpQw=
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 41ea586f0e66dcd46f50ab3938543b12
d7a3d6a40066652fc85cdaab9e613246b6af4aab
60b133ec87e89ec28689b760f6ce265eee0e935dca93f42543885a05f8b19a79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 22:00:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 18:25:21 GMT
Expires: Thu, 08 Sep 2022 18:25:20 GMT
Etag: "d7a3d6a40066652fc85cdaab9e613246b6af4aab"
Cache-Control: max-age=504917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74498427bc17b52d-OSL
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
23.36.79.9301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 02 Sep 2022 22:00:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Sep 2022 22:00:02 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662156002665)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C202292220%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%223763488%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Sun, 02-Sep-3021 22:00:02 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=67
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=9ca8c4047faf41cdac93ab06d7a2772d
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=9ca8c4047faf41cdac93ab06d7a2772d
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=9ca8c4047faf41cdac93ab06d7a2772d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9ca8c4047faf41cdac93ab06d7a2772d; expires=Sat, 02 Sep 2023 22:00:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
104.22.30.168200 OK 13 kB URL HTTP/2 www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
IP 104.22.30.168:0
Hash 1e197848a2364939dce7da5a7b1cdbee
28f48476b69ad1a9a29257b2def83dacc33ecdbb
d4584c2f023d8158fbeff078acde4dff3d6f32e6ee9003f34260109f020b3e51
GET /nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/html
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-x897j; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744984291c7efab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/fonts/DS-Digital.woff2
104.22.30.168200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: font/woff2
content-length: 776
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 6969
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498429ccf9fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: font/woff2
content-length: 10508
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 2054
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498429ccf6fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Regular.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Regular.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Hash 5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: font/woff2
content-length: 10108
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4296
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498429ccf7fab4-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
142.250.74.72200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP 142.250.74.72:0
File type ASCII text, with very long lines (24751)
Hash 479807484cae64557ab16bf2f98894e1
21c8bc5c033f054223a75bc8fe3ffb639d5e64ac
53da836b553f2a9c191d42efdfd0cb1c87464000af8a9d2fb478e1b01747ed23
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 22:00:02 GMT
expires: Fri, 02 Sep 2022 22:00:02 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/base.css
104.22.30.168200 OK 1.7 kB URL HTTP/2 www.megarush.com/base.css
IP 104.22.30.168:0
Hash c7bdf83251b16631ff1546d79d157ada
3db78d9f4a6722257427c6b3d8254889a7201415
36c27e2dec555c7f1e8ecdd14b71622a95548e43b77ed149e0d6a87a44ea7f85
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-f49"
expires: Sun, 28 Aug 2022 07:31:03 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1316
server: cloudflare
cf-ray: 74498429ccfafab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6731353ed119ff4fee050fb1f9d37b84
5196833dcd4d24502a1e07e8cadc12823bb9853a
bcf848eed5bac77cff18d2f4433559a60d4029483de990e8cc2cff54b8bca6ba
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BCF848EED5BAC77CFF18D2F4433559A60D4029483DE990E8CC2CFF54B8BCA6BA"
Last-Modified: Wed, 31 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16564
Expires: Sat, 03 Sep 2022 02:36:07 GMT
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: keep-alive
www.megarush.com/favicons/favicon-194x194.png
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/favicons/favicon-194x194.png
IP 104.22.30.168:0
File type PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366146
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7449842cbf10fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/favicons/favicon-16x16.png
104.22.30.168200 OK 437 B URL HTTP/2 www.megarush.com/favicons/favicon-16x16.png
IP 104.22.30.168:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5199587
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7449842ccf15fab4-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 502920c740ad9b5b48ada7e323634b15
ac01ba4bc79583a77d2164227a092a51882dd0fd
30603dfb89bb6ed14aa1e72e9b95cb7e4e176234f4ca191c5ecbe06c71a03685
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
54.230.245.200200 OK 16 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP 54.230.245.200:0
File type ASCII text, with very long lines (16536)
Hash 9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a
GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 02 Sep 2022 19:53:21 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kMJV_9-A43tz1hk930CObtvgZZFD1OcZTesjm3G0jZvEW0QKhu1X0w==
Age: 7603
www.megarush.com/chunk-vendors.76e8e4d0.css
104.22.30.168200 OK 21 kB URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 104.22.30.168:0
