telecentrum.site/m/id/ppt1/
194.135.87.32302 Found 0 B URL HTTP/1.1 telecentrum.site/m/id/ppt1/
IP 194.135.87.32:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /m/id/ppt1/ HTTP/1.1
Host: telecentrum.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 23 Sep 2022 13:10:24 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ar2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gN0NbDlHdAJcYHm71PapaJg4EnKimX8Jy6QX_NYItJITk_eYm0p8pw==
Age: 3378
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7435
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 13:10:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e2mJzQZgRwbTJUffXW6F1HQePDrTp4LtuPRcnRhtlnKrqTteol9qbA==
age: 30911
X-Firefox-Spdy: h2
whampamp.com/4/5087048?var=ar2
139.45.197.236200 OK 7.1 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ar2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Hash 706c1e14a6a75fc2079cc16ae68e9fab
3a42615789fbf224272f96032d511f8f8cd0dccc
335424de8ffbeb084bd23834ea4d41d99b1e9e70c91ffc6c6368492d0f38a654
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ar2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 63f4e3476a6400f96fbdab3d22158293
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
oaidts=1663938625; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ar2
Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; oaidts=1663938625
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=536695,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f385396e49b506-OSL
my.rtmark.net/img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f29a678b472b135eeec39af31d5114dc
3081b9afbbad4b726fc48a7b78255ee1081b7135
0a1f4757bf58c7492ce995087886375fb50f0872e626b5bd5d8749cb13b5f95d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:52:35 GMT
Expires: Thu, 29 Sep 2022 16:52:34 GMT
Etag: "3081b9afbbad4b726fc48a7b78255ee1081b7135"
Cache-Control: max-age=531128,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f38539ab02b4fd-OSL
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 13:03:22 GMT
Expires: Fri, 23 Sep 2022 13:23:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UgZOUwieAi99mkjQHqddQDOZD3tvA0yaqhcntzTNhCAMKBfYaaz7Tg==
Age: 423
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; oaidts=1663938625
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 7a48610ab1a7cb09a4c562de523f4837
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
oaidts=1663938625; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
syncedCookie=true; expires=Fri, 30 Sep 2022 13:10:25 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Last-Modified: Fri, 23 Sep 2022 12:57:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f4780ac0c08bde6e02b42e9eacd3448
900e3916e114510fb14e001e9a7cf381fa9693f4
121dd75eec102a5b3ff837e7ca8261a1aacf828baabf91c572497b3239b9a6bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "121DD75EEC102A5B3FF837E7CA8261A1AACF828BAABF91C572497B3239B9A6BD"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5217
Expires: Fri, 23 Sep 2022 14:37:23 GMT
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3
157.90.33.79302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3
IP 157.90.33.79:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 13:10:26 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=cv2hALHqRMmb80VGsYN9ow; expires=Sat, 23 Sep 2023 13:10:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 23 Sep 2022 13:10:26 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
23.36.79.18301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 23 Sep 2022 13:10:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Sep 2022 13:10:26 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663938626247)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229231310%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224999947%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Sun, 23-Sep-3021 13:10:26 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=38
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7218578f2594f5eb48fbeb8fb755326e
79bd1a8e9ec35288fac1591fb2d4e7a20fb9fca7
f2e203cbd52f062bb0d9068977376f2d121597146d4fc76dfcb01b6c8ebf3557
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Last-Modified: Fri, 23 Sep 2022 11:25:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
35.162.203.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.203.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4zP1f3jjotADwwSweWlVVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ldKvhWYFOV5nloKdxlmDF9EvLsw=
www.megarush.com/fonts/Inter-ExtraBold.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-ExtraBold.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Hash d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3945
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc2b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/DS-Digital.woff2
104.22.30.168200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3841
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdccb509-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Regular.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Regular.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Hash 5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3948
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc8b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
104.22.30.168200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 104.22.30.168:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3945
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc6b509-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP 142.250.74.72:0
File type ASCII text, with very long lines (23513)
