| eu.gotbstgifts.click/za/i13s22/telkom/ | 164.92.232.111 | 302 Found | 0 B |
URL HTTP/1.1eu.gotbstgifts.click/za/i13s22/telkom/ IP164.92.232.111:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /za/i13s22/telkom/ HTTP/1.1
Host: eu.gotbstgifts.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 09:08:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash91dd975a7b17b2922dd23c0e49314e40 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 08:14:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u9-xp3HlUOxPOnJBMyioqclr2gKROQIohAapVOZ2bT9y9Fadrlh80g==
Age: 3290
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12441
Expires: Tue, 13 Sep 2022 12:36:19 GMT
Date: Tue, 13 Sep 2022 09:08:58 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.110 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.110:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: h6pis12-k6n7X0-70o6acIIvF4AjEHZPnG7pxj8TEZ8u7iAFOrbQyw==
age: 16425
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:08:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfa6e7bfb3729cfe558ebf9b1c2a2e3aa 9c834bc97568d36fb8c383ac71fc294e38976634 2f6553574cdf2944b6abb09c26493146bea795b3ad97ec32f78095973b7813e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F6553574CDF2944B6ABB09C26493146BEA795B3AD97EC32F78095973B7813E7"
Last-Modified: Sun, 11 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15152
Expires: Tue, 13 Sep 2022 13:21:31 GMT
Date: Tue, 13 Sep 2022 09:08:59 GMT
Connection: keep-alive
|
|
| 7ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3 | 3.70.16.242 | 302 Found | 260 B |
URL HTTP/27ktpj.bemobtrcks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3 IP3.70.16.242:0
File typeHTML document, ASCII text, with no line terminators Hash1159bc3eb480f44bb70d0d7bd8e041d8 b8e9ca8b779a76e7e97c21c3818b9699557713fd 2507411fda25b0bc7a159dfa302213654645f64be9fcd22b32fecb94b2ca8455
GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3 HTTP/1.1
Host: 7ktpj.bemobtrcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: openresty
date: Tue, 13 Sep 2022 09:08:59 GMT
content-type: text/html; charset=utf-8
content-length: 260
access-control-allow-origin: *
location: https://ungroudonchan.com/4/4598789?ymid=PDHzj5mxu4SSkiNJbTrjyy&var=074b5bba-80ab-4a33-86df-edbd736e35eb
set-cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 14 Sep 2022 09:08:59 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:bcad9fbed5d562e339b2ddf45707a26c=0-0-10; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 14 Sep 2022 09:08:59 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=PDHzj5mxu4SSkiNJbTrjyy; Domain=7ktpj.bemobtrcks.com; Path=/; Expires=Wed, 14 Sep 2022 09:08:59 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 8.179ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdca3dda51028f2239eb7065285c06f48 3e5556b72e9a24dcb99859d58a7aad8930407b6d 0b152d379d8455b2f85e959c3c27099b069817897d273dc947c58f8dc91d22fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B152D379D8455B2F85E959C3C27099B069817897D273DC947C58F8DC91D22FB"
Last-Modified: Mon, 12 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6272
Expires: Tue, 13 Sep 2022 10:53:31 GMT
Date: Tue, 13 Sep 2022 09:08:59 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 09:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VWAnzq7kAfD0axMY5fpNmyzhrUC26NW-WPDNlS-eO-1Kv4JeXZVAyQ==
Age: 337
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe96dbe1b54932c8f447bbbfc9d31cfb0 b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3084
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:08:59 GMT
Last-Modified: Tue, 13 Sep 2022 08:17:35 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| ungroudonchan.com/favicon.ico | 139.45.197.238 | 204 No Content | 0 B |
URL HTTP/2ungroudonchan.com/favicon.ico IP139.45.197.238:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=1272232765424a36a435fedb7b20b855; oaidts=1663060139
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 09:08:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash5f69b3d44c5da67ed0ae74f40f22e2d9 331ee23579d1d97ae703f57c5d9a55e3c013e8c8 1a83fea4e8063a8e472809cf80aeff52276fc1d09097bea6a1e3eadcff3a36ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A83FEA4E8063A8E472809CF80AEFF52276FC1D09097BEA6A1E3EADCFF3A36ED"
Last-Modified: Sun, 11 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4952
Expires: Tue, 13 Sep 2022 10:31:31 GMT
Date: Tue, 13 Sep 2022 09:08:59 GMT
Connection: keep-alive
|
|
| eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593479839982559362&subid1=4598789&cost=0.000205&rdk=rk1 | 157.90.33.71 | 302 Found | 0 B |
URL HTTP/2eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593479839982559362&subid1=4598789&cost=0.000205&rdk=rk1 IP157.90.33.71:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593479839982559362&subid1=4598789&cost=0.000205&rdk=rk1 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 09:08:59 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop
set-cookie: rauid=d0dPZ4sjT8GjKfHy2RAfUA; expires=Wed, 13 Sep 2023 09:08:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop | 35.227.234.222 | 302 Found | 0 B |
URL HTTP/1.135.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop IP35.227.234.222:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=643178&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 13 Sep 2022 09:08:59 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash41f9179e59a25f47d57ee44aedba74e7 0fc36a87fcedb98f3748739cc0718470de2f59c2 b4a615e3b1606fa2e99cbfca9a7a7b93257ebcf5957c308cfbaf7f8d4f37415a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:08:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:21:26 GMT
Expires: Tue, 20 Sep 2022 01:21:25 GMT
Etag: "0fc36a87fcedb98f3748739cc0718470de2f59c2"
Cache-Control: max-age=576145,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749fbdd19fffb4f7-OSL
|
|
| my.rtmark.net/img.gif?f=merge&userId=1272232765424a36a435fedb7b20b855 | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=merge&userId=1272232765424a36a435fedb7b20b855 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=1272232765424a36a435fedb7b20b855 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1272232765424a36a435fedb7b20b855; expires=Wed, 13 Sep 2023 09:09:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575 | 95.101.11.169 | 301 Moved Permanently | 0 B |
URL HTTP/2media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575 IP95.101.11.169:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 13 Sep 2022 09:09:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 13 Sep 2022 09:09:00 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663060140048)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C202291399%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224350460%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Thu, 13-Sep-3021 09:09:00 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=50
X-Firefox-Spdy: h2
|
|
| www.megarush.com/fonts/Inter-ExtraBold.woff2 | 104.22.30.168 | 200 OK | 10 kB |
URL HTTP/2www.megarush.com/fonts/Inter-ExtraBold.woff2 IP104.22.30.168:0
File typeWeb Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data Hashd23da8f3e4e37a17c1d3ed7a1a11d429 9dda69da77b703d438db74468375685f6983625d a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: font/woff2