File type ASCII text, with very long lines (1536)
Hash 385886779032802bf0b8dc7fa83f61cd
9cbfd517460016917f76c78c73358d76ef6f964f
82d41b76ad856c941d12a9a40648de570fa0a155202a586ef66db5e8e59af89b
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-5f3"
expires: Thu, 25 Aug 2022 15:25:15 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6200
server: cloudflare
cf-ray: 74498429ccfcfab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b38c70be2c708c8fcdb4bcdd95111db3
5f70dad206d198c0676f7d99130b11c212b326d8
61713a38ec0b90503638d4bc780c08cdbd1a0ac42bac2f7bce5083d7365133e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2851
Cache-Control: max-age=156992
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:03 GMT
Etag: "63123400-1d7"
Expires: Sun, 04 Sep 2022 17:36:35 GMT
Last-Modified: Fri, 02 Sep 2022 16:49:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.megarush.com/index.30053c2cd5717880348c.css
104.22.30.168200 OK 96 kB URL HTTP/2 www.megarush.com/index.30053c2cd5717880348c.css
IP 104.22.30.168:0
Hash 2cd7ffdd0648c57658fe0b8a956134b9
8139aadf27ee12d36d823a7d94d95d221a2cb21c
a0e5c2b70e246c64deb102117c640e5e9b112672e4c08113f5e849e178bf9650
GET /index.30053c2cd5717880348c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228336
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-37bf0"
expires: Thu, 25 Aug 2022 14:39:00 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4313
server: cloudflare
cf-ray: 74498429ccfdfab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/scripts/b_megarush.js
104.21.39.149200 OK 723 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 104.21.39.149:0
Hash 1cce52e226f1395946ed2390db3111d4
44cde4d79a8e5c002e6b1b99df8779a46c223533
e961e984c2cfdcea613e3ca6d44f80ac23e92a8d9397edfd8c12bf0486191d3e
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: b5789dc3-6a68-4966-8bcf-5ddd2ed7a7fd
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.004602
expires: 2022-08-03 22:00:03 UTC
x-powered-by: Phusion Passenger(R) 6.0.11
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgTQIDJp6S01BGJbmK2XPRea2myFr%2B5YTxoYiE1BmGUxy8XBapZter099Pc%2BHtfJ1AoNwWbXqUYWJ7t97Fje9KxTJ9i6fsbnYkonPELbmSayfUTXsOem8xIjPX1gdslGkR3WLPe3Niicd6V3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7449842b6e0afab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=63127ce15f0899bf491f0046
104.18.38.157101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=63127ce15f0899bf491f0046
IP 104.18.38.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=63127ce15f0899bf491f0046 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MepSub6BOtOcdsHFou20ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: dFsqDPpQHR/DquolLMU7QhPmOME=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=5e4e526b31225b8d4c9bbe34aedc534e; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7449842d29f7b4fa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 92f0240d71925afbb2ff77223bf04355
9fb9a6cfd27552c2bec0bd7b7fa2bf6414d701d3
8c16dee0025062c07eefb25e501df0e81173683945bc56805fd70651dd6b7435
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C16DEE0025062C07EEFB25E501DF0E81173683945BC56805FD70651DD6B7435"
Last-Modified: Fri, 02 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4113
Expires: Fri, 02 Sep 2022 23:08:36 GMT
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: keep-alive
megalotto-static.gigmagic.io/translations/no.json
172.64.149.99200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 172.64.149.99:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash bf20063ff80611f4c90722ee80079cc7
33b4e13c5ecdd4dd17d1da7cc62d7c2c6bfdb9a6
cd6c2e943ba34649dc851021827f2950cf3b346d74ad9c87fc7d5d8e40cdd448
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: application/json; charset=utf-8
content-length: 75144
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 31 Aug 2022 11:28:51 GMT
etag: "bf20063ff80611f4c90722ee80079cc7"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449842e1eb8b4f3-OSL
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 49 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash c2d1b73bed772b2225954d302cea4c22
3118c449fbd379661710e6e03395152673b0a835
316f11bc05cdbfa020520469236dbc4c85c1583cb049c1ac61d43b1672d4840d
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 351
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 22:00:03 GMT
content-length: 49
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=5e4e526b31225b8d4c9bbe34aedc534e; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449842fa8c1b4f3-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 92f0240d71925afbb2ff77223bf04355
9fb9a6cfd27552c2bec0bd7b7fa2bf6414d701d3
8c16dee0025062c07eefb25e501df0e81173683945bc56805fd70651dd6b7435
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C16DEE0025062C07EEFB25E501DF0E81173683945BC56805FD70651DD6B7435"
Last-Modified: Fri, 02 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4113
Expires: Fri, 02 Sep 2022 23:08:36 GMT
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: keep-alive
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=37cd76cd7b4434682f3f2d1b20ad6cb2; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449842fd8f5b4f3-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
104.22.30.168200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 104.22.30.168:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141399
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7449842ffa22fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-2.png
104.22.30.168200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 104.22.30.168:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5198625