Hash 8042c633b29df62cbe5a8dbb8fbf62bf
b797b7e285b8b744bb6c708ea49c9d063e03b487
b8f502095c5ee872341cdba2bdff7f9ce87b2fd93e8a46982647580bbd54dc3d
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:26 GMT
expires: Fri, 23 Sep 2022 13:10:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/favicons/favicon-194x194.png
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/favicons/favicon-194x194.png
IP 104.22.30.168:0
File type PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c
GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34148769
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38541996fb509-OSL
X-Firefox-Spdy: h2
www.megarush.com/js/index.94a008e8.js
104.22.30.168200 OK 284 kB URL HTTP/2 www.megarush.com/js/index.94a008e8.js
IP 104.22.30.168:0
Size 284 kB (284112 bytes)
Hash eb4facc111d9309602d4fc5db2467d9c
f7211ed4ff6ad1bb90f4a76f1c7c1f9c2eecba92
5ab6ab21eaa72cfe8f8c388e5cdd2a5679061d80b34c2f7767b3e0a1583b33cb
GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4787
server: cloudflare
cf-ray: 74f3853efdd7b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
54.230.245.231200 OK 16 kB URL HTTP/1.1 d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP 54.230.245.231:0
File type ASCII text, with very long lines (16536)
Hash 9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a
GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 22 Sep 2022 18:50:24 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _gid5_S2DMPLNN6C2ShOuaRDhkoWtLP2-rJLrJ2GzW-M5ouTDkLfhg==
Age: 66003
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76af03eacd35b5fa01f5957f1bc9edef
3637f773b2cec90158b3f0f4fa19c12b57625fd5
a48fb5c63fd3f1c7f2ea4c13e65f07edb09ba35cccb7d121453678f84ae3d950
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A48FB5C63FD3F1C7F2EA4C13E65F07EDB09BA35CCCB7D121453678F84AE3D950"
Last-Modified: Thu, 22 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5423
Expires: Fri, 23 Sep 2022 14:40:49 GMT
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 12:41:09 GMT
expires: Fri, 23 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 1757
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf
104.18.38.157101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf
IP 104.18.38.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RkJxWKBhYRjAo35LOP9TUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: Ntvz5rr1W+eWDL7R6K1l91uOmpM=
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=4e7efc41c3eb8ab9322a685a012653a0; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f38541eea6fabc-OSL
scripts.mediamathrdrt.com/scripts/b_megarush.js
104.21.1.127200 OK 597 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 104.21.1.127:0
Hash 31acd85b90b4a107f79f464288ce58be
4746fec19cffad785b89ece0ab5ab545755bbf3a
ee16340fc05066507ab4043a20c6fa93773749000c76bf1fc699da17b94fde43
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 44c4a00d-2978-4eea-9b8c-7a60e1d0a6bd
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.003809
expires: 2022-08-24 13:10:26 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agamq2k%2BJdBmt7w8HEbzCkvg%2FrhRtK5donHU%2BKyU8Vb9csRvgjgY8lAi79YcEA6x5mOBf4QYTNocjaKoRl8UnRTkNChvbGkZm7PsnJ89%2BUZwi5F1H1jgNVN8XTsOpppzgSWswju0EKeezrro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f385423de0b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/translations/no.json
104.18.38.157200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 104.18.38.157:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f3854299f7b512-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 0ab0006d14f2f0bee557492cd5811c1d
8cd79b8bdc6b9d2b5b978f61f25c98f6140f7b84
b530cf005c75fe0155bdf66cd34edf5c2bb52298284771c0a77deb54ddffb8a0
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5cde63df286d147633791517a071518
896a42e351e96d5e4151c1c7c4f897b9a306fc5b
ae7a75e7bbf498769bcc56a0932d0a96ee7a8d0f47c347abbb990be2f64ff975
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:24:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 63 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash edaddb07c1ac69eeace0618371748121
d6a2dd58b9b4d56425a1391e0ce2354b85d27b13
2853842ec4546df8fa58052aa6715ea4b8321bbbaea78b32d1682a93b009b44b
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv03KmyQImIqXtYmD2KIGXKl5yyMqYUOehY69AMn3wkhCaKrnalTdcVcbbVEV5j8oC1DCMD_nbVA0XH4ctlQFtiHQ
x-goog-generation: 1663785557634490
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 63203
content-encoding: br
x-goog-hash: crc32c=S3DyuA==, md5=7a3bB8Gsae6s4GGDcXSBIQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 63203
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 23 Sep 2022 12:56:58 GMT
expires: Fri, 23 Sep 2022 13:56:58 GMT
cache-control: public, max-age=3600,no-transform
age: 809
last-modified: Wed, 21 Sep 2022 18:39:17 GMT
etag: "edaddb07c1ac69eeace0618371748121"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 0ab0006d14f2f0bee557492cd5811c1d
8cd79b8bdc6b9d2b5b978f61f25c98f6140f7b84
b530cf005c75fe0155bdf66cd34edf5c2bb52298284771c0a77deb54ddffb8a0
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce503df9e415f06b93509da4e9852537
5b0dd0f8fc0ef36f4263ee91fc709c4872fe248f
aa14818774acc682190d7195afda0d06ad12ed2eeb9494e89a94c4495cd515ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:52:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce503df9e415f06b93509da4e9852537
5b0dd0f8fc0ef36f4263ee91fc709c4872fe248f
aa14818774acc682190d7195afda0d06ad12ed2eeb9494e89a94c4495cd515ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:52:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.6.235200 OK 31 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.6.235:0