content-length: 10484
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4819
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdd46b70b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/fonts/DS-Digital.woff2 | 104.22.30.168 | 200 OK | 776 B |
URL HTTP/2www.megarush.com/fonts/DS-Digital.woff2 IP104.22.30.168:0
File typeWeb Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data Hash789f060683abdb5574a93bf59c7dd2e2 17b677d648dfdc9e290a25e8c137ebb0448c069b 375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: font/woff2
content-length: 776
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4819
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdd46b77b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/fonts/Inter-Regular.woff2 | 104.22.30.168 | 200 OK | 10 kB |
URL HTTP/2www.megarush.com/fonts/Inter-Regular.woff2 IP104.22.30.168:0
File typeWeb Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data Hash5ec57a5a91c67095e4a7e91ac375ffb1 23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9 9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: font/woff2
content-length: 10108
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 4819
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdd46b75b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF | 104.22.30.168 | 200 OK | 13 kB |
URL HTTP/2www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF IP104.22.30.168:0
Hashbcc1f5cf09a531aa9f1d636955f71b42 830c56121c936ec005396eb634667c4eacb9068e a858da3423d3f1b62272b06e348111bddbfbf04f7a36c5f65f4e232962e0cc61
GET /nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/html
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-x897j; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdd3eac2b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashec7a5bb8e310f5c9c992cf85832d5445 e32b8e200a79da9008985e8e6c272f35b02581c5 6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 34.210.107.213 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.107.213:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ro+HEv9l9Y+EhgmpgZfPdw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mQYcHSmOCC02O0GPPSdEkTuFAYI=
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 | 142.250.74.72 | 200 OK | 50 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP142.250.74.72:0
File typeASCII text, with very long lines (24751) Hashd0f007f6f50de07ad6cd4adcac05082d 59586d1e206dc4159ca87d33c967973ecb15b33e 8c52ce698f751b516ad6155c696213b1a79bbb5490aee3bb508f7dec2adc82cb
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 09:09:00 GMT
expires: Tue, 13 Sep 2022 09:09:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashec7a5bb8e310f5c9c992cf85832d5445 e32b8e200a79da9008985e8e6c272f35b02581c5 6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:09:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashda26f651bc209f3b54ecbd15eb4948aa 7e3abcd59308efe0e794fd425982253f7b3d7f00 659059f5c628f13791196390e33f7167186be936401ec81c74a6ff96bf97e188
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "659059F5C628F13791196390E33F7167186BE936401EC81C74A6FF96BF97E188"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12775
Expires: Tue, 13 Sep 2022 12:41:55 GMT
Date: Tue, 13 Sep 2022 09:09:00 GMT
Connection: keep-alive
|
|
| www.megarush.com/base.css | 104.22.30.168 | 200 OK | 1.7 kB |
URL HTTP/2www.megarush.com/base.css IP104.22.30.168:0
Hash0a05ddc76a8884d545d1b65185b708d5 f9b6258d4a4738453b3c3069bc36825ac5681f27 71ff718e00262c2e0703abe44ae37c01af50b05b325a7c39ab1440050987562b
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-f49"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
server: cloudflare
cf-ray: 749fbdd46b7ab50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/favicons/favicon-194x194.png | 104.22.30.168 | 200 OK | 12 kB |
URL HTTP/2www.megarush.com/favicons/favicon-194x194.png IP104.22.30.168:0
File typePNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data Hash3bc9ecb2b8d9e78d83d49da52c0292fc b13fda2aa7ff6d2d185a90dbe6446ad52f63d244 9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270283
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdd77860b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/favicons/favicon-16x16.png | 104.22.30.168 | 200 OK | 437 B |
URL HTTP/2www.megarush.com/favicons/favicon-16x16.png IP104.22.30.168:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Hash914b291e561aafc860f86bc23c4065f1 b47bda2b8d530bbaead0fbcba219ac18247d1410 08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6103724
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdd77861b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/js/index.f6004837.js | 104.22.30.168 | 200 OK | 300 kB |
URL HTTP/2www.megarush.com/js/index.f6004837.js IP104.22.30.168:0
Size300 kB (300219 bytes) Hash09c5bb8b70dac5c5e53fac72f979d5da 2e03a21d23959db24b99abd601487f9cfd617134 68474299ef8cb2f60bb565c159fc98cd04402e0cc9a0028fb9bf2cb5f05a3661
GET /js/index.f6004837.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-160eb4"
expires: Sun, 11 Sep 2022 11:14:38 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
server: cloudflare
cf-ray: 749fbdd47b8eb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/index.30053c2cd5717880348c.css | 104.22.30.168 | 200 OK | 53 kB |
URL HTTP/2www.megarush.com/index.30053c2cd5717880348c.css IP104.22.30.168:0
File typeASCII text, with very long lines (65536), with no line terminators Hash4adf219c1242bb4bf04e3e9964122d08 6907854554789ca6563e9e9827be194f98b4f4a9 8a10d5e451abfff220eb73556bab7ed3a095ef3e74e4c034f034f84eeaaaf16a
GET /index.30053c2cd5717880348c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228336
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-37bf0"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
server: cloudflare
cf-ray: 749fbdd46b7eb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8 | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8 IP142.250.74.3:0
Hash0ad0e670df353a9091c793369afad541 80c406d784d01c4ed3d919c61c69d9976631a196 c2d010e832a24cd373f57bd0c5369e7b971791cfe37af498a5d8fe289bfa304a
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:09:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash056408ac2b9ef4e1962ef2c200052e0c bdab943160cb86bc1b50cfb20e3dab253c701d31 162c44e93beb69a7964d139520b8cfa2a7fc5864e04ccb4a866e1915361303af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:09:00 GMT
Last-Modified: Tue, 13 Sep 2022 07:59:25 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| edge.fullstory.com/s/fs.js | 35.201.112.186 | 200 OK | 63 kB |
URL HTTP/2edge.fullstory.com/s/fs.js IP35.201.112.186:0
File typeASCII text, with very long lines (65410) Hash5236e609e3c53efc1950e159bd75152a ffc06f27aece0dea5a822deb1bbd5924f57ea454 92efe0c78c6fb028844d7ea839d2223d1bbf579fda99f8ba156d876c69a18a14
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtUrGTBJUhvqCWaDZDYE_0CRyDP4d7xr3T-vAbcfCKc6Ob20PoVS03eXhmthjQx13SBLCc3Ri5MLdpCSHOTUn5o
x-goog-generation: 1661954446968697
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62596
content-encoding: br
x-goog-hash: crc32c=uai+sA==, md5=UjbmCePFPvwZUOFZvXUVKg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62596
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 13 Sep 2022 08:17:54 GMT