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7449842ffa26fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
104.22.30.168200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 104.22.30.168:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7602388
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984300a2bfab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
104.22.30.168200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 104.22.30.168:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141399
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a47fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-1-1.png
104.22.30.168200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 104.22.30.168:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141399
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a44fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
104.22.30.168200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 104.22.30.168:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7595929
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a43fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
104.22.30.168200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 104.22.30.168:0
Hash 80b8731b148c3b0fe14e212160b6ee24
303bc6ceccbaf7230a51c74eb13833475e4563d1
14c9b2594032ce1cc99e075fd0c0d6123c51ebcf0a20299b673122bb95ced486
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141230
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984301a32fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
104.22.30.168200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 104.22.30.168:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141399
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984303a4efab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/promotions.png
104.22.30.168200 OK 21 kB URL HTTP/2 www.megarush.com/img/benefits/promotions.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 717686
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984303a54fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/loyalty.png
104.22.30.168200 OK 9.7 kB URL HTTP/2 www.megarush.com/img/benefits/loyalty.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7598231
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984304a5bfab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/megaclub.png
104.22.30.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/benefits/megaclub.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash 6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 823209
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984304a5dfab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/feel-the-rush.png
104.22.30.168200 OK 49 kB URL HTTP/2 www.megarush.com/img/home-page/feel-the-rush.png
IP 104.22.30.168:0
File type PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Hash 141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 29141399
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984304a5ffab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/online-gamblers.png
104.22.30.168200 OK 14 kB URL HTTP/2 www.megarush.com/img/affiliates/online-gamblers.png
IP 104.22.30.168:0
File type PNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c612bb3dbe37436b86ec881eecb90c4
45722b1f16d3b61f2803fa3bb78403414bd3a442
e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c
GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366827
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984306a72fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/norges-casino.png
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/img/affiliates/norges-casino.png
IP 104.22.30.168:0
File type PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Hash 453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366827
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984306a73fab4-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7671
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7671
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 22:00:03 GMT
Connection: keep-alive
megalotto-static.gigmagic.io/games/no_NO.json
172.64.149.99200 OK 713 kB URL HTTP/2 megalotto-static.gigmagic.io/games/no_NO.json
IP 172.64.149.99:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 713 kB (713442 bytes)
Hash a0b00db38fe6cec9071251cd729d7ab9
231d882f806fce7654c5a0e261d17ee047091a3a
bda273d421c0442a5cb6f57efbc6bd8cc993e47333057777fd79ec4dc6dcb43f
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: application/json; charset=utf-8
content-length: 713442
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Mon, 29 Aug 2022 13:00:08 GMT
etag: "a0b00db38fe6cec9071251cd729d7ab9"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449842f98b9b4f3-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GHd4FOjIO1OP7wSOVcnOryE5ux4hlr_kC0dfJs3LqgQUbxMzuFxc1A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:37:28 GMT
age: 1355
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eWPq37qiXo5wamKlEu7STGXPBfiJpqsVilJlF_wi7oudjevWZI0K8A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:55:46 GMT
age: 257
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:48:05 GMT
age: 718
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 26014
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
104.18.38.157200 OK 31 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 104.18.38.157:0
File type ISO Media, AVIF Image\012- data
Hash a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 09 Aug 2022 04:19:00 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 73e1b6d76cd0ea6107194f5ce3c59e5c75e13086
age: 2137264
