Report - telecentrum.site/m/id/ppt1/

Report Overview

Submitted URL
telecentrum.site/m/id/ppt1/
IP
194.135.87.32
ASN
#212531 UAB Interneto vizija
Submitted
2022-09-23 13:10:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
rules.quantcount.com	877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	938 B	54.230.111.4
media.megarushaffiliates.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	1.1 kB	23.36.79.18
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	51 kB	142.250.74.72
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	728 B	23.36.76.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.203.49
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
whampamp.com	30947	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	9.8 kB	139.45.197.236
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	93.184.220.29
sentry.io	2743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	404 B	35.188.42.15
megalotto-api.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	2.4 kB	104.18.38.157
scripts.mediamathrdrt.com	273493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	1.4 kB	104.21.1.127
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	32 kB	37.157.6.235
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.3 kB	37.157.6.245
pxl.qccerttest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	747 B	143.204.55.93
eu.can-get-so.me	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	338 B	157.90.33.79
megalotto-static.gigmagic.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 MB	104.18.38.157
edge.fullstory.com	2769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	64 kB	35.201.112.186
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
graphql.datocms.com	163121	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	2.3 kB	104.22.3.238
apresolve.spotify.com	753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	415 B	34.98.74.57
secure.quantserve.com	973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	293 B	91.228.74.159
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	678 B	139.45.195.8
datatechone.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	462 B	139.45.195.253
pixel.quantserve.com	417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	459 B	91.228.74.159
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
35.227.234.222	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	204 B	35.227.234.222
www.megarush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	33 kB	1.1 MB	104.22.30.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	20 kB	142.250.74.174
encore.scdn.co	25928	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	90 kB	151.101.86.248
telecentrum.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	235 B	194.135.87.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
gew4-spclient.spotify.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.3 kB	35.186.224.17
open.spotify.com	3062	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	35.186.224.25
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
d3mi6d1ao3fzsg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	17 kB	54.230.245.231
open.spotifycdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	222 kB	151.101.86.249

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	telecentrum.site/m/id/ppt1/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	whampamp.com	Sinkholed
2022-09-23	medium	whampamp.com	Sinkholed
2022-09-23	medium	datatechone.com	Sinkholed
2022-09-23	medium	whampamp.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-K4GPX49	152 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K4GPX49 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:51:13 Last Seen2023-03-07 23:51:13 Times Seen1 Hash 0d2997a892985b75cdb3b7bd34cb3e4f 21d66f686c4378e82879fc6e67c91647c7a99fa1 b378a1032bd71af0e36da693634d3d15475debccf9237bb0482fe0da326dc632 Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	409 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 1975ca962a84729519ec67c01b3b24a6 343814a3878553f938081eaca8e1acd975420b9d 750dd2532ed69312546d95f623a804e030b3d2d2c1e167be87c746a8c6c0cf14 Loading...

	scripts.mediamathrdrt.com/scripts/b_megarush.js	805 B	2023-03-07	2024-03-29
Pretty URL scripts.mediamathrdrt.com/scripts/b_megarush.js IP 104.21.1.127 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2024-03-29 16:08:03 Times Seen301 Hash 515636fd468eb57dafca110b214b3161 2843400ad362c003c84b007091acd45c7ecf813f b89528e21d6f85cc11459c7b6ec733cb9f9775a351f6dda2597aa76eeca5b761 Loading...

	scripts.mediamathrdrt.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	secure.quantserve.com/quant.js	27 kB	2023-03-07	2023-03-17
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.159 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:49:11 Last Seen2023-03-17 12:55:49 Times Seen1 Hash 78ddecc5281a6afd31e701cbc4607581 91f15c2f3080ddccb4aaddcbaceeb6cfc462771b 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745 Loading...

	whampamp.com/4/5087048?var=ar2	5.4 kB	2023-03-07	2023-03-07
Pretty URL whampamp.com/4/5087048?var=ar2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:51:13 Last Seen2023-03-07 23:51:13 Times Seen1 Hash 07b29ea9b4b3a396fba05eb4aa70dd1b 24e3e08634dfde128436f9beca19fb72c6b23c0a 73bbcc8b5952e6d8621a8b8a5901cd06a8df4a89592643954566f7ded5a8e280 Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	72 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 05767ea3358595f1121304133ca91186 9cc28d62d149415bc7708e7d4c65a0a679017c65 6c8e8873e5f00c38cae3d86f5fe172fe8d8192995d2b7180c9801bbf46d29c12 Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	68 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e239a24babf5dcada90d18e249730189 a03c92a556330ca1c9611eb6d488aacc7889df2e a1e90c45f22ab45026fe49d18aa82a55e295ec4efa4aaf16e3f04365567bc0e2 Loading...

	www.megarush.com/js/chunk-vendors.25e1a372.js	326 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/chunk-vendors.25e1a372.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:28:08 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 794d5dedcb45f2d9e25097986de4b2d8 a7e6eccff06fea3094cf113b276a0e8ca408eb8a f8063bd1bb6c5549795d3eea5d60aab8e94688fb1b67901a60d4ce921790b4fd Loading...

	edge.fullstory.com/s/fs.js	253 kB	2023-03-07	2023-03-08
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:45:05 Last Seen2023-03-08 03:47:02 Times Seen1 Hash 6d6bcf2eb2acba7e9998402d9fc176f5 2eaa929b1b6318b7b3108d59c1497dd6b571ec43 25811fecdea7f61529eac181b06f990d1d6e73eeb61215c00df164621b729282 Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	80 kB	2023-03-07	2023-03-08
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.6.235 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:03 Last Seen2023-03-08 05:30:10 Times Seen1 Hash 64271612f9771203ff18d1de033d1b31 a36154bbc0392453b207291b5580323c739799b1 faa7c5a62d21d645024e4385c3dfaf01614dffb80b2f51e9aa07b3a35a2c5090 Loading...