expires: Tue, 13 Sep 2022 09:17:54 GMT
cache-control: public, max-age=3600,no-transform
age: 3066
last-modified: Wed, 31 Aug 2022 14:00:47 GMT
etag: "5236e609e3c53efc1950e159bd75152a"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8 | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8 IP142.250.74.3:0
Hash0ad0e670df353a9091c793369afad541 80c406d784d01c4ed3d919c61c69d9976631a196 c2d010e832a24cd373f57bd0c5369e7b971791cfe37af498a5d8fe289bfa304a
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:09:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6320489f30e12b72274620b1 | 172.64.149.99 | 101 Switching Protocols | 0 B |
URL HTTP/1.1megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6320489f30e12b72274620b1 IP172.64.149.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=6320489f30e12b72274620b1 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WfZqwKbFpbEeC1DU9ZJ8Yw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 13 Sep 2022 09:09:00 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: YH1vIlcU6HjzAMZr/fd44eVf9l0=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=baea5d0bac51a12bb7747df6f6519f4c; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749fbdd7d924b4f4-OSL
|
|
| megalotto-static.gigmagic.io/translations/no.json | 104.18.38.157 | 200 OK | 75 kB |
URL HTTP/2megalotto-static.gigmagic.io/translations/no.json IP104.18.38.157:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators Hashc65c57dc0700025bf90a1adde1aff75b 32292b13109ae3c175acc85eb5c042e3433f2cbb 4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdd88b620afa-OSL
X-Firefox-Spdy: h2
|
|
| track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF | 37.157.4.28 | 200 OK | 388 B |
URL HTTP/2track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF IP37.157.4.28:0
File typeASCII text, with CRLF line terminators Hashcc52dc3ae043373db0aabbd9e8818abd 83e61d1c7b6941d8553c706cde4817d1491c74ca 3b5d8864ddfe8f568571c58d7a11832b2eec06921eb49b093c9ed38906429dcb
GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 388
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-2-4.png | 104.22.30.168 | 200 OK | 786 B |
URL HTTP/2www.megarush.com/img/home-page/coin-2-4.png IP104.22.30.168:0
File typePNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data Hashdca8df1b0d982ac3fbbc6c0b506cc0f2 392422815633ebaf9eef022677f0b73e1352ae66 a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30045537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda5d31b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-3-3.png | 104.22.30.168 | 200 OK | 1.8 kB |
URL HTTP/2www.megarush.com/img/home-page/coin-3-3.png IP104.22.30.168:0
File typePNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data Hashfbdad22b02cf9a7a23c2f0553b1459e7 b64101b18924eba076f35318cce3e8a8bdec28b0 7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8506526
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda5d39b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-3-2.png | 104.22.30.168 | 200 OK | 2.2 kB |
URL HTTP/2www.megarush.com/img/home-page/coin-3-2.png IP104.22.30.168:0
File typePNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data Hashc90348c562ec643acfbdf36d973d8326 90c07f0c13fd06f043d36c223eb9afaa34abdf7c 68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6102763
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda5d35b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/mega-jackpots.png | 104.22.30.168 | 200 OK | 64 kB |
URL HTTP/2www.megarush.com/img/home-page/mega-jackpots.png IP104.22.30.168:0
File typePNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data Hashb4342b052aabdba3960a5b2b5c7e519a aebc2a2c7be9d8d2895694af3fde7674affef4c2 d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8500067
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda7d5eb50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-1-1.png | 104.22.30.168 | 200 OK | 4.3 kB |
URL HTTP/2www.megarush.com/img/home-page/coin-1-1.png IP104.22.30.168:0
File typePNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data Hash214e2f889379dcba70bace5878068150 d6873dae324b9fd44a70e73f20dc9eb81253a7ae bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30045537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda7d68b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-2-1.png | 104.22.30.168 | 200 OK | 3.5 kB |
URL HTTP/2www.megarush.com/img/home-page/coin-2-1.png IP104.22.30.168:0
File typePNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data Hash09e800f81a52a109cbf3a8b2f8e727bf d44509cdbddce4991b70f10276c47786e9993d0b 8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30045537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda7d6bb50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/coin-2-2.png | 104.22.30.168 | 200 OK | 2.6 kB |
URL HTTP/2www.megarush.com/img/home-page/coin-2-2.png IP104.22.30.168:0
File typePNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data Hashbba9175cb7f05129ab03029f757b73ec 3efab582d082e5eb7f9ad9106f564c6f95e1fcc0 5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7
GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8502369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda7d6cb50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/netent.svg | 104.22.30.168 | 200 OK | 5.1 kB |
URL HTTP/2www.megarush.com/img/icons/netent.svg IP104.22.30.168:0
Hash3a5ebdb3c27e24cc788f09d8ca313ee7 bd8f133a857694ec2ff719799d1d553f9e8faedc 2265090946ff7603163c250833cfaf64365274fc972ea58d65d02c0d7f1bd476
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8507807
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda6d49b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/relaxGaming.svg | 104.22.30.168 | 200 OK | 24 kB |
URL HTTP/2www.megarush.com/img/icons/relaxGaming.svg IP104.22.30.168:0
Hash5bb968bfe72e9e26155dbc32c2bede58 39b4e058c716a17382c7cec9410a2eb27ba742e3 6fcb85b7703b937704272e3a4c3481a16768f0695b9f3443569a4c1151b1891b
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6102763
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda6d48b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/benefits/megaclub.png | 104.22.30.168 | 200 OK | 11 kB |
URL HTTP/2www.megarush.com/img/benefits/megaclub.png IP104.22.30.168:0
File typePNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data Hash6a13cb2219f5d42d2a9c95d9104ef8b2 7fcbf688a27942e5fc89d5796144c17095336a41 02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1727347
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda8d85b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/feel-the-rush.png | 104.22.30.168 | 200 OK | 49 kB |
URL HTTP/2www.megarush.com/img/home-page/feel-the-rush.png IP104.22.30.168:0
File typePNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data Hash141c6d0e374b086cf1d604173cb607c8 9e5531e6e26ad4cb621dd35d9521b167ce99ca53 c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30045537
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda8d8bb50c-OSL
X-Firefox-Spdy: h2
|
|
| megalotto-api.gigmagic.io/igc/megalotto/games/jackpots | 104.18.38.157 | 200 OK | 2 B |