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-ams12773-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744984308a791c02-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:51 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 85992
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 86334
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
104.22.30.168200 OK 2.7 kB URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 104.22.30.168:0
Hash 3454028520b441b30ee44ae529849bdc
6174842fb15d7d00fd095014ac6765509d8b492b
ceb9e42ec4d4fbb010b68580e09e3f0964381c14ddd003dc2bab39b488be22d6
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7603977
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430bacafab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-clock-badge-new.svg
104.22.30.168200 OK 1.2 kB URL HTTP/2 www.megarush.com/img/icons/mega-clock-badge-new.svg
IP 104.22.30.168:0
Hash bd526f968c8925a00bc496e44d619527
098d60580912602cedf389034de2d1865fbdf436
9b86b1de6df3a11d66b3e87c1b4ad034449dbe93450d897a16e5bf98f333efa7
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7591713
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984318b65fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2-small.png
104.22.30.168200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2-small.png
IP 104.22.30.168:0
File type PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Hash 8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0
GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 11 Jul 2022 12:54:28 GMT
etag: "62cc1d84-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 4494925
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984323bf7fab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mga.svg
104.22.30.168200 OK 36 kB URL HTTP/2 www.megarush.com/img/icons/mga.svg
IP 104.22.30.168:0
Hash 49425f9d857edf8bb7d4ad094f3ae259
299e7035648b0ba3ace6d75f993b2a19df57d40d
e95edb8e14ee6c7fedfb29935897a15efd45a734c1ee855362616a5ae03067ba
GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7602388
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984318b68fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25302 Found 76 kB URL HTTP/2 open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
Hash 8f9da07525be84c7349864905d425529
4a546f9b3a231a8d7fea05d5eb5515a87ef22ef5
60148e2aa297a1b4b8af58806bdb142d28716285ce90146b7b48f3c30f4f586a
GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=1f4800c36c3fa0811f7c5761c470c603; path=/; expires=Sat, 02 Sep 2023 22:00:04 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D1f4800c36c3fa0811f7c5761c470c603%26device%3Ddesktop; path=/; expires=Sat, 03 Sep 2022 22:00:04 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: addfef4d7b152913
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/payments.svg
104.22.30.168200 OK 54 kB URL HTTP/2 www.megarush.com/img/icons/payments.svg
IP 104.22.30.168:0
Hash 9279d623355d2800a3615fcd670e4226
bde08ef05575e06e8d0d800b32a38a03c86b8d9e
674cbd57638eb291464ddc133b9d9388c0d2b5c4db511e607a8dbfcbc498806c
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7602388
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430eaebfab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
104.18.38.157200 OK 84 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png
IP 104.18.38.157:0
File type ISO Media, AVIF Image\012- data
Hash bedc100c06fb83e57bdb6d2f42747b20
833f812570395944549808e657831b895ef6409e
b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1
GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/avif
content-length: 83745
last-modified: Wed, 10 Aug 2022 00:28:10 GMT
cache-control: public, max-age=31536000
x-imgix-id: 8c4936354234afe074d1e18d7535593211e72b9e
age: 2064714
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10080-SJC, cache-ams12768-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 744984323c9c1c02-OSL
X-Firefox-Spdy: h2
www.megarush.com/video/arcade-game.webm
104.22.30.168206 Partial Content 61 kB URL HTTP/2 www.megarush.com/video/arcade-game.webm
IP 104.22.30.168:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: video/webm
content-length: 61172
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-x897j; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoEDNmMSfOSHwwArA9PbAg==; expires=Sun, 02-Oct-22 22:00:04 GMT; domain=$host; path=/
server: cloudflare
cf-ray: 74498432ac6efab4-OSL
X-Firefox-Spdy: h2
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25200 OK 25 kB URL HTTP/2 open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 03c3b593765078a01f94c30347a55721
0dbb88c5cc1d23f9e1d990ea85618db2216a55d3
deb35b6d5865f544936e0b8eae48320f697b5130067de676c724baf35fd2a0f3
GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=1f4800c36c3fa0811f7c5761c470c603; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D1f4800c36c3fa0811f7c5761c470c603%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=1f4800c36c3fa0811f7c5761c470c603; path=/; expires=Sat, 02 Sep 2023 22:00:04 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: 44470711371b434b
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
151.101.86.249200 OK 3.5 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP 151.101.86.249:0
File type ASCII text, with very long lines (23516), with no line terminators
Hash 9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c
GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 22:00:04 GMT
Age: 3410648
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1655-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 29673
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.081f7da7.js
151.101.86.249200 OK 130 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.081f7da7.js