	scripts.mediamathrdrt.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.mediamathrdrt.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877	729 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877 IP 37.157.6.245 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:51:13 Last Seen2023-03-07 23:51:13 Times Seen1 Hash 80149a42683e4beb38fbed66049e3b87 501a5a3473ba33d8f3c313efe1a34707c46bfce9 919e0f69f1f44b7d61b4add7cd634152ea54c0efaa4767e50605361e61193deb Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	244 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 251b3c4f175a3557d020af7276e3a62c 78d8f5a1fc8fa63a6b05f87b13beb475f68d065a b681075422c11c3cf1edf3e9aac4a0ac48bbe5f5302eeb45f3f63a82e779fe24 Loading...

	www.megarush.com/js/index.94a008e8.js	1.4 MB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/js/index.94a008e8.js IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:30 Last Seen2023-03-17 12:45:42 Times Seen1 Hash f00870c1f312d6ce57cd7201de92a418 c33eb3a71a78416d53cd8ba09b505e181aacf22a 7a5cb32a27e1b23ef27215c5960ea8364d85fea97b2d5b6dc96d98d7e947040f Loading...

	d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js	16 kB	2023-03-07	2023-03-17
Pretty URL d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js IP 54.230.245.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 9f2263de140cc78c0737d17051307016 0174dfe38c88f9e7043b002fb9131c7a71399d77 17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	1.1 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 8d23e75026216948f6f5480cfec43614 19f79c45ee1364682a41bf32d9ed60000977c5e8 82cd2ac7e097cd8a40b29aacebcbdb07b414cf167a11c9c88af7e6733b712efc Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:41:25 Times Seen37063493 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	whampamp.com/4/5087048?var=ar2	8.9 kB	2023-03-07	2023-03-10
Pretty URL whampamp.com/4/5087048?var=ar2 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:47:57 Last Seen2023-03-10 11:11:14 Times Seen1 Hash 18f6d61af48cf7aabd486dcfff42a496 63295685ac129d84bbfa71be5f4c9d888f9f04f6 d4f50d1f12704c18a6d8ab9b53de21ca333c852d8f7c1dce304a1f10989cbe37 Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	373 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash e94fe87cb0f9b191e8a2f2c0fa5e267a 3c2deb6b38f8cf76c90e2b6bd12161bccbc8ca9b 51c583bce95c19f63dcd7bc23d3cd1267ad6f710e77f1b946717d231c60dbc5f Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	70 B	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 29c52dd8b94963ce070a831157ff78e6 e49e51244fd219ff2191d75aadd3be4bbb8adf35 98a9253151b22574fe7f11829de0f8b5de1f2f5985295cdffe7a3d56fa3dc716 Loading...

	www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877	1.2 kB	2023-03-07	2023-03-17
Pretty URL www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 IP 104.22.30.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 4b845dcbe67dcf2f08884d22e61ca993 d5df2c0e8e2e49aef3881c2331cc8c2a601d6667 8df185c955c3ece045fce2017142562a3d3b8c678176d86faeab2c8f5307c791 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24	385 B	2023-03-07	2023-03-07
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2381934&ADFdivider=\|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:51:13 Last Seen2023-03-07 23:51:13 Times Seen1 Hash c1c2626190a2e9983649e88b04cd1874 ec039dd5bc0b536231f14d0f9318357a41fab8dc 4b66b3f13d55cbbaa0bb0c5d371eda60fd25086b7b66b996fd5955b935d8d78c Loading...

	track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877	542 B	2023-03-07	2023-03-17
Pretty URL track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877 IP 37.157.6.245 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 2ccd12d03fad8f3e6cecde40cdd802ba 28d041241344c759642b1788adcf27b0582c7e04 56430687824251353e667ff24b449b626c78df2e3b7da8d829dd1a49b5a2708c Loading...

	rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js	271 B	2023-03-07	2023-03-17
Pretty URL rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js IP 54.230.111.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-03-17 12:45:42 Times Seen1 Hash 34e255255d25312b08a2cc8566b5bf38 56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85 1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23 Loading...

HTTP Transactions (118)

URL IP Response Size

telecentrum.site/m/id/ppt1/

194.135.87.32

302 Found

0 B

URL HTTP/1.1
telecentrum.site/m/id/ppt1/
IP
194.135.87.32:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /m/id/ppt1/ HTTP/1.1
Host: telecentrum.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 23 Sep 2022 13:10:24 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ar2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gN0NbDlHdAJcYHm71PapaJg4EnKimX8Jy6QX_NYItJITk_eYm0p8pw==
Age: 3378

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7435
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 13:10:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e2mJzQZgRwbTJUffXW6F1HQePDrTp4LtuPRcnRhtlnKrqTteol9qbA==
age: 30911
X-Firefox-Spdy: h2

whampamp.com/4/5087048?var=ar2

139.45.197.236

200 OK

7.1 kB

URL HTTP/1.1
whampamp.com/4/5087048?var=ar2
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Size
7.1 kB (7141 bytes)
Hash
706c1e14a6a75fc2079cc16ae68e9fab
3a42615789fbf224272f96032d511f8f8cd0dccc
335424de8ffbeb084bd23834ea4d41d99b1e9e70c91ffc6c6368492d0f38a654

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ar2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 63f4e3476a6400f96fbdab3d22158293
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
oaidts=1663938625; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ar2
Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; oaidts=1663938625

HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=536695,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f385396e49b506-OSL

my.rtmark.net/img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=1fb5e60c017d4800bb7e9e6f5c58987a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f29a678b472b135eeec39af31d5114dc
3081b9afbbad4b726fc48a7b78255ee1081b7135
0a1f4757bf58c7492ce995087886375fb50f0872e626b5bd5d8749cb13b5f95d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:52:35 GMT
Expires: Thu, 29 Sep 2022 16:52:34 GMT
Etag: "3081b9afbbad4b726fc48a7b78255ee1081b7135"
Cache-Control: max-age=531128,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f38539ab02b4fd-OSL

datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314

139.45.195.253

200 OK

2 B

URL HTTP/1.1
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP
139.45.195.253:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 13:03:22 GMT
Expires: Fri, 23 Sep 2022 13:23:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UgZOUwieAi99mkjQHqddQDOZD3tvA0yaqhcntzTNhCAMKBfYaaz7Tg==
Age: 423