URL HTTP/2megalotto-api.gigmagic.io/igc/megalotto/games/jackpots IP104.18.38.157:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=baea5d0bac51a12bb7747df6f6519f4c; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdda1d170afa-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/benefits/loyalty.png | 104.22.30.168 | 200 OK | 9.7 kB |
URL HTTP/2www.megarush.com/img/benefits/loyalty.png IP104.22.30.168:0
File typePNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data Hashdf4d6dc1ebb3bbbace8d15ec77486d46 287e7185a17258c716cbf616aa95287c0db255a9 a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8502369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda8d82b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/affiliates/norges-casino.png | 104.22.30.168 | 200 OK | 12 kB |
URL HTTP/2www.megarush.com/img/affiliates/norges-casino.png IP104.22.30.168:0
File typePNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data Hash453efb7650d4c514229ddc7cb4b5d04f f00e51876a720516521db90908019e5ccebe0397 d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270965
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddaadc7b50c-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/affiliates/online-gamblers.png | 104.22.30.168 | 200 OK | 14 kB |
URL HTTP/2www.megarush.com/img/affiliates/online-gamblers.png IP104.22.30.168:0
File typePNG image data, 800 x 104, 8-bit/color RGBA, non-interlaced\012- data Hash9c612bb3dbe37436b86ec881eecb90c4 45722b1f16d3b61f2803fa3bb78403414bd3a442 e92c2f751a6eddbd489bf745193c6af18af7d1f270396f0a0d40efc778c5672c
GET /img/affiliates/online-gamblers.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 14178
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-3762"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270965
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddaadc3b50c-OSL
X-Firefox-Spdy: h2
|
|
| megalotto-api.gigmagic.io/igc/megalotto/promotions/filter | 104.18.38.157 | 200 OK | 2 B |
URL HTTP/2megalotto-api.gigmagic.io/igc/megalotto/promotions/filter IP104.18.38.157:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=37cd76cd7b4434682f3f2d1b20ad6cb2; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdda4d450afa-OSL
X-Firefox-Spdy: h2
|
|
| megalotto-static.gigmagic.io/games/no_NO.json | 104.18.38.157 | 200 OK | 714 kB |
URL HTTP/2megalotto-static.gigmagic.io/games/no_NO.json IP104.18.38.157:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size714 kB (714008 bytes) Hash2b8d7eb8d9f56918e231833888a022c4 38aa421f60d49dc4f204d473c435e34529e2e9e8 b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdda1d080afa-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10571
Expires: Tue, 13 Sep 2022 12:05:12 GMT
Date: Tue, 13 Sep 2022 09:09:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10571
Expires: Tue, 13 Sep 2022 12:05:12 GMT
Date: Tue, 13 Sep 2022 09:09:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10571
Expires: Tue, 13 Sep 2022 12:05:12 GMT
Date: Tue, 13 Sep 2022 09:09:01 GMT
Connection: keep-alive
|
|
| megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png | 172.64.149.99 | 206 Partial Content | 17 kB |
URL HTTP/2megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png IP172.64.149.99:0
Hash1ded7e89d0078395557c29e6cebc5884 1ad732c4af9a4e1c934802a45ab057a1a2093882 29c3882e2b8c51d4bc7343f41d97bdcfd62f19baaa6a54f2eab9ccd02d3e8a08
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Range: bytes=13231-
If-Range: Tue, 06 Sep 2022 09:45:02 GMT
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/avif
content-length: 17413
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000
x-imgix-id: 66cd5b3423986c504740641be9f0a18ddd2feace
x-imgix-render-farm: 01.1072
age: 602638
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-ams12779-AMS
x-cache: MISS, HIT
vary: Accept, User-Agent
content-range: bytes 13231-30643/30644
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbddb18a9b4fd-OSL
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashed996f863e0d0dcce9e48acb79fd6827 af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5 57ea1317d878e2727fd8b0f3823e6f14053c7d1d16c5e1872b23a510ab1efdd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6530
x-amzn-requestid: dd634daa-0aee-4859-a956-c54d5eecf1be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSKEyHGlIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d8a1e-51f715224318bfcf76d1c3ab;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:11:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HMJgr4Kw1vyxFSbLpWcgarqHbVD3E8hPdFNFRzpwW4MqzV30mQyKog==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 17:39:46 GMT
age: 55755
etag: "af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg | 34.120.237.76 | 200 OK | 2.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash96d4d68111565e0e9d942cb22e3e4e93 5955dc0e311eca9988970d55d222bb77a7552fec 294fe6fa82e831192a0b16e1b2b1e57ac4ff082709a31ef52cc9c8586b9a4906
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d1f9060c-585c-4ac8-bc60-2b3a2c80ee65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXb4DGKToAMFfog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa699-3522d608453b1c6374e4a94e;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8mpzgCJSACJcuNdIy6YE8iH1n_OjyEs0cV7qjQbfg42w3nQHw5SOA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:18 GMT
age: 40243
etag: "5955dc0e311eca9988970d55d222bb77a7552fec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8b9c6d44f93a72d6c03ebcfadda1a48a f6100190de6244ae74b6c1250b997749a381ed89 4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 37514c84-b67c-4401-a1bf-580437355fcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRYy7G_joAMFl5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d3b45-72b73b6172fe5aa34e368e66;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 01:35:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5B-ItCBBt8qViPlzDbWtyYNZc1Xxor5nXrn3KgxPiyIhM0dDH-htUw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 16:14:57 GMT
age: 60844
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash30cec409792503d3d6aa6f2f0d3f88da 5356b0f4f09626d23a16c950143a76f2e3dbff69 22c9ce5a29779a9851f305a7c386d758f1e2a186941be29961cf7fe5053571ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7831
x-amzn-requestid: 65494896-277e-420e-9697-3b0fe44ca01f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XtmBUHmZIAMFc0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630eea08-17755f842fb9aff80aae3124;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 04:56:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qhuq_KUvFJeRPGpKxHE8-ULZ0ep0nUhoOsLfsX6q7cAeOY9oiTOv2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:22:48 GMT
age: 38773
etag: "5356b0f4f09626d23a16c950143a76f2e3dbff69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1b3f38b1294f2f10537cba5a856ed04a 2a6c1f297d97f4248d77eba6736b4d937bda582b 9c8de94c3cb87a1a2c967b010c715387bbc09fa92dd67bab988d367603a0cece
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12838
x-amzn-requestid: ad4ebca9-e16d-4fce-ab16-b3b3477c8c06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3rT7H86IAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312f27f-5bf5c45d6c2be4973f0f946a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 06:21:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZUZYqEL7KdWTjmN6XIGvMNeSYtsdUXdJ_ayHA484X8GJNljI4lRDQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 10:10:55 GMT