IP 151.101.86.249:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129919 bytes)
Hash 0e5e1999e48605c8d148a957d83f6765
4092bb57c3f0c888e19b7042f76d0d6f09807aac
d04eaf8b0c9e015943075a11b85b3948cbaea007389475ea94872c061ae4b744
GET /cdn/build/embed-legacy/embed-legacy.081f7da7.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 129919
Last-Modified: Fri, 02 Sep 2022 18:52:45 GMT
ETag: "0e5e1999e48605c8d148a957d83f6765"
x-goog-generation: 1662144765125770
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 129919
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 22:00:04 GMT
Age: 10991
X-Served-By: cache-chi-klot8100072-CHI, cache-bma1679-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 156
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
www.megarush.com/img/home-page/glows/half-blue.svg
104.22.30.168200 OK 216 kB URL HTTP/2 www.megarush.com/img/home-page/glows/half-blue.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64864)
Size 216 kB (216518 bytes)
Hash 4cd801d6b80dc6f192e9ad5350626aca
249cff3399b61b50126950e0e47e471597975543
a9bcf023ffba040b2c56e8d22a096c52818ef0c3c803dcba58cbe1f4ca4471a5
GET /img/home-page/glows/half-blue.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-2a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28120434
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984323c05fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 76dcbad68de6958beabb7aeab54ed358
c4197b32bd92ea9ff3dbfb3a71b90c44597f8aee
ef120ca56abebe770d7975a5a4b32907308832de97de61cdb3ae61b4522b49e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4902
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 22:00:04 GMT
Last-Modified: Fri, 02 Sep 2022 20:38:22 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7ffc4ef7f364d6ff4b6eb951f109bc48
7dcefc758fdf8b9b6046680eb2f7c9b955e2661a
698483b3698fd47ff94d2f79c8b0b66d2d4e489e2eaa465d3bf2876075c51f25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "698483B3698FD47FF94D2F79C8B0B66D2D4E489E2EAA465D3BF2876075C51F25"
Last-Modified: Fri, 02 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13648
Expires: Sat, 03 Sep 2022 01:47:32 GMT
Date: Fri, 02 Sep 2022 22:00:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7ffc4ef7f364d6ff4b6eb951f109bc48
7dcefc758fdf8b9b6046680eb2f7c9b955e2661a
698483b3698fd47ff94d2f79c8b0b66d2d4e489e2eaa465d3bf2876075c51f25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "698483B3698FD47FF94D2F79C8B0B66D2D4E489E2EAA465D3BF2876075C51F25"
Last-Modified: Fri, 02 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13648
Expires: Sat, 03 Sep 2022 01:47:32 GMT
Date: Fri, 02 Sep 2022 22:00:04 GMT
Connection: keep-alive
www.megarush.com/img/logo.4c52d90d.svg
104.22.30.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/logo.4c52d90d.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (26638)
Hash cc288148189edea93de587de5880573a
f13b1ee7df33310198e3027f6a80b937dd8519e2
12467378d915e8d6c70280024c2f65d1c67a734deb4a4caaab829d1cf7c12477
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7598232
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984325c30fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 113 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 731267568e389c43b4b60d632515df55
d1250cf07bc7142169e4d088e67c486f10355196
a15f8936dc4eecd922051242e6c0cfffc51cf8b9b00074583ffe9339ec443501
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 113
date: Fri, 02 Sep 2022 22:00:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
151.101.86.248200 OK 131 kB URL HTTP/1.1 i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Size 131 kB (130780 bytes)
Hash ccb11204819dd6617e4e1fba9eeb5a84
3f5233f01c8ce71ffddde8694d269ee834964b93
f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111
GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 22:00:05 GMT
Age: 915530
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000120-CHI, cache-bma1675-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
Hash fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 22:00:05 GMT
Age: 2154612
X-Served-By: cache-ord1728-ORD, cache-chi-kigq8000035-CHI, cache-bma1666-BMA
X-Cache: MISS, HIT, HIT
X-Cache-Hits: 0, 1, 23
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
151.101.86.248200 OK 84 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
IP 151.101.86.248:0
Hash 4eaffdf96f4c6f984686e93d5d9cb325
8c576f620ae00a66282d8eb10dc2eb580888aaf1
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 22:00:05 GMT
Age: 835891
X-Served-By: cache-chi-klot8100167-CHI, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
www.megarush.com/img/home-page/glows/blue-jackpot.svg
104.22.30.168200 OK 652 B URL HTTP/2 www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP 104.22.30.168:0
Hash 9d6c927eac1c0d7d018de4f74ee9fdcb
0d7a99640b1aae0fefd29ef3a4127304b806d8f3
b0f227699f85555f1995b70a93598c3f3c0bd31e3f8db28bcf5eb899a667f047
GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28120434
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984324c23fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=1257440318;fpan=1;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003617;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ogl=
143.204.55.93200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=1257440318;fpan=1;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003617;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ogl=
IP 143.204.55.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=1257440318;fpan=1;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003617;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 05:55:33 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3qTMZ3giqDeymRY-oQeSwLde62qHvK9V5L6QT9uYM26rYh9W6iKVUA==