whampamp.com/?z=5087048&syncedCookie=true&rhd=false

139.45.197.236

302 Found

0 B

URL HTTP/1.1
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 447
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; oaidts=1663938625
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Sep 2022 13:10:25 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 7a48610ab1a7cb09a4c562de523f4837
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1fb5e60c017d4800bb7e9e6f5c58987a; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
oaidts=1663938625; expires=Sat, 23 Sep 2023 13:10:25 GMT; path=/
syncedCookie=true; expires=Fri, 30 Sep 2022 13:10:25 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Last-Modified: Fri, 23 Sep 2022 12:57:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f4780ac0c08bde6e02b42e9eacd3448
900e3916e114510fb14e001e9a7cf381fa9693f4
121dd75eec102a5b3ff837e7ca8261a1aacf828baabf91c572497b3239b9a6bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "121DD75EEC102A5B3FF837E7CA8261A1AACF828BAABF91C572497B3239B9A6BD"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5217
Expires: Fri, 23 Sep 2022 14:37:23 GMT
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: keep-alive

eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3

157.90.33.79

302 Found

0 B

URL HTTP/2
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3
IP
157.90.33.79:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=597164479855473077&subid1=5087048&cost=0.001946&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 23 Sep 2022 13:10:26 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=cv2hALHqRMmb80VGsYN9ow; expires=Sat, 23 Sep 2023 13:10:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop

35.227.234.222

302 Found

0 B

URL HTTP/1.1
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP
35.227.234.222:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 23 Sep 2022 13:10:26 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google

media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575

23.36.79.18

301 Moved Permanently

0 B

URL HTTP/2
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 23 Sep 2022 13:10:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Sep 2022 13:10:26 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663938626247)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229231310%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224999947%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Sun, 23-Sep-3021 13:10:26 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=38
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7218578f2594f5eb48fbeb8fb755326e
79bd1a8e9ec35288fac1591fb2d4e7a20fb9fca7
f2e203cbd52f062bb0d9068977376f2d121597146d4fc76dfcb01b6c8ebf3557

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Last-Modified: Fri, 23 Sep 2022 11:25:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

35.162.203.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.203.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4zP1f3jjotADwwSweWlVVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ldKvhWYFOV5nloKdxlmDF9EvLsw=

www.megarush.com/fonts/Inter-ExtraBold.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-ExtraBold.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Size
10 kB (10484 bytes)
Hash
d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c

HTTP Headers

GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10484
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3945
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc2b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/DS-Digital.woff2

104.22.30.168

200 OK

776 B

URL HTTP/2
www.megarush.com/fonts/DS-Digital.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Size
776 B (776 bytes)
Hash
789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248

HTTP Headers

GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 776
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3841
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdccb509-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Regular.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Regular.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Size
10 kB (10108 bytes)
Hash
5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5

HTTP Headers

GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10108
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3948
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc8b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/fonts/Inter-Bold.woff2

104.22.30.168

200 OK

10 kB

URL HTTP/2
www.megarush.com/fonts/Inter-Bold.woff2
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Size
10 kB (10508 bytes)
Hash
a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37

HTTP Headers

GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: font/woff2
content-length: 10508
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 3945
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f3853efdc6b509-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K4GPX49

142.250.74.72

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23513)
Size
51 kB (50596 bytes)
Hash
8042c633b29df62cbe5a8dbb8fbf62bf
b797b7e285b8b744bb6c708ea49c9d063e03b487
b8f502095c5ee872341cdba2bdff7f9ce87b2fd93e8a46982647580bbd54dc3d

HTTP Headers

GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:26 GMT
expires: Fri, 23 Sep 2022 13:10:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.megarush.com/favicons/favicon-194x194.png

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/favicons/favicon-194x194.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11668 bytes)
Hash
3bc9ecb2b8d9e78d83d49da52c0292fc
b13fda2aa7ff6d2d185a90dbe6446ad52f63d244
9b35e254d53d3c4b6f0ce1185de9463355d340808f64b0e831162fb03cf5b39c

HTTP Headers

GET /favicons/favicon-194x194.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: image/png
content-length: 11668
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34148769
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38541996fb509-OSL
X-Firefox-Spdy: h2

www.megarush.com/js/index.94a008e8.js

104.22.30.168

200 OK

284 kB

URL HTTP/2
www.megarush.com/js/index.94a008e8.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
284 kB (284112 bytes)
Hash
eb4facc111d9309602d4fc5db2467d9c
f7211ed4ff6ad1bb90f4a76f1c7c1f9c2eecba92
5ab6ab21eaa72cfe8f8c388e5cdd2a5679061d80b34c2f7767b3e0a1583b33cb

HTTP Headers

GET /js/index.94a008e8.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-160e97"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4787
server: cloudflare
cf-ray: 74f3853efdd7b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js

54.230.245.231

200 OK

16 kB

URL HTTP/1.1
d3mi6d1ao3fzsg.cloudfront.net/webpush/1/webpush.min.js
IP
54.230.245.231:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16536)
Size
16 kB (16537 bytes)
Hash
9f2263de140cc78c0737d17051307016
0174dfe38c88f9e7043b002fb9131c7a71399d77
17ada4aeba85fbedca030d812ae829162ed2ad5d7a96d5c05b2b288e801a1b3a

HTTP Headers

GET /webpush/1/webpush.min.js HTTP/1.1
Host: d3mi6d1ao3fzsg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 16537
Connection: keep-alive
Last-Modified: Thu, 27 May 2021 15:02:08 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 22 Sep 2022 18:50:24 GMT
ETag: "9f2263de140cc78c0737d17051307016"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _gid5_S2DMPLNN6C2ShOuaRDhkoWtLP2-rJLrJ2GzW-M5ouTDkLfhg==
Age: 66003

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
76af03eacd35b5fa01f5957f1bc9edef
3637f773b2cec90158b3f0f4fa19c12b57625fd5
a48fb5c63fd3f1c7f2ea4c13e65f07edb09ba35cccb7d121453678f84ae3d950

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A48FB5C63FD3F1C7F2EA4C13E65F07EDB09BA35CCCB7D121453678F84AE3D950"
Last-Modified: Thu, 22 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5423
Expires: Fri, 23 Sep 2022 14:40:49 GMT
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 12:41:09 GMT
expires: Fri, 23 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 1757
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf

104.18.38.157

101 Switching Protocols

0 B

URL HTTP/1.1
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=632db04107664647bdc1a0bf HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RkJxWKBhYRjAo35LOP9TUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 23 Sep 2022 13:10:26 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: Ntvz5rr1W+eWDL7R6K1l91uOmpM=
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=4e7efc41c3eb8ab9322a685a012653a0; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f38541eea6fabc-OSL

scripts.mediamathrdrt.com/scripts/b_megarush.js

104.21.1.127

200 OK

597 B

URL HTTP/2
scripts.mediamathrdrt.com/scripts/b_megarush.js
IP
104.21.1.127:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
597 B (597 bytes)
Hash
31acd85b90b4a107f79f464288ce58be
4746fec19cffad785b89ece0ab5ab545755bbf3a
ee16340fc05066507ab4043a20c6fa93773749000c76bf1fc699da17b94fde43

HTTP Headers

GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: 44c4a00d-2978-4eea-9b8c-7a60e1d0a6bd
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.003809
expires: 2022-08-24 13:10:26 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agamq2k%2BJdBmt7w8HEbzCkvg%2FrhRtK5donHU%2BKyU8Vb9csRvgjgY8lAi79YcEA6x5mOBf4QYTNocjaKoRl8UnRTkNChvbGkZm7PsnJ89%2BUZwi5F1H1jgNVN8XTsOpppzgSWswju0EKeezrro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f385423de0b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/translations/no.json

104.18.38.157

200 OK

75 kB

URL HTTP/2
megalotto-static.gigmagic.io/translations/no.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Size
75 kB (75076 bytes)
Hash
c2bbcc94bb88bd8501e783cb5309f53a
0866706258d25179ff9f25f1185d54e8a9222eec
dc6d64b029ac273b3bfb1434db5f41e784532e7896343388fc5635fdbbd91cd2

HTTP Headers

GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json; charset=utf-8
content-length: 75076
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 20 Sep 2022 12:59:05 GMT
etag: "c2bbcc94bb88bd8501e783cb5309f53a"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=81f17ed54a83fe51a535d9a669b8de47; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f3854299f7b512-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ab0006d14f2f0bee557492cd5811c1d
8cd79b8bdc6b9d2b5b978f61f25c98f6140f7b84
b530cf005c75fe0155bdf66cd34edf5c2bb52298284771c0a77deb54ddffb8a0

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a5cde63df286d147633791517a071518
896a42e351e96d5e4151c1c7c4f897b9a306fc5b
ae7a75e7bbf498769bcc56a0932d0a96ee7a8d0f47c347abbb990be2f64ff975

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:24:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

63 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
63 kB (63203 bytes)
Hash
edaddb07c1ac69eeace0618371748121
d6a2dd58b9b4d56425a1391e0ce2354b85d27b13
2853842ec4546df8fa58052aa6715ea4b8321bbbaea78b32d1682a93b009b44b

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv03KmyQImIqXtYmD2KIGXKl5yyMqYUOehY69AMn3wkhCaKrnalTdcVcbbVEV5j8oC1DCMD_nbVA0XH4ctlQFtiHQ
x-goog-generation: 1663785557634490
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 63203
content-encoding: br
x-goog-hash: crc32c=S3DyuA==, md5=7a3bB8Gsae6s4GGDcXSBIQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 63203
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 23 Sep 2022 12:56:58 GMT
expires: Fri, 23 Sep 2022 13:56:58 GMT
cache-control: public, max-age=3600,no-transform
age: 809
last-modified: Wed, 21 Sep 2022 18:39:17 GMT
etag: "edaddb07c1ac69eeace0618371748121"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ab0006d14f2f0bee557492cd5811c1d
8cd79b8bdc6b9d2b5b978f61f25c98f6140f7b84
b530cf005c75fe0155bdf66cd34edf5c2bb52298284771c0a77deb54ddffb8a0

HTTP Headers

POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ce503df9e415f06b93509da4e9852537
5b0dd0f8fc0ef36f4263ee91fc709c4872fe248f
aa14818774acc682190d7195afda0d06ad12ed2eeb9494e89a94c4495cd515ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:52:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ce503df9e415f06b93509da4e9852537
5b0dd0f8fc0ef36f4263ee91fc709c4872fe248f
aa14818774acc682190d7195afda0d06ad12ed2eeb9494e89a94c4495cd515ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:27 GMT
Last-Modified: Fri, 23 Sep 2022 11:52:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.6.235

200 OK

31 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.6.235:0
ASN
#198622 Adform A/S

File type
data
Size
31 kB (31369 bytes)
Hash
b7e89ebdac000c13f7b95c4f2a5703a2
2b3c1509fb4f5f1b6e030138d604df61b95d829c
367a67f87627ccf6439c7d60f2c35d7ea0afc16eca5ad7fb237161ee5f023859

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 11:35:31 GMT
etag: W/"64271612f9771203ff18d1de033d1b31"
x-amz-request-id: tx0000000000000b34c3a7f-00632d9f53-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4476
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 13:10:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4476
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 13:10:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10127 bytes)
Hash
b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 54179
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 53919
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8497 bytes)
Hash
7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 53940
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 53941
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7005 bytes)
Hash
1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 55031
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 55325
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-4.png

104.22.30.168

200 OK

786 B

URL HTTP/2
www.megarush.com/img/home-page/coin-2-4.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Size
786 B (786 bytes)
Hash
dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09

HTTP Headers

GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca08b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-3.png

104.22.30.168

200 OK

1.8 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-3.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1807 bytes)
Hash
fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680

HTTP Headers

GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0cb509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-2.png

104.22.30.168

200 OK

2.2 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-2.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2192 bytes)
Hash
c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca

HTTP Headers

GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981249
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0bb509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/mega-jackpots.png

104.22.30.168

200 OK

64 kB

URL HTTP/2
www.megarush.com/img/home-page/mega-jackpots.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Size
64 kB (63747 bytes)
Hash
b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d

HTTP Headers

GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9378553
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca0db509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/benefits/promotions.png

104.22.30.168

200 OK

21 kB

URL HTTP/2
www.megarush.com/img/benefits/promotions.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21005 bytes)
Hash
0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911