Hash b7e89ebdac000c13f7b95c4f2a5703a2
2b3c1509fb4f5f1b6e030138d604df61b95d829c
367a67f87627ccf6439c7d60f2c35d7ea0afc16eca5ad7fb237161ee5f023859
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
etag: W/"64271612f9771203ff18d1de033d1b31"
x-amz-request-id: tx0000000000000b34c3a7f-00632d9f53-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4476
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 13:10:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4476
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 13:10:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 54179
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 53919
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 53940
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 53941
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 55031
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 55325
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
104.22.30.168200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 104.22.30.168:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca08b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
104.22.30.168200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 104.22.30.168:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0cb509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-2.png
104.22.30.168200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 104.22.30.168:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981249
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0bb509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
104.22.30.168200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 104.22.30.168:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9378553
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0db509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/promotions.png
104.22.30.168200 OK 21 kB URL HTTP/2 www.megarush.com/img/benefits/promotions.png
IP 104.22.30.168:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2500310
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da26b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/loader.svg
104.22.30.168200 OK 3.2 kB URL HTTP/2 www.megarush.com/img/icons/loader.svg
IP 104.22.30.168:0
Hash 535bc36304a1af104a7b0f3587d8cb7d
4f68e524fc182423d81af946eb1309d6133bf90e
a9e2095804e8ec4ae88a08d15b4ef8be3e1d4a438a1599902d02985cf30af8e2
GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34148343
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385472934b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
104.22.30.168200 OK 12 kB URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 104.22.30.168:0
Hash a09c9347907ebf14e94fefcc77abf7ac
47aeaed18d251427a98bacddbe5c607a0e66ebb1
98d85dfcedb2f838e978caf7a193f7974a36c662c1563b00d055733a29645ff6
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9386293
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b878b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
104.22.30.168200 OK 53 kB URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 104.22.30.168:0
Hash 325e41ec4657d282833a53a6896fa5c9
1979cd87bde833520f006bcaf688d2a8b029b76c
fa4e586472c72a36055d06eb50b1e3934d70590171616c4994e74d11a0c91e0d
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9217646
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c87db509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
104.22.30.168200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 104.22.30.168:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da24b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
104.22.30.168200 OK 16 kB URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 104.22.30.168:0
Hash 1658686c35403a2f71e1cd37331a43f6
92db955ead19fcd65f7e36e2c37a80d42de383ca
0390368c05303186e8943fde23dd5ed0bf294ccd407999956fdb32ba59dc168e
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30923854
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b86cb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mega-clock-badge-new.svg
104.22.30.168200 OK 13 kB URL HTTP/2 www.megarush.com/img/icons/mega-clock-badge-new.svg
IP 104.22.30.168:0
Hash f4717aac33dc317c18745dcd9dec971f
03bb3ef5ce4f380adaba88a66d8c793c33a12ae0
56593608a1c8a741c554f5841e351728b393cb597e4c1aa617a1661da6a70365
GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9374336
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385470908b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/flag-nb-no.svg
104.22.30.168200 OK 11 kB URL HTTP/2 www.megarush.com/img/icons/flag-nb-no.svg
IP 104.22.30.168:0
Hash edfe358b3f9194d5ec456dcb8a8c402e
b2cc6d026b09f0a0a1ad9a0d90a8aeda370176f7
3ee0a62c33eb2ae4b55482fcb89d344e065322c98a3d7a03c3098cec974dd01e
GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385471917b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
104.22.30.168200 OK 5.0 kB URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 104.22.30.168:0
Hash 32bf2455f45ef42921b90155b679f147
1bfa1fbd700bd262b009c94662bc64961fdd1c33
544add712908c1d301535bed3e1bf3b1fb0644c8d82529088223710842ede605
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a7b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--updated.svg
104.22.30.168200 OK 36 kB URL HTTP/2 www.megarush.com/img/icons/promotions--updated.svg
IP 104.22.30.168:0
Hash 1af420203b463b37280ec62d57fd5d2e
8d3ff7cd0b56668836aa81c2a11e4babeea6d83d
9d1014766a7f0a21483065627b498d6db6a400c7fa69b22c0f8099426c200d11
GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c89db509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
104.22.30.168200 OK 76 kB URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 104.22.30.168:0