age: 82686
etag: "2a6c1f297d97f4248d77eba6736b4d937bda582b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9d97e56f75165efcc71ae54952ded405 28d47359e70789115b2954b6c94711bb783b3c8c 564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 14:04:33 GMT
age: 75156
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/jeton--white.svg | 104.22.30.168 | 200 OK | 3.2 kB |
URL HTTP/2www.megarush.com/img/icons/jeton--white.svg IP104.22.30.168:0
Hash6ec0f4690778964757cf9123177cc2c6 c3ea044ef4dcce62689d8c029b0eef398589c36b 676af652cbcea6cb2bf609b2ddf524bf74584d6199882f1e798c81a91d4ef70c
GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8506526
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb8f07b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/mega-bolt-badge-new.svg | 104.22.30.168 | 200 OK | 1.2 kB |
URL HTTP/2www.megarush.com/img/icons/mega-bolt-badge-new.svg IP104.22.30.168:0
Hashc63e914083dc8b2a1d3b64fdc0448528 088d5e20009d249f14bea9db3c61fc134f5869b2 7063993798cebcdcfb9794acdc54054800f039c207432d6bc6375cf2ef63a321
GET /img/icons/mega-bolt-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: W/"62fb8b56-655"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1769841
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb9f21b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/mastercard--white.svg | 104.22.30.168 | 200 OK | 5.2 kB |
URL HTTP/2www.megarush.com/img/icons/mastercard--white.svg IP104.22.30.168:0
Hashfad611a2984d6012fbcf51ff8b46ff6c 79aa7f9a74e02c0e5f33307c0dd098130e6d0c41 5e5618fdc73a5fd6cdfe860eda8a019f3a965bfbf7f02b58c03e2c0dc99fda23
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270964
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb7ef6b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/visa--white.svg | 104.22.30.168 | 200 OK | 36 kB |
URL HTTP/2www.megarush.com/img/icons/visa--white.svg IP104.22.30.168:0
Hash78c9b90aeb7a00412134115f13713de1 f17e9e13622ce332f457e4e3543671a481459e4a 07b52dc2a6c97ed8c02a903a6ea50f45ed98b2d9ba36b1e42554115ae4c8a803
GET /img/icons/visa--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-279"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270964
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb6ec8b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/smoke-2.png | 104.22.30.168 | 200 OK | 75 kB |
URL HTTP/2www.megarush.com/img/home-page/smoke-2.png IP104.22.30.168:0
File typePNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data Hashb52d54230805a82ccdbc1484c6bde4aa 73fcb683ec6b5598a0b89138843c479d5f479fe0 97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade
GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8506526
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddc9870b50c-OSL
X-Firefox-Spdy: h2
|
|
| megalotto-api.gigmagic.io/igc/megalotto/promotions/filter | 104.18.38.157 | 200 OK | 56 kB |
URL HTTP/2megalotto-api.gigmagic.io/igc/megalotto/promotions/filter IP104.18.38.157:0
Hash8d0fa3cb435c30b312ce8b901995b112 2fe6d6187f3418080abcc68fd8f6c00404927e9e 68664c5e7cfb47841af3d4a5eb1dcb838bfc3f168044a777628a5ebd97af7003
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6320489f30e12b72274620b1
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=37cd76cd7b4434682f3f2d1b20ad6cb2; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbddacdb00afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png | 172.64.149.99 | 200 OK | 84 kB |
URL HTTP/2megalotto-img.gigmagic.io/promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png IP172.64.149.99:0
File typeISO Media, AVIF Image\012- data Hashbedc100c06fb83e57bdb6d2f42747b20 833f812570395944549808e657831b895ef6409e b78a93d52e444df6bcee282606786244c12597d8483004fb48d5af83672781d1
GET /promos/img/gamebar-overflow.png?w=1490&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Cookie: e7105a0137896fd7032010d42344fdb4=1b3a24f4123fe071faad6589460b775b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/avif
content-length: 83745
last-modified: Mon, 12 Sep 2022 22:56:53 GMT
cache-control: public, max-age=31536000
x-imgix-id: 5600ea53cb2bd76c49069c9948d9eafca3a48e23
x-imgix-render-farm: 01.560
age: 36728
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10061-SJC, cache-ams12720-AMS
x-cache: HIT, HIT
vary: Accept, User-Agent
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbddc8aa7b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/grid-new-2.svg | 104.22.30.168 | 200 OK | 66 kB |
URL HTTP/2www.megarush.com/img/home-page/grid-new-2.svg IP104.22.30.168:0
Hash71ec1e315684afb20123f31644a6fbe2 301cdfd2adbbfe3d6f06924f5dc2f48e71242ee6 9ca555f9df9b9f0a4c003ef8930bc7ea052568e08947d1701b576be20ef9d814
GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28507473
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddc9883b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css | 151.101.86.249 | 200 OK | 3.5 kB |
URL HTTP/1.1open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css IP151.101.86.249:0
File typeASCII text, with very long lines (23516), with no line terminators Hash9d04a5c053836e9cdaaed792e0e6a744 95a0d88c66706407a87daf0b82296ef68ea01444 7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c
GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:01 GMT
Age: 4314786
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1629-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 268
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
|
|
| www.megarush.com/img/icons/mega-clock-badge-new.svg | 104.22.30.168 | 200 OK | 2.2 kB |
URL HTTP/2www.megarush.com/img/icons/mega-clock-badge-new.svg IP104.22.30.168:0
Hash677c13d784c8a966b5f0eb4c3bb91075 b53c933399838c02efd281b7c10f6fb41c61b124 b972e656fa220c9e35a7e273ad426f941874ce23449a1741279605b64d8efb06
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8495850
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddbaf2ab50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.e7f25bcd.js | 151.101.86.249 | 200 OK | 127 kB |
URL HTTP/1.1open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.e7f25bcd.js IP151.101.86.249:0
File typeASCII text, with very long lines (65536), with no line terminators Size127 kB (127248 bytes) Hash2a24a66e070653317082f4997290a02c 0268aa62cd63c318e7eba160e5722c8ca64d2066 d2e50333891706642f7dde66ef1e237807a33db6daff98fb071bdab8ecacc23f
GET /cdn/build/embed-legacy/embed-legacy.e7f25bcd.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 127248
Last-Modified: Tue, 13 Sep 2022 08:26:26 GMT
ETag: "2a24a66e070653317082f4997290a02c"
x-goog-generation: 1663057586817698
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 127248
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:01 GMT
Age: 2312
X-Served-By: cache-chi-kigq8000087-CHI, cache-bma1661-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 64
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
|
|
| open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.ebfd0cf1.js | 151.101.86.249 | 200 OK | 220 kB |
URL HTTP/1.1open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.ebfd0cf1.js IP151.101.86.249:0
File typeASCII text, with very long lines (65536), with no line terminators Size220 kB (219711 bytes) Hashddb7bd0014222f421c9d8d52d35908e2 d42fdcf2868c5e651196731a77b85fedc7b1f714 c2c42790e561fbc29ce1946fc6804fe7a2c36d221e32f1b0044058a1bfb89289