HTTP Headers

GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2500310
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da26b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/loader.svg

104.22.30.168

200 OK

3.2 kB

URL HTTP/2
www.megarush.com/img/icons/loader.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.2 kB (3206 bytes)
Hash
535bc36304a1af104a7b0f3587d8cb7d
4f68e524fc182423d81af946eb1309d6133bf90e
a9e2095804e8ec4ae88a08d15b4ef8be3e1d4a438a1599902d02985cf30af8e2

HTTP Headers

GET /img/icons/loader.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34148343
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385472934b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/netent.svg

104.22.30.168

200 OK

12 kB

URL HTTP/2
www.megarush.com/img/icons/netent.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
12 kB (12374 bytes)
Hash
a09c9347907ebf14e94fefcc77abf7ac
47aeaed18d251427a98bacddbe5c607a0e66ebb1
98d85dfcedb2f838e978caf7a193f7974a36c662c1563b00d055733a29645ff6

HTTP Headers

GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9386293
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b878b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/pragmaticPlay.svg

104.22.30.168

200 OK

53 kB

URL HTTP/2
www.megarush.com/img/icons/pragmaticPlay.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
53 kB (52810 bytes)
Hash
325e41ec4657d282833a53a6896fa5c9
1979cd87bde833520f006bcaf688d2a8b029b76c
fa4e586472c72a36055d06eb50b1e3934d70590171616c4994e74d11a0c91e0d

HTTP Headers

GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9217646
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c87db509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-3-1.png

104.22.30.168

200 OK

4.4 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-3-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Size
4.4 kB (4434 bytes)
Hash
3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6

HTTP Headers

GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da24b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/playAndGo.svg

104.22.30.168

200 OK

16 kB

URL HTTP/2
www.megarush.com/img/icons/playAndGo.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
16 kB (15747 bytes)
Hash
1658686c35403a2f71e1cd37331a43f6
92db955ead19fcd65f7e36e2c37a80d42de383ca
0390368c05303186e8943fde23dd5ed0bf294ccd407999956fdb32ba59dc168e

HTTP Headers

GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30923854
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b86cb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mega-clock-badge-new.svg

104.22.30.168

200 OK

13 kB

URL HTTP/2
www.megarush.com/img/icons/mega-clock-badge-new.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (12791 bytes)
Hash
f4717aac33dc317c18745dcd9dec971f
03bb3ef5ce4f380adaba88a66d8c793c33a12ae0
56593608a1c8a741c554f5841e351728b393cb597e4c1aa617a1661da6a70365

HTTP Headers

GET /img/icons/mega-clock-badge-new.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-670"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9374336
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385470908b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/flag-nb-no.svg

104.22.30.168

200 OK

11 kB

URL HTTP/2
www.megarush.com/img/icons/flag-nb-no.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
11 kB (11154 bytes)
Hash
edfe358b3f9194d5ec456dcb8a8c402e
b2cc6d026b09f0a0a1ad9a0d90a8aeda370176f7
3ee0a62c33eb2ae4b55482fcb89d344e065322c98a3d7a03c3098cec974dd01e

HTTP Headers

GET /img/icons/flag-nb-no.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-441"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385471917b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/games--flat.svg

104.22.30.168

200 OK

5.0 kB

URL HTTP/2
www.megarush.com/img/icons/games--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.0 kB (4968 bytes)
Hash
32bf2455f45ef42921b90155b679f147
1bfa1fbd700bd262b009c94662bc64961fdd1c33
544add712908c1d301535bed3e1bf3b1fb0644c8d82529088223710842ede605

HTTP Headers

GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a7b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/promotions--updated.svg

104.22.30.168

200 OK

36 kB

URL HTTP/2
www.megarush.com/img/icons/promotions--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
36 kB (36496 bytes)
Hash
1af420203b463b37280ec62d57fd5d2e
8d3ff7cd0b56668836aa81c2a11e4babeea6d83d
9d1014766a7f0a21483065627b498d6db6a400c7fa69b22c0f8099426c200d11

HTTP Headers

GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c89db509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--yellow.svg

104.22.30.168

200 OK

76 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--yellow.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
76 kB (76541 bytes)
Hash
13f6352c0bb8f3239b920f7d82a2ac02
723c47e08dc0192c9299fcc67a5bf93a287d243a
8e5ea4b5d4a2ba4339ce0e69e2a8dba913061afa38b9fc38aa34eeea910eafd5

HTTP Headers

GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17874322
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c889b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-1-1.png

104.22.30.168

200 OK

4.3 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-1-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4257 bytes)
Hash
214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0

HTTP Headers

GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547ca12b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/coin-2-1.png

104.22.30.168

200 OK

3.5 kB

URL HTTP/2
www.megarush.com/img/home-page/coin-2-1.png
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3452 bytes)
Hash
09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376

HTTP Headers

GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30924023
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547da21b509-OSL
X-Firefox-Spdy: h2

www.megarush.com/service-worker.js

104.22.30.168

200 OK

63 kB

URL HTTP/2
www.megarush.com/service-worker.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
63 kB (63142 bytes)
Hash
f41446a8d09f340cfe2d696ec4442631
e47455b2652729e4aadaa77c0592009f1b0ad74d
cf0ead91af1927c5c7abae1e9734351137c5170fa8cde251c9baa05c980e5e53

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
etag: W/"6321ea87-64d2"
expires: Fri, 23 Sep 2022 13:10:56 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38541e9dfb509-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/live-casino--flat.svg

104.22.30.168

200 OK

35 kB

URL HTTP/2
www.megarush.com/img/icons/live-casino--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
35 kB (35028 bytes)
Hash
89a16fc59d52d93d6005f135f36fa55e
268927fbec4fdbe9d632b3f44fbce3cdff7d7b62
55ee6ce06e5a349337675d5a00c75b331230fd4496aa75390533ef2e43ad580c

HTTP Headers

GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8aab509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f385481995b512-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/icons/megaclub--updated.svg

104.22.30.168

200 OK

85 kB

URL HTTP/2
www.megarush.com/img/icons/megaclub--updated.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
85 kB (84905 bytes)
Hash
7ae50e4cf79378d86ba33a8855dc8c23
09548596277938bb5db3b0a5934a33fa93d737f4
6fc1595fff79bbecb78eb6ca7f74be02c823e06b6a6af94df70388359310a68a