Hash 13f6352c0bb8f3239b920f7d82a2ac02
723c47e08dc0192c9299fcc67a5bf93a287d243a
8e5ea4b5d4a2ba4339ce0e69e2a8dba913061afa38b9fc38aa34eeea910eafd5
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17874322
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c889b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-1-1.png
104.22.30.168200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 104.22.30.168:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca12b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
104.22.30.168200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 104.22.30.168:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da21b509-OSL
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
104.22.30.168200 OK 63 kB URL HTTP/2 www.megarush.com/service-worker.js
IP 104.22.30.168:0
Hash f41446a8d09f340cfe2d696ec4442631
e47455b2652729e4aadaa77c0592009f1b0ad74d
cf0ead91af1927c5c7abae1e9734351137c5170fa8cde251c9baa05c980e5e53
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Fri, 23 Sep 2022 13:10:56 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38541e9dfb509-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--flat.svg
104.22.30.168200 OK 35 kB URL HTTP/2 www.megarush.com/img/icons/live-casino--flat.svg
IP 104.22.30.168:0
Hash 89a16fc59d52d93d6005f135f36fa55e
268927fbec4fdbe9d632b3f44fbce3cdff7d7b62
55ee6ce06e5a349337675d5a00c75b331230fd4496aa75390533ef2e43ad580c
GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8aab509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
104.18.38.157200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 104.18.38.157:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f385481995b512-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
104.22.30.168200 OK 85 kB URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 104.22.30.168:0
Hash 7ae50e4cf79378d86ba33a8855dc8c23
09548596277938bb5db3b0a5934a33fa93d737f4
6fc1595fff79bbecb78eb6ca7f74be02c823e06b6a6af94df70388359310a68a
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9386601
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c899b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
104.18.38.157200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 104.18.38.157:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=84435ba6ff2e970bed5e8ee5e9658cb9; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548199bb512-OSL
X-Firefox-Spdy: h2
www.megarush.com/video/arcade-game.webm
104.22.30.168206 Partial Content 61 kB URL HTTP/2 www.megarush.com/video/arcade-game.webm
IP 104.22.30.168:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoMD12MtsEO6jAAqBbOXAg==; expires=Sun, 23-Oct-22 13:10:27 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a73b509-OSL
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/games/no_NO.json
104.18.38.157200 OK 714 kB URL HTTP/2 megalotto-static.gigmagic.io/games/no_NO.json
IP 104.18.38.157:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 714 kB (714008 bytes)
Hash 2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38547b91db512-OSL
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
151.101.86.249200 OK 3.5 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP 151.101.86.249:0
File type ASCII text, with very long lines (23516), with no line terminators
Hash 9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c
GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 5193273
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1652-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 28856
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
www.megarush.com/img/icons/gamblersanonymous.svg
104.22.30.168200 OK 5.8 kB URL HTTP/2 www.megarush.com/img/icons/gamblersanonymous.svg
IP 104.22.30.168:0
Hash f379876e457069d7da3fd78882d817c4
ca35b958dc11580245dc812be8b3a3dc44909bf5
956fa0afb55fecaf76e612f26e6edc7255fcb660ecdef8909602d820917e3c87
GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981824
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547292bb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
151.101.86.249200 OK 216 kB URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
IP 151.101.86.249:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 216 kB (216461 bytes)
Hash 7e2514e9bc34d8a3de8cad16b3583170
49e70f24621b8939352c100f2ab2285c25e0413f
8507f3301310702977f9f1a095b99cbf0d6f5c0d47f5a56514fe579e72cb16e1
GET /cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 216461
Last-Modified: Wed, 14 Sep 2022 19:13:16 GMT
ETag: "7e2514e9bc34d8a3de8cad16b3583170"
x-goog-generation: 1663182795945010
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216461
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 755637
X-Served-By: cache-chi-klot8100084-CHI, cache-bma1651-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 25
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
www.megarush.com/img/logo.4c52d90d.svg
104.22.30.168200 OK 1.4 kB URL HTTP/2 www.megarush.com/img/logo.4c52d90d.svg
IP 104.22.30.168:0
Hash d9420d819a189a7cd867da4bd58949d2
b080b447feddeef01761256399dfd4249f109a71
65eaa4431c4fe37c752f479798c691c543f79577d720227f9e5641d66923b6ca
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a61b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/menu.svg
104.22.30.168200 OK 86 kB URL HTTP/2 www.megarush.com/img/icons/menu.svg
IP 104.22.30.168:0
Hash 4cba0f9c8b714332715f0ebb3c72eb8b
d656cba81a9f0e98c60cfa7e78db4fe395c0c751
3194b86022976f02d78bfc4e7abeb8fc5b5ae8111db113f7ce6cbb93dd7778f4
GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16156209
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546e8c0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.245200 OK 389 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.245:0