GET /cdn/build/embed-legacy/vendor~embed-legacy.ebfd0cf1.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 219711
Last-Modified: Mon, 12 Sep 2022 15:16:56 GMT
ETag: "ddb7bd0014222f421c9d8d52d35908e2"
x-goog-generation: 1662995816341718
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 219711
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:01 GMT
Age: 63984
X-Served-By: cache-chi-klot8100146-CHI, cache-bma1627-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 486
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
|
|
| rs.fullstory.com/rec/page | 35.186.194.58 | 202 Accepted | 76 B |
URL HTTP/2rs.fullstory.com/rec/page IP35.186.194.58:0
File typeJSON data\012- , ASCII text Hash483ffa09cea154d304956a80f8b6b0cc 8c4675aeda7de53c381d4027ac239f0ea83a82ca 39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 351
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Tue, 13 Sep 2022 09:09:01 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb963fc2d831fc262da1e041b20f773a0 f452051f30b022d26f99db1a09fb498ab54e0081 6574e9ec05448374d9de230d8e087aa995cff37304c1ea7bbd1744b893a59fd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6574E9EC05448374D9DE230D8E087AA995CFF37304C1EA7BBD1744B893A59FD0"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5386
Expires: Tue, 13 Sep 2022 10:38:47 GMT
Date: Tue, 13 Sep 2022 09:09:01 GMT
Connection: keep-alive
|
|
| track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1066400422&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6BCA38F78C942EB8A3C464EEDFA71FF | 37.157.4.28 | 200 OK | 1.3 kB |
URL HTTP/2track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1066400422&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6BCA38F78C942EB8A3C464EEDFA71FF IP37.157.4.28:0
Hashc29e98109000bfa1b04b3b3f551583ad 4efa134788cddc9f31750af8103c7c30ce3c1efb d7356e757f93efca02e5ff78d03db70c69bcf6dbee53d9ea2173c7b3bc8e0c7d
GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1066400422&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_D6BCA38F78C942EB8A3C464EEDFA71FF HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashf78fdba5286e63e70b20cc4f3d00a731 135db6d1a2fbb8d34cb52b808b9f1fe886f53830 3034b2d96216630967d442284c35270cd294bd33530ceb94a748aee9e36a28e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3034B2D96216630967D442284C35270CD294BD33530CEB94A748AEE9E36A28E6"
Last-Modified: Sun, 11 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6473
Expires: Tue, 13 Sep 2022 10:56:55 GMT
Date: Tue, 13 Sep 2022 09:09:02 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashf78fdba5286e63e70b20cc4f3d00a731 135db6d1a2fbb8d34cb52b808b9f1fe886f53830 3034b2d96216630967d442284c35270cd294bd33530ceb94a748aee9e36a28e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3034B2D96216630967D442284C35270CD294BD33530CEB94A748AEE9E36A28E6"
Last-Modified: Sun, 11 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6473
Expires: Tue, 13 Sep 2022 10:56:55 GMT
Date: Tue, 13 Sep 2022 09:09:02 GMT
Connection: keep-alive
|
|
| graphql.datocms.com/ | 172.67.11.48 | 200 OK | 0 B |
IP172.67.11.48:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:02 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.megarush.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 749fbde118a30b65-OSL
X-Firefox-Spdy: h2
|
|
| apresolve.spotify.com/?type=dealer&type=spclient | 34.98.74.57 | 200 OK | 113 B |
URL HTTP/2apresolve.spotify.com/?type=dealer&type=spclient IP34.98.74.57:0
File typeJSON data\012- , ASCII text, with no line terminators Hashbc6a17f52e28c449b11ceacf6d945ae5 c198d0ba93c502dec21f9f8837287a38db9a0e36 bba749c25e672adadaf9917aa0d4cdb75d90c6e5afb451682b6e66f6a2b4740f
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 113
date: Tue, 13 Sep 2022 09:09:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js | 143.204.55.84 | 200 OK | 271 B |
URL HTTP/2rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP143.204.55.84:0
Hash34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Tue, 13 Sep 2022 08:09:45 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZMkN3Jvzt84O5aAWoOpbFI_Tyj-1QcwUIho2bpG26JV2HiX8NMbx0g==
age: 3570
X-Firefox-Spdy: h2
|
|
| encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 | 151.101.86.248 | 200 OK | 90 kB |
URL HTTP/1.1encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 IP151.101.86.248:0
Hashfe1cfc14b7498b187c78fa72fb72d148 6bec8ce832951162e0ebc4b257e3ee850fe7aade 039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:02 GMT
Age: 138163
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1647-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
|
|
| encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 | 151.101.86.248 | 200 OK | 84 kB |
URL HTTP/1.1encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 IP151.101.86.248:0
Hash4eaffdf96f4c6f984686e93d5d9cb325 8c576f620ae00a66282d8eb10dc2eb580888aaf1 9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
GET /fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 84088
Last-Modified: Fri, 13 May 2022 11:38:51 GMT
ETag: W/"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation: 1652441931211351
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 84027
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:02 GMT
Age: 1740028
X-Served-By: cache-chi-klot8100167-CHI, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 10
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
|
|
| i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 | 151.101.86.248 | 200 OK | 131 kB |
URL HTTP/1.1i.scdn.co/image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 IP151.101.86.248:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data Size131 kB (130780 bytes) Hashccb11204819dd6617e4e1fba9eeb5a84 3f5233f01c8ce71ffddde8694d269ee834964b93 f3fa391ba021ceb98c27ff44f743db4d6a4073c0faf83ebf9f030d82bf4e6111
GET /image/ab67706c0000bebb2e3693913b1f8fbc514da7c8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 130780
Last-Modified: Fri, 30 Apr 2021 15:10:01 GMT
ETag: "ccb11204819dd6617e4e1fba9eeb5a84"
x-goog-generation: 1619795401707780
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 130780
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Tue, 13 Sep 2022 09:09:02 GMT
Age: 605201
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
|
|
| pxl.qccerttest.com/pixel?r=1314692023;fpan=1;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129709;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ogl= | 143.204.55.81 | 200 OK | 35 B |
URL HTTP/2pxl.qccerttest.com/pixel?r=1314692023;fpan=1;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129709;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ogl= IP143.204.55.81:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash55d25e9dc950d5db4d53a3b195c046c6 75e91ae3e549dab12ed1c9787ade9131aef1c981 a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=1314692023;fpan=1;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129709;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
date: Tue, 13 Sep 2022 02:11:32 GMT
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iDww4LrVaggxpL-GT7GGTpaQw29kV786D6-xlNIxjXydZq6XfQThSA==
age: 25051
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2
|
|