HTTP Headers

GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9386601
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c899b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

104.18.38.157

200 OK

2 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=84435ba6ff2e970bed5e8ee5e9658cb9; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548199bb512-OSL
X-Firefox-Spdy: h2

www.megarush.com/video/arcade-game.webm

104.22.30.168

206 Partial Content

61 kB

URL HTTP/2
www.megarush.com/video/arcade-game.webm
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
61 kB (61172 bytes)
Hash
9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a

HTTP Headers

GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=0-
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: video/webm
content-length: 61172
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
etag: "6321ea87-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoMD12MtsEO6jAAqBbOXAg==; expires=Sun, 23-Oct-22 13:10:27 GMT; domain=$host; path=/
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a73b509-OSL
X-Firefox-Spdy: h2

megalotto-static.gigmagic.io/games/no_NO.json

104.18.38.157

200 OK

714 kB

URL HTTP/2
megalotto-static.gigmagic.io/games/no_NO.json
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
714 kB (714008 bytes)
Hash
2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9

HTTP Headers

GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38547b91db512-OSL
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css

151.101.86.249

200 OK

3.5 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.831fa035.css
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (23516), with no line terminators
Size
3.5 kB (3509 bytes)
Hash
9d04a5c053836e9cdaaed792e0e6a744
95a0d88c66706407a87daf0b82296ef68ea01444
7977dfdb15f2ab9ea2d9c3822a180b63428e43b5d199617d7a4d3e5fa741341c

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.831fa035.css HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3509
Last-Modified: Mon, 25 Jul 2022 10:32:22 GMT
ETag: "9d04a5c053836e9cdaaed792e0e6a744"
x-goog-generation: 1658745142507438
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3509
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 5193273
X-Served-By: cache-chi-kigq8000063-CHI, cache-bma1652-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 28856
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/img/icons/gamblersanonymous.svg

104.22.30.168

200 OK

5.8 kB

URL HTTP/2
www.megarush.com/img/icons/gamblersanonymous.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.8 kB (5751 bytes)
Hash
f379876e457069d7da3fd78882d817c4
ca35b958dc11580245dc812be8b3a3dc44909bf5
956fa0afb55fecaf76e612f26e6edc7255fcb660ecdef8909602d820917e3c87

HTTP Headers

GET /img/icons/gamblersanonymous.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981824
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547292bb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js

151.101.86.249

200 OK

216 kB

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
216 kB (216461 bytes)
Hash
7e2514e9bc34d8a3de8cad16b3583170
49e70f24621b8939352c100f2ab2285c25e0413f
8507f3301310702977f9f1a095b99cbf0d6f5c0d47f5a56514fe579e72cb16e1

HTTP Headers

GET /cdn/build/embed-legacy/vendor~embed-legacy.06602b89.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 216461
Last-Modified: Wed, 14 Sep 2022 19:13:16 GMT
ETag: "7e2514e9bc34d8a3de8cad16b3583170"
x-goog-generation: 1663182795945010
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 216461
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 755637
X-Served-By: cache-chi-klot8100084-CHI, cache-bma1651-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 25
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/img/logo.4c52d90d.svg

104.22.30.168

200 OK

1.4 kB

URL HTTP/2
www.megarush.com/img/logo.4c52d90d.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1446 bytes)
Hash
d9420d819a189a7cd867da4bd58949d2
b080b447feddeef01761256399dfd4249f109a71
65eaa4431c4fe37c752f479798c691c543f79577d720227f9e5641d66923b6ca

HTTP Headers

GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a61b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/menu.svg

104.22.30.168

200 OK

86 kB

URL HTTP/2
www.megarush.com/img/icons/menu.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
86 kB (86074 bytes)
Hash
4cba0f9c8b714332715f0ebb3c72eb8b
d656cba81a9f0e98c60cfa7e78db4fe395c0c751
3194b86022976f02d78bfc4e7abeb8fc5b5ae8111db113f7ce6cbb93dd7778f4

HTTP Headers

GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16156209
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546e8c0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.6.245

200 OK

389 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.6.245:0
ASN
#198622 Adform A/S

File type
ASCII text, with CRLF line terminators
Size
389 B (389 bytes)
Hash
68c2489183f83276ffada49b94ccbb92
18e43a9155f72165eaff104232a4231b997b381c
5286b95c7d226bb69fea6bd69dc7f5a3c23eafc39cd586d5fedc0f8ff4abc646

HTTP Headers

GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=|&ord=797967477555&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_6A7A17509E33454586ADA7239FD96877&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
184ba5cf30a4d40cfaedd8c4b922e433
4b4d2af4ad8d5db5480f16f34be2bc8df42ee9b4
86b81ef0cf34fd7bbab2698e65e7786a9441449a70bb2c5bf74d7573344adb81

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86B81EF0CF34FD7BBAB2698E65E7786A9441449A70BB2C5BF74D7573344ADB81"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10567
Expires: Fri, 23 Sep 2022 16:06:35 GMT
Date: Fri, 23 Sep 2022 13:10:28 GMT
Connection: keep-alive

www.megarush.com/img/icons/promotions--flat.svg

104.22.30.168

200 OK

3.0 kB

URL HTTP/2
www.megarush.com/img/icons/promotions--flat.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6296)
Size
3.0 kB (2979 bytes)
Hash
fcdefcfa2b218d58516ca0a42c60d9c6
eacf1e9a2e5e17db604b279c82b082c7c48dda03
ad16ee57876cfc48b5095e194e231d68b4e91d2a426a2250204671d233bbd3e5

HTTP Headers

GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17874322
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8abb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2

151.101.86.248

200 OK

90 kB

URL HTTP/1.1
encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
IP
151.101.86.248:0
ASN
#54113 FASTLY

File type
data
Size
90 kB (89536 bytes)
Hash
fe1cfc14b7498b187c78fa72fb72d148
6bec8ce832951162e0ebc4b257e3ee850fe7aade
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