File type ASCII text, with CRLF line terminators
Hash 68c2489183f83276ffada49b94ccbb92
18e43a9155f72165eaff104232a4231b997b381c
5286b95c7d226bb69fea6bd69dc7f5a3c23eafc39cd586d5fedc0f8ff4abc646
GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 184ba5cf30a4d40cfaedd8c4b922e433
4b4d2af4ad8d5db5480f16f34be2bc8df42ee9b4
86b81ef0cf34fd7bbab2698e65e7786a9441449a70bb2c5bf74d7573344adb81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86B81EF0CF34FD7BBAB2698E65E7786A9441449A70BB2C5BF74D7573344ADB81"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10567
Expires: Fri, 23 Sep 2022 16:06:35 GMT
Date: Fri, 23 Sep 2022 13:10:28 GMT
Connection: keep-alive
www.megarush.com/img/icons/promotions--flat.svg
104.22.30.168200 OK 3.0 kB URL HTTP/2 www.megarush.com/img/icons/promotions--flat.svg
IP 104.22.30.168:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6296)
Hash fcdefcfa2b218d58516ca0a42c60d9c6
eacf1e9a2e5e17db604b279c82b082c7c48dda03
ad16ee57876cfc48b5095e194e231d68b4e91d2a426a2250204671d233bbd3e5
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17874322
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8abb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
151.101.86.248200 OK 90 kB URL HTTP/1.1 encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP 151.101.86.248:0
Hash fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:29 GMT
Age: 1016649
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 22
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
megalotto-static.gigmagic.io/video/header-video-720p.webm
104.18.38.157206 Partial Content 1.3 MB URL HTTP/2 megalotto-static.gigmagic.io/video/header-video-720p.webm
IP 104.18.38.157:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.3 MB (1336865 bytes)
Hash 63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817
GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Fri, 23 Sep 2022 17:10:28 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74f3854c9f93b512-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/iso.fc5b238b.svg
104.22.30.168200 OK 131 kB URL HTTP/2 www.megarush.com/img/iso.fc5b238b.svg
IP 104.22.30.168:0
Size 131 kB (131312 bytes)
Hash 405dee136f0f3a490f646260357c5ec7
f1c290511a42e34b808e92273c4ef6dc590b0bd0
c03e64a1717e18d38b24f21a281ed2a826b19b428ea859cad2099e64eb238c5b
GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a5fb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:28 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 0 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:29 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2315f101e247a531982a3f242c2612d7
3dab010d197db4e34c521566396319eb674b3adf
598fedca6c00f57e82a9a7dd70c38068bad187c6edb9a68236d98de6a4318b6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:29 GMT
Last-Modified: Fri, 23 Sep 2022 12:05:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
54.230.111.4200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP 54.230.111.4:0
Hash 34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 23 Sep 2022 12:32:16 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ur3w-GNVrh04FFvvG08843QgZDy4oJGMvF3i7unfVTf28oYZES65lQ==
age: 2294
X-Firefox-Spdy: h2
graphql.datocms.com/
104.22.3.238200 OK 769 B IP 104.22.3.238:0
Hash 88d1ea4e93e444f57620250237811eac
ba804c5cf136145fceb8372ede8052437ce250a5
0ce3e6ae8e8c2b7c92255e6518504ab3af90c2f866dada9ddfc0b38109bd4ed7
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: application/json; charset=utf-8
cf-ray: 74f3854d4e3cb4fa-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1501836
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 112
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1668-BMA
x-timer: S1663938629.700799,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl=
143.204.55.93200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl=
IP 143.204.55.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 01:48:49 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HfmBVD6ZvhhiHfJPCQOwIRGxPQ7EjxSH1Zg3ulvswbHbudpRpBZ5Bg==
age: 40900
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Fri, 23 Sep 2022 13:10:29 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 184ba5cf30a4d40cfaedd8c4b922e433
4b4d2af4ad8d5db5480f16f34be2bc8df42ee9b4
86b81ef0cf34fd7bbab2698e65e7786a9441449a70bb2c5bf74d7573344adb81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86B81EF0CF34FD7BBAB2698E65E7786A9441449A70BB2C5BF74D7573344ADB81"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10566
Expires: Fri, 23 Sep 2022 16:06:35 GMT
Date: Fri, 23 Sep 2022 13:10:29 GMT
Connection: keep-alive
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
35.186.224.17200 OK 39 B URL HTTP/2 gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP 35.186.224.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29
POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Fri, 23 Sep 2022 13:10:28 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e
91.228.74.159200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e
IP 91.228.74.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632db045-63d46-f14e8-7be1e; expires=Tue, 24-Oct-2023 13:10:29 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 13:10:29 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
apresolve.spotify.com/?type=dealer&type=spclient
34.98.74.57200 OK 110 B URL HTTP/2 apresolve.spotify.com/?type=dealer&type=spclient
IP 34.98.74.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1dd6c1ca39ff7f62f6f5dd73cbb69e60
007b03249980c5f5037713c49f2ffe5c34b8ca30
0bbfb9e870bc8a77808b5cec871a59121e1d81788b4b4beebc422729b5ae88f0
GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Fri, 23 Sep 2022 13:10:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/icons/help-round.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/help-round.svg
IP 104.22.30.168:0
GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a2b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/payments.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/payments.svg
IP 104.22.30.168:0
GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/index.3e5fca25e481a764411c.css
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/index.3e5fca25e481a764411c.css
IP 104.22.30.168:0
GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4787
server: cloudflare
cf-ray: 74f3853efdd2b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
IP 104.22.30.168:0
GET /nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f3853e7d32b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/base.css
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/base.css
IP 104.22.30.168:0
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4595
server: cloudflare
cf-ray: 74f3853efdcfb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/js/chunk-vendors.25e1a372.js
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/js/chunk-vendors.25e1a372.js
IP 104.22.30.168:0
GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4835
server: cloudflare
cf-ray: 74f3853efdd6b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/askgamblers.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/askgamblers.svg
IP 104.22.30.168:0
GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547292eb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25302 Found 0 B URL HTTP/2 open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; path=/; expires=Sat, 23 Sep 2023 13:10:27 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D9ce28f1cd52745bbca5569dd71992a29%26device%3Ddesktop; path=/; expires=Sat, 24 Sep 2022 13:10:27 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: b0e7a4b301c4340e
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.59a73b6c.js
151.101.86.249200 OK 0 B URL HTTP/1.1 open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.59a73b6c.js
IP 151.101.86.249:0
GET /cdn/build/embed-legacy/embed-legacy.59a73b6c.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 128674
Last-Modified: Fri, 23 Sep 2022 11:58:21 GMT
ETag: "5c272ccdb2297b987f4c9c5f71965186"
x-goog-generation: 1663934301457174
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 128674
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 4072
X-Served-By: cache-chi-klot8100093-CHI, cache-bma1641-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 107
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000
www.megarush.com/img/icons/search.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/search.svg
IP 104.22.30.168:0
GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8adb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mastercard--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mastercard--white.svg
IP 104.22.30.168:0
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546e8ceb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 104.22.30.168:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17897048
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c885b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
104.18.38.157200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 104.18.38.157:0
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 47
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632db04107664647bdc1a0bf
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548ca81b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
104.18.38.157200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 104.18.38.157:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 18
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632db04107664647bdc1a0bf
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548ba59b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Fri, 30 Sep 2022 13:10:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.megarush.com/chunk-vendors.76e8e4d0.css
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 104.22.30.168:0
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4835
server: cloudflare
cf-ray: 74f3853efdd0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/purple.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/glows/purple.svg
IP 104.22.30.168:0
GET /img/home-page/glows/purple.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981248
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547fa43b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25200 OK 0 B URL HTTP/2 open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D9ce28f1cd52745bbca5569dd71992a29%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; path=/; expires=Sat, 23 Sep 2023 13:10:27 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: b62fb3e1efe7695d
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877
37.157.6.245200 OK 0 B URL HTTP/2 track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877
IP 37.157.6.245:0
GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/img/icons/jeton--white.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/jeton--white.svg
IP 104.22.30.168:0
GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546f8ddb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
104.22.30.168200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 104.22.30.168:0
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981249
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b870b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2