age: 57873
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=542342370;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003619;tzo=0;ogl=;ses=4bc1d470-964d-47b6-8bcf-4095a959e68a
91.228.74.159200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=542342370;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003619;tzo=0;ogl=;ses=4bc1d470-964d-47b6-8bcf-4095a959e68a
IP 91.228.74.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=542342370;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1355488639%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_0F3F401F7F0A461DB69D38AFE2B71DAB;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-178999644-1662156003617;pbc=;ns=1;ce=0;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;d=track.adform.net;dst=0;et=1662156003619;tzo=0;ogl=;ses=4bc1d470-964d-47b6-8bcf-4095a959e68a HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:05 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63127ce5-6163d-02a75-0a8cd; expires=Tue, 03-Oct-2023 22:00:05 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Sep 2022 22:00:05 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Fri, 02 Sep 2022 22:00:05 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/visa--white.svg
104.22.30.168200 OK 376 B URL HTTP/2 www.megarush.com/img/icons/visa--white.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (598)
Hash 94b6c3d8a43e889871c9dca4af22883d
c3731ea73acf9a89e0da0e65eb5b66161f9fb354
1947c29c49bd4bb8af6fb25ff2cfa70841f91460d9f81d74df9546faade5ced6
GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366827
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984310b08fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Fri, 02 Sep 2022 22:00:05 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/video/header-video-720p.webm
172.64.149.99206 Partial Content 1.3 MB URL HTTP/2 megalotto-static.gigmagic.io/video/header-video-720p.webm
IP 172.64.149.99:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.3 MB (1336865 bytes)
Hash 63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 02 Sep 2022 22:00:05 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Sat, 03 Sep 2022 02:00:05 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 744984394e81b4f3-OSL
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 22:00:05 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4Ve7euVpAusbqUYkx-vWIBLDbIidnuXDqMDG0LRpu40sXh6a2fEPJA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:06:50 GMT
age: 86000
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 112 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 324c688c9988b9e5c6b4be090c2ccbde
57c20798f07c11d79c8b656d7457220c732c5d0c
3e460f5bc4acf881a2c8e5a30cf419ebd9815284c90f317bd534ee8bdeb9eb14
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 112
date: Fri, 02 Sep 2022 22:00:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
172.64.149.99200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 172.64.149.99:0
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 63127ce15f0899bf491f0046
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=5e4e526b31225b8d4c9bbe34aedc534e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74498430193cb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/jeton--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/jeton--white.svg
IP 104.22.30.168:0
GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7602389
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984310b14fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
104.18.38.157200 OK 0 B URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 104.18.38.157:0
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 09 Aug 2022 04:19:00 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 73e1b6d76cd0ea6107194f5ce3c59e5c75e13086
age: 2137263
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-ams12761-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449842fe9e41c02-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 104.22.30.168:0
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5198625
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a3cfab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
172.64.149.99200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 172.64.149.99:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 63127ce15f0899bf491f0046
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=5e4e526b31225b8d4c9bbe34aedc534e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74498430092cb4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 104.22.30.168:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16114424
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984309aa4fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--flat.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/promotions--flat.svg
IP 104.22.30.168:0
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16091698
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430eaf4fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
graphql.datocms.com/
104.22.3.238200 OK 0 B IP 104.22.3.238:0
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:05 GMT
content-type: application/json; charset=utf-8
cf-ray: 744984372ef3b51e-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 2135235
cache-control: no-store
content-encoding: gzip
etag: W/"8a069ed1bdcb8517251ab69433826adb"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 387
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 0ms
x-request-id: 0f274e57-e572-4252-8a11-69b9b51533b0
x-runtime: 0.073587
x-served-by: cache-dub4335-DUB, cache-bma1660-BMA
x-timer: S1662156005.003680,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 104.22.30.168:0