HTTP Headers

GET /fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2 HTTP/1.1
Host: encore.scdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open.spotify.com
Connection: keep-alive
Referer: https://open.spotifycdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 89536
Last-Modified: Fri, 13 May 2022 11:38:50 GMT
ETag: W/"216b12b5a9657850b1b324e158454f8e"
x-goog-generation: 1652441930609707
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 89529
Content-Type: font/woff2
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:29 GMT
Age: 1016649
X-Served-By: cache-chi-klot8100054-CHI, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 22
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000

megalotto-static.gigmagic.io/video/header-video-720p.webm

104.18.38.157

206 Partial Content

1.3 MB

URL HTTP/2
megalotto-static.gigmagic.io/video/header-video-720p.webm
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.3 MB (1336865 bytes)
Hash
63177b286fe4cb8a5431377710ad3715
e762daea246c011e634a226f6062a9a27a344f80
ef3410a95d2b7bea43ca9dffb3e26c92db871a1ab9c2600dedf40847050cf817

HTTP Headers

GET /video/header-video-720p.webm HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=0-
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: video/webm
content-length: 1336865
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 27 Oct 2021 09:33:10 GMT
etag: "63177b286fe4cb8a5431377710ad3715"
cache-control: public, max-age=14400
cf-cache-status: MISS
expires: Fri, 23 Sep 2022 17:10:28 GMT
content-range: bytes 0-1336864/1336865
server: cloudflare
cf-ray: 74f3854c9f93b512-OSL
X-Firefox-Spdy: h2

www.megarush.com/img/iso.fc5b238b.svg

104.22.30.168

200 OK

131 kB

URL HTTP/2
www.megarush.com/img/iso.fc5b238b.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
131 kB (131312 bytes)
Hash
405dee136f0f3a490f646260357c5ec7
f1c290511a42e34b808e92273c4ef6dc590b0bd0
c03e64a1717e18d38b24f21a281ed2a826b19b428ea859cad2099e64eb238c5b

HTTP Headers

GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f385480a5fb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:28 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

0 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-origin: https://open.spotify.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-headers: Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-max-age: 604800
vary: Accept-Encoding
date: Fri, 23 Sep 2022 13:10:29 GMT
server: envoy
content-length: 0
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2315f101e247a531982a3f242c2612d7
3dab010d197db4e34c521566396319eb674b3adf
598fedca6c00f57e82a9a7dd70c38068bad187c6edb9a68236d98de6a4318b6f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 13:10:29 GMT
Last-Modified: Fri, 23 Sep 2022 12:05:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js

54.230.111.4

200 OK

271 B

URL HTTP/2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP
54.230.111.4:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
271 B (271 bytes)
Hash
34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23

HTTP Headers

GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 23 Sep 2022 12:32:16 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ur3w-GNVrh04FFvvG08843QgZDy4oJGMvF3i7unfVTf28oYZES65lQ==
age: 2294
X-Firefox-Spdy: h2

graphql.datocms.com/

104.22.3.238

200 OK

769 B

URL HTTP/2
graphql.datocms.com/
IP
104.22.3.238:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
769 B (769 bytes)
Hash
88d1ea4e93e444f57620250237811eac
ba804c5cf136145fceb8372ede8052437ce250a5
0ce3e6ae8e8c2b7c92255e6518504ab3af90c2f866dada9ddfc0b38109bd4ed7

HTTP Headers

POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
authorization: Bearer 35d777e787abbc619166a62135c433
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: application/json; charset=utf-8
cf-ray: 74f3854d4e3cb4fa-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 1501836
cache-control: no-store
content-encoding: gzip
etag: W/"ecbfaf9fbc81080cc951cc7e2c371cf6"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 112
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 2ms
x-request-id: 25abc3a9-72d7-44b4-b4db-24870cb86aac
x-runtime: 0.085895
x-served-by: cache-dub4336-DUB, cache-bma1668-BMA
x-timer: S1663938629.700799,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

pxl.qccerttest.com/pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl=

143.204.55.93

200 OK

35 B

URL HTTP/2
pxl.qccerttest.com/pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl=
IP
143.204.55.93:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel?r=498090543;fpan=1;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628598;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 01:48:49 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HfmBVD6ZvhhiHfJPCQOwIRGxPQ7EjxSH1Zg3ulvswbHbudpRpBZ5Bg==
age: 40900
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 846
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Fri, 23 Sep 2022 13:10:29 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
184ba5cf30a4d40cfaedd8c4b922e433
4b4d2af4ad8d5db5480f16f34be2bc8df42ee9b4
86b81ef0cf34fd7bbab2698e65e7786a9441449a70bb2c5bf74d7573344adb81

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86B81EF0CF34FD7BBAB2698E65E7786A9441449A70BB2C5BF74D7573344ADB81"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10566
Expires: Fri, 23 Sep 2022 16:06:35 GMT
Date: Fri, 23 Sep 2022 13:10:29 GMT
Connection: keep-alive

gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events

35.186.224.17

200 OK

39 B

URL HTTP/2
gew4-spclient.spotify.com/gabo-receiver-service/public/v3/events
IP
35.186.224.17:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
f204785b49c504e43101096fd3a80e31
e92466090f918c8f9c11268c9d0027fe269a90b6
873696e689e27bcfa5259ade21ceefea69203ec493901b0f4634b4f255981b29

HTTP Headers

POST /gabo-receiver-service/public/v3/events HTTP/1.1
Host: gew4-spclient.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
content-type: application/json
Origin: https://open.spotify.com
Content-Length: 697
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: private, max-age=0
access-control-allow-origin: https://open.spotify.com
content-encoding: gzip
content-length: 39
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-credentials: true
date: Fri, 23 Sep 2022 13:10:28 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pixel.quantserve.com/pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e

91.228.74.159

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e
IP
91.228.74.159:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1096803650;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1163477089%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_6A7A17509E33454586ADA7239FD96877;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-1996851464-1663938628598;pbc=;ns=1;ce=0;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663938628600;tzo=0;ogl=;ses=f0f8afb0-e257-4a91-bc6d-fcdb5d2ed03e HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=632db045-63d46-f14e8-7be1e; expires=Tue, 24-Oct-2023 13:10:29 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1