| pixel.quantserve.com/pixel;r=1970883901;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129711;tzo=0;ogl=;ses=a76f4320-d24d-419a-a5be-1297dfcf8170 | 91.228.74.159 | 200 OK | 35 B |
URL HTTP/2pixel.quantserve.com/pixel;r=1970883901;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129711;tzo=0;ogl=;ses=a76f4320-d24d-419a-a5be-1297dfcf8170 IP91.228.74.159:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash55d25e9dc950d5db4d53a3b195c046c6 75e91ae3e549dab12ed1c9787ade9131aef1c981 a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1970883901;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1066400422%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_D6BCA38F78C942EB8A3C464EEDFA71FF;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1601092494-1663060129709;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913074828;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663060129711;tzo=0;ogl=;ses=a76f4320-d24d-419a-a5be-1297dfcf8170 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:02 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632048ae-8b730-cff3f-fa15c; expires=Sat, 14-Oct-2023 09:09:02 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
|
|
| gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events | 35.186.224.17 | 200 OK | 0 B |
URL HTTP/2gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events IP35.186.224.17:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 13 Sep 2022 09:09:02 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events | 35.186.224.17 | 200 OK | 0 B |
URL HTTP/2gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events IP35.186.224.17:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Tue, 13 Sep 2022 09:09:02 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| megalotto-static.gigmagic.io/video/header-video-720p.webm | 104.18.38.157 | 206 Partial Content | 1.3 MB |
URL HTTP/2megalotto-static.gigmagic.io/video/header-video-720p.webm IP104.18.38.157:0
File typeWebM\012- EBML file, creator webmB\20\012- data Size1.3 MB (1336865 bytes) Hash63177b286fe4cb8a5431377710ad3715 e762daea246c011e634a226f6062a9a27a344f80 ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 13 Sep 2022 09:09:02 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Tue, 13 Sep 2022 13:09:02 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 749fbde29fe90afa-OSL
X-Firefox-Spdy: h2
|
|
| sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 | 35.188.42.15 | 200 OK | 2 B |
URL HTTP/1.1sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 IP35.188.42.15:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 09:09:02 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
|
|
| gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events | 35.186.224.17 | 200 OK | 39 B |
URL HTTP/2gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events IP35.186.224.17:0
File typeJSON data\012- , ASCII text, with no line terminators Hashf204785b49c504e43101096fd3a80e31 e92466090f918c8f9c11268c9d0027fe269a90b6 873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 13 Sep 2022 09:09:02 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events | 35.186.224.17 | 200 OK | 39 B |
URL HTTP/2gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events IP35.186.224.17:0
File typeJSON data\012- , ASCII text, with no line terminators Hashf204785b49c504e43101096fd3a80e31 e92466090f918c8f9c11268c9d0027fe269a90b6 873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Tue, 13 Sep 2022 09:09:02 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apresolve.spotify.com/?type=dealer&type=spclient | 34.98.74.57 | 200 OK | 110 B |
URL HTTP/2apresolve.spotify.com/?type=dealer&type=spclient IP34.98.74.57:0
File typeJSON data\012- , ASCII text, with no line terminators Hash864dc3475a6a3e5205565fd1823a5c09 53ff36e560b130f77c3fdd7d64be9ea8527e6a19 1f1ed976bba89f79645f74ab936454cdfdcf1a62443f165f447dd6024b4e8515
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Tue, 13 Sep 2022 09:09:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.megarush.com/chunk-vendors.76e8e4d0.css | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/chunk-vendors.76e8e4d0.css IP104.22.30.168:0
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-5f3"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
server: cloudflare
cf-ray: 749fbdd46b7db50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| scripts.mediamathrdrt.com/scripts/b_megarush.js | 172.67.170.210 | 200 OK | 0 B |
URL HTTP/2scripts.mediamathrdrt.com/scripts/b_megarush.js IP172.67.170.210:0
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 6cec99d9-44dd-47e4-a316-0b20c8172b27
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.005377
expires: 2022-08-14 09:09:00 UTC
x-powered-by: Phusion Passenger(R) 6.0.10
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Wvxpm588qafLpfUBKKMRTbv7wUqMl6Y8VRdsddBiSQ2iRJzN9fKxyAfcvQ0THc%2FXH%2FVK512ntvlnCFincphF%2Ft6lFMvGlEzEgieU7Pf6%2F5azPvvrFW0dyN4rMCAblMr%2FHE%2FTo0iufpXekcs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fbdd64b971c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/help-round.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/help-round.svg IP104.22.30.168:0
GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270964
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb4e88b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/logo.4c52d90d.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/logo.4c52d90d.svg IP104.22.30.168:0
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8502369
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddc9887b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/mga.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/mga.svg IP104.22.30.168:0
GET /img/icons/mga.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-74d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8506525
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddbcf4fb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/pragmaticPlay.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/pragmaticPlay.svg IP104.22.30.168:0
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8339160
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda6d55b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/casino--side-nav.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/casino--side-nav.svg IP104.22.30.168:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17018562
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb1e50b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/astropaycard--white.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/astropaycard--white.svg IP104.22.30.168:0
GET /img/icons/astropaycard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6103338
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb7ef7b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/payments.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/payments.svg IP104.22.30.168:0
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8506526
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb3e83b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/home-page/glows/purple-jackpot.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/home-page/glows/purple-jackpot.svg IP104.22.30.168:0
GET /img/home-page/glows/purple-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8479664
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddc9872b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/trustly--white.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/trustly--white.svg IP104.22.30.168:0
GET /img/icons/trustly--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-772"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8507807
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb7efcb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/js/chunk-vendors.8490e2f1.js | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/js/chunk-vendors.8490e2f1.js IP104.22.30.168:0
GET /js/chunk-vendors.8490e2f1.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-4f9e5"
expires: Sun, 11 Sep 2022 11:14:38 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1382
server: cloudflare
cf-ray: 749fbdd47b8bb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/games--flat.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/games--flat.svg IP104.22.30.168:0
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33270964
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb5ea9b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| graphql.datocms.com/ | 172.67.11.48 | 200 OK | 0 B |
IP172.67.11.48:0
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:02 GMT
content-type: application/json; charset=utf-8
cf-ray: 749fbde158db0b65-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 3039372
cache-control: no-store
content-encoding: gzip
etag: W/"8a069ed1bdcb8517251ab69433826adb"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 68
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 0ms
x-request-id: 0f274e57-e572-4252-8a11-69b9b51533b0
x-runtime: 0.073587
x-served-by: cache-dub4335-DUB, cache-bma1676-BMA
x-timer: S1663060142.325897,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ungroudonchan.com/4/4598789?ymid=PDHzj5mxu4SSkiNJbTrjyy&var=074b5bba-80ab-4a33-86df-edbd736e35eb | 139.45.197.238 | 200 OK | 0 B |
URL HTTP/2ungroudonchan.com/4/4598789?ymid=PDHzj5mxu4SSkiNJbTrjyy&var=074b5bba-80ab-4a33-86df-edbd736e35eb IP139.45.197.238:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /4/4598789?ymid=PDHzj5mxu4SSkiNJbTrjyy&var=074b5bba-80ab-4a33-86df-edbd736e35eb HTTP/1.1
Host: ungroudonchan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:08:59 GMT
content-type: text/html; charset=utf8
x-trace-id: 69ec003ae0e329c794cb5385994a41d2
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-credentials: true
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=1272232765424a36a435fedb7b20b855; expires=Wed, 13 Sep 2023 09:08:59 GMT; path=/; secure; SameSite=None
oaidts=1663060139; expires=Wed, 13 Sep 2023 09:08:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megalotto-api.gigmagic.io/igc/megalotto/games/jackpots | 104.18.38.157 | 200 OK | 0 B |
URL HTTP/2megalotto-api.gigmagic.io/igc/megalotto/games/jackpots IP104.18.38.157:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 6320489f30e12b72274620b1
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=5e4e526b31225b8d4c9bbe34aedc534e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbdda9d910afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/menu.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/menu.svg IP104.22.30.168:0
GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15277723
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb6ec6b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/service-worker.js | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/service-worker.js IP104.22.30.168:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:02 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
etag: W/"63078847-64d2"
expires: Tue, 13 Sep 2022 09:09:32 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749fbde4bba9b50c-OSL
X-Firefox-Spdy: h2
|
|
| track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF | 37.157.4.28 | 302 Found | 0 B |
URL HTTP/2track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF IP37.157.4.28:0
GET /Serving/TrackPoint/?pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=923967659680&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_D6BCA38F78C942EB8A3C464EEDFA71FF
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Thu, 13-Oct-2022 09:09:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/mega-phone-badge-new.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/mega-phone-badge-new.svg IP104.22.30.168:0
GET /img/icons/mega-phone-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-6b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28508383
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb9f22b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/mega-checked-badge-new.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/mega-checked-badge-new.svg IP104.22.30.168:0
GET /img/icons/mega-checked-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:01:21 GMT
etag: W/"616d45f1-66f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28508383
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb9f23b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/onlinedisputeresolution.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/onlinedisputeresolution.svg IP104.22.30.168:0
GET /img/icons/onlinedisputeresolution.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1a7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7752736
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddbcf57b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/loader.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/loader.svg IP104.22.30.168:0
GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33269857
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddc3fffb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s2.adform.net/banners/scripts/st/trackpoint-async.js | 37.157.6.235 | 200 OK | 0 B |
URL HTTP/2s2.adform.net/banners/scripts/st/trackpoint-async.js IP37.157.6.235:0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:09:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx0000000000000a0139b4f-0063204544-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/playAndGo.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/playAndGo.svg IP104.22.30.168:0
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30045368
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbdda6d47b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/megaclub--updated.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/megaclub--updated.svg IP104.22.30.168:0
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8508115
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb3e80b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megarush.com/img/icons/promotions--flat.svg | 104.22.30.168 | 200 OK | 0 B |
URL HTTP/2www.megarush.com/img/icons/promotions--flat.svg IP104.22.30.168:0
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.185212119.1663060128; _gid=GA1.2.433159474.1663060128; _gat_UA-143790984-2=1; btag=656126_D6BCA38F78C942EB8A3C464EEDFA71FF
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:09:01 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16995836
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fbddb5eacb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|