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7603669
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a3efab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/onlinedisputeresolution.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/onlinedisputeresolution.svg
IP 104.22.30.168:0
GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6848599
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984318b69fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/service-worker.js
IP 104.22.30.168:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:05 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
etag: W/"63078847-64d2"
expires: Fri, 02 Sep 2022 22:00:35 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7449843b6c4ffab4-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gamblersanonymous.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gamblersanonymous.svg
IP 104.22.30.168:0
GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5199201
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984319b6efab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1355488639&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_0F3F401F7F0A461DB69D38AFE2B71DAB
37.157.4.28200 OK 0 B URL HTTP/2 track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1355488639&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_0F3F401F7F0A461DB69D38AFE2B71DAB
IP 37.157.4.28:0
GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1355488639&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_0F3F401F7F0A461DB69D38AFE2B71DAB HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 104.22.30.168:0
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366826
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430eaf1fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/search.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/search.svg
IP 104.22.30.168:0
GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366826
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430faf5fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mastercard--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mastercard--white.svg
IP 104.22.30.168:0
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 32366827
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984310b0afab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-phone-badge-new.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mega-phone-badge-new.svg
IP 104.22.30.168:0
GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 27604246
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984317b58fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ungroudonchan.com/4/4598789?ymid=Kmt8p3KT7dupDLXC4BHV6C&var=074b5bba-80ab-4a33-86df-edbd736e35eb
139.45.197.238200 OK 0 B URL HTTP/2 ungroudonchan.com/4/4598789?ymid=Kmt8p3KT7dupDLXC4BHV6C&var=074b5bba-80ab-4a33-86df-edbd736e35eb
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /4/4598789?ymid=Kmt8p3KT7dupDLXC4BHV6C&var=074b5bba-80ab-4a33-86df-edbd736e35eb HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: text/html; charset=utf8
x-trace-id: e639053d687e28e29f71b9af283161c3
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=9ca8c4047faf41cdac93ab06d7a2772d; expires=Sat, 02 Sep 2023 22:00:02 GMT; path=/; secure; SameSite=None
oaidts=1662156002; expires=Sat, 02 Sep 2023 22:00:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=937392460848&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_0F3F401F7F0A461DB69D38AFE2B71DAB
37.157.4.28302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=937392460848&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_0F3F401F7F0A461DB69D38AFE2B71DAB
IP 37.157.4.28:0
GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=937392460848&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_0F3F401F7F0A461DB69D38AFE2B71DAB HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=937392460848&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_0F3F401F7F0A461DB69D38AFE2B71DAB
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sun, 02-Oct-2022 22:00:03 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/js/index.f6004837.js
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/js/index.f6004837.js
IP 104.22.30.168:0
GET /js/index.f6004837.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:02 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-160eb4"
expires: Thu, 25 Aug 2022 14:39:00 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4313
server: cloudflare
cf-ray: 74498429dcfffab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 104.22.30.168:0
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7435022
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984302a3ffab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 104.22.30.168:0
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:03 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16091698
vary: Accept-Encoding
server: cloudflare
cf-ray: 74498430aac6fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/gambleaware18.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/gambleaware18.svg
IP 104.22.30.168:0
GET /img/icons/gambleaware18.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.201937559.1662156002; _gid=GA1.2.285554575.1662156002; _gat_UA-143790984-2=1; btag=656126_0F3F401F7F0A461DB69D38AFE2B71DAB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 22:00:04 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-537"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7596089
vary: Accept-Encoding
server: cloudflare
cf-ray: 744984319b6ffab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2