35.188.42.15

200 OK

2 B

URL HTTP/1.1
sentry.io/api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/265628/envelope/?sentry_key=db1eaaeafb9044828c39cd41f9805164&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.12.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://open.spotify.com
Content-Length: 427
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Sep 2022 13:10:29 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

apresolve.spotify.com/?type=dealer&type=spclient

34.98.74.57

200 OK

110 B

URL HTTP/2
apresolve.spotify.com/?type=dealer&type=spclient
IP
34.98.74.57:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
1dd6c1ca39ff7f62f6f5dd73cbb69e60
007b03249980c5f5037713c49f2ffe5c34b8ca30
0bbfb9e870bc8a77808b5cec871a59121e1d81788b4b4beebc422729b5ae88f0

HTTP Headers

GET /?type=dealer&type=spclient HTTP/1.1
Host: apresolve.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
access-control-allow-origin: *
content-encoding: gzip
content-length: 110
date: Fri, 23 Sep 2022 13:10:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.megarush.com/img/icons/help-round.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/help-round.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/help-round.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-5e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a2b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/payments.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/payments.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/payments.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-429"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8a0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/index.3e5fca25e481a764411c.css

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/index.3e5fca25e481a764411c.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /index.3e5fca25e481a764411c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228335
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-37bef"
expires: Thu, 22 Sep 2022 07:48:59 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4787
server: cloudflare
cf-ray: 74f3853efdd2b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/html
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-64c858bd68-k8xcf; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f3853e7d32b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/base.css

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/base.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-f49"
expires: Tue, 20 Sep 2022 19:46:31 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4595
server: cloudflare
cf-ray: 74f3853efdcfb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/js/chunk-vendors.25e1a372.js

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/js/chunk-vendors.25e1a372.js
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/chunk-vendors.25e1a372.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-4f9e5"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4835
server: cloudflare
cf-ray: 74f3853efdd6b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/askgamblers.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/askgamblers.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/askgamblers.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-126e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9380855
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547292eb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

302 Found

0 B

URL HTTP/2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; path=/; expires=Sat, 23 Sep 2023 13:10:27 GMT; domain=.spotify.com; samesite=none; secure
sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D9ce28f1cd52745bbca5569dd71992a29%26device%3Ddesktop; path=/; expires=Sat, 24 Sep 2022 13:10:27 GMT; domain=.spotify.com; samesite=none; secure; httponly
location: /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
sp-trace-id: b0e7a4b301c4340e
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.59a73b6c.js

151.101.86.249

200 OK

0 B

URL HTTP/1.1
open.spotifycdn.com/cdn/build/embed-legacy/embed-legacy.59a73b6c.js
IP
151.101.86.249:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/build/embed-legacy/embed-legacy.59a73b6c.js HTTP/1.1
Host: open.spotifycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://open.spotify.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 128674
Last-Modified: Fri, 23 Sep 2022 11:58:21 GMT
ETag: "5c272ccdb2297b987f4c9c5f71965186"
x-goog-generation: 1663934301457174
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 128674
Content-Type: application/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 13:10:28 GMT
Age: 4072
X-Served-By: cache-chi-klot8100093-CHI, cache-bma1641-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 107
Access-Control-Allow-Origin: https://open.spotify.com
Cache-Control: public, max-age=31536000

www.megarush.com/img/icons/search.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/search.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546d8adb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/mastercard--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/mastercard--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 34149450
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546e8ceb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/casino--side-nav.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/casino--side-nav.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 17897048
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546c885b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/promotions/filter

104.18.38.157

200 OK

0 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 47
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632db04107664647bdc1a0bf
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:28 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548ca81b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

megalotto-api.gigmagic.io/igc/megalotto/games/jackpots

104.18.38.157

200 OK

0 B

URL HTTP/2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP
104.18.38.157:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 18
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 632db04107664647bdc1a0bf
Origin: https://www.megarush.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://www.megarush.com/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e8d38d9e2f4bff42070aa24ad805cc68=36088c472fd69b330ef5d75dbf85bf64; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f38548ba59b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.159

200 OK

0 B

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Fri, 30 Sep 2022 13:10:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.megarush.com/chunk-vendors.76e8e4d0.css

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/chunk-vendors.76e8e4d0.css
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:26 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"6321ea87-5f3"
expires: Tue, 20 Sep 2022 07:45:04 GMT
last-modified: Wed, 14 Sep 2022 14:51:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4835
server: cloudflare
cf-ray: 74f3853efdd0b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/home-page/glows/purple.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/home-page/glows/purple.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/home-page/glows/purple.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Referer: https://www.megarush.com/index.3e5fca25e481a764411c.css
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-261"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981248
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38547fa43b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi

35.186.224.25

200 OK

0 B

URL HTTP/2
open.spotify.com/embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed-legacy/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed%2Fplaylist%2F2ucixR5s50chGr0o0pm4Pi%3Fsp_cid%3D9ce28f1cd52745bbca5569dd71992a29%26device%3Ddesktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
set-cookie: sp_t=9ce28f1cd52745bbca5569dd71992a29; path=/; expires=Sat, 23 Sep 2023 13:10:27 GMT; domain=.spotify.com; samesite=none; secure
content-encoding: gzip
sp-trace-id: b62fb3e1efe7695d
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877

37.157.6.245

200 OK

0 B

URL HTTP/2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877
IP
37.157.6.245:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1163477089&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_6A7A17509E33454586ADA7239FD96877 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 13:10:29 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.megarush.com/img/icons/jeton--white.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/jeton--white.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/jeton--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1f4b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 9385012
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546f8ddb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.megarush.com/img/icons/relaxGaming.svg

104.22.30.168

200 OK

0 B

URL HTTP/2
www.megarush.com/img/icons/relaxGaming.svg
IP
104.22.30.168:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_6A7A17509E33454586ADA7239FD96877
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-64c858bd68-k8xcf; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=e09197344bb0829a85350970301cd6b2; _ga=GA1.2.1324893033.1663938626; _gid=GA1.2.80483623.1663938626; _gat_UA-143790984-2=1; btag=656126_6A7A17509E33454586ADA7239FD96877
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 13:10:27 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6981249
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f38546b870b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations