tele2022.online/br/bx/chest/
79.98.26.18302 Found 0 B URL HTTP/1.1 tele2022.online/br/bx/chest/
IP 79.98.26.18:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /br/bx/chest/ HTTP/1.1
Host: tele2022.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 12 Sep 2022 21:58:37 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ag2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 21:08:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Dx927sVieMPy7b9fTLr1yYv7PaC3OsFcmQwrJpSSqg6lIMPfHFR69A==
Age: 3016
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10184
Expires: Tue, 13 Sep 2022 00:48:21 GMT
Date: Mon, 12 Sep 2022 21:58:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XZcT9LkpJR8mnIUy99jIAFEzcrpKTTSYZ-N2beM-bm0K89l5M1crvw==
age: 52885
X-Firefox-Spdy: h2
whampamp.com/4/5087048?var=ag2
139.45.197.236200 OK 2.9 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ag2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Hash a8017c0e3c31cfdd52ebaed4b70abe8b
1025f7cddedb237cb1d89b5dc37b98164adf3274
e1f073c591e4dacbdc75d2657e92451fa588815891bb79ebad83473a78739db4
GET /4/5087048?var=ag2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 21:58:38 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b553f3b9df96de4a41a9eafb264701c2
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1d0b3bbbda47493f8894597fe9aa538e; expires=Tue, 12 Sep 2023 21:58:38 GMT; path=/
oaidts=1663019918; expires=Tue, 12 Sep 2023 21:58:38 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 21:58:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=245801,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749be7d90e130b02-OSL
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/4/5087048?var=ag2
Cookie: OAID=1d0b3bbbda47493f8894597fe9aa538e; oaidts=1663019918
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 12 Sep 2022 21:58:38 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=1d0b3bbbda47493f8894597fe9aa538e
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=1d0b3bbbda47493f8894597fe9aa538e
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=1d0b3bbbda47493f8894597fe9aa538e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://whampamp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1d0b3bbbda47493f8894597fe9aa538e; expires=Tue, 12 Sep 2023 21:58:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whampamp.com/?z=5087048&syncedCookie=true&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=true&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1d0b3bbbda47493f8894597fe9aa538e; oaidts=1663019918
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 12 Sep 2022 21:58:38 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 4dcb63b1beffb249dd63a3ec381a0df8
Link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593311139698586078&subid1=5087048&cost=0.000473&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1d0b3bbbda47493f8894597fe9aa538e; expires=Tue, 12 Sep 2023 21:58:38 GMT; path=/
oaidts=1663019918; expires=Tue, 12 Sep 2023 21:58:38 GMT; path=/
syncedCookie=true; expires=Mon, 19 Sep 2022 21:58:38 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5f69b3d44c5da67ed0ae74f40f22e2d9
331ee23579d1d97ae703f57c5d9a55e3c013e8c8
1a83fea4e8063a8e472809cf80aeff52276fc1d09097bea6a1e3eadcff3a36ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A83FEA4E8063A8E472809CF80AEFF52276FC1D09097BEA6A1E3EADCFF3A36ED"
Last-Modified: Sun, 11 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8806
Expires: Tue, 13 Sep 2022 00:25:24 GMT
Date: Mon, 12 Sep 2022 21:58:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 21:56:07 GMT
Expires: Mon, 12 Sep 2022 22:37:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5qm3Ax3V9T7Tm8NDxuDWbpz-VYw0kJVxqZk4HVa2wxlh1eoCdvXqsQ==
Age: 151
eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593311139698586078&subid1=5087048&cost=0.000473&rdk=rk3
157.90.33.79302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593311139698586078&subid1=5087048&cost=0.000473&rdk=rk3
IP 157.90.33.79:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwslwlvdta&hash=ea249b91a8a738ab&ext_req_id=593311139698586078&subid1=5087048&cost=0.000473&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 12 Sep 2022 21:58:38 GMT
content-length: 0
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
set-cookie: rauid=3gGmVrxsT22iRpEsaIfjSg; expires=Tue, 12 Sep 2023 21:58:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/PU_NO_RA_CS_DT_MEGARUSH?source=644665&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 12 Sep 2022 21:58:38 GMT
Content-Length: 0
Location: https://media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
Via: 1.1 google
media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
95.101.10.147301 Moved Permanently 0 B URL HTTP/2 media.megarushaffiliates.com/redirect.aspx?pid=6426&bid=1575
IP 95.101.10.147:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=6426&bid=1575 HTTP/1.1
Host: media.megarushaffiliates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 12 Sep 2022 21:58:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 12 Sep 2022 21:58:38 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a6426%2c%22BID%22%3a1575%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663019918759)%5c%2f%22%2c%22CookieTag%22%3a%2215756426451240919C20229122158%22%7d%5d; SameSite=None;; domain=.megarushaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%224333781%7c1%22%7d%5d; domain=.megarushaffiliates.com; expires=Wed, 12-Sep-3021 21:58:38 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=36
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4428
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 21:58:38 GMT
Last-Modified: Mon, 12 Sep 2022 20:44:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.megarush.com/fonts/Inter-ExtraBold.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-ExtraBold.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10484, version 3.1245\012- data
Hash d23da8f3e4e37a17c1d3ed7a1a11d429
9dda69da77b703d438db74468375685f6983625d
a936dafc61b666c42182807bb1c5e564ec73c07f8b6fb7352d15090db9165a7c
GET /fonts/Inter-ExtraBold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: font/woff2
content-length: 10484
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-28f4"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1879
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7dd2e57b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Bold.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Bold.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10508, version 3.1245\012- data
Hash a2517956b299e0c02bfc2a92eb05f623
ae4c129ebfe3aec739aac5662d2ef9fcaa4d80db
412a6a99c5283c71838322a7f25e7a0bc4dd324e013f88a202b56af736b13d37
GET /fonts/Inter-Bold.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: font/woff2
content-length: 10508
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-290c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1879
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7dd2e60b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/Inter-Regular.woff2
172.67.22.147200 OK 10 kB URL HTTP/2 www.megarush.com/fonts/Inter-Regular.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 10108, version 3.1245\012- data
Hash 5ec57a5a91c67095e4a7e91ac375ffb1
23b60d1dd6790eeeb11e3c90d1f75c16d1db60d9
9b3f3dc1e7ce0a5a28f768d6d84d4174ffe56384db534daccc47321dea379ed5
GET /fonts/Inter-Regular.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: font/woff2
content-length: 10108
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-277c"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1879
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7dd2e64b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/fonts/DS-Digital.woff2
172.67.22.147200 OK 776 B URL HTTP/2 www.megarush.com/fonts/DS-Digital.woff2
IP 172.67.22.147:0
File type Web Open Font Format (Version 2), TrueType, length 776, version 1.0\012- data
Hash 789f060683abdb5574a93bf59c7dd2e2
17b677d648dfdc9e290a25e8c137ebb0448c069b
375c5411d43daa0ccc1234d8bf20effba17a231408ab44fa17c96b2f9a995248
GET /fonts/DS-Digital.woff2 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: font/woff2
content-length: 776
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-308"
access-control-allow-origin: *
cache-control: max-age=7200
cf-cache-status: HIT
age: 1856
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7dd2e6bb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/chunk-vendors.76e8e4d0.css
172.67.22.147200 OK 1.0 kB URL HTTP/2 www.megarush.com/chunk-vendors.76e8e4d0.css
IP 172.67.22.147:0
Hash f70cd86b05b8cf6ddf1cc8d9216ddbf1
ffd98e45940b3e153ffd7fda4c1081a77adb9849
d7764356c2850e8d13070773784ee6710c5b9da0f330ea037f72a9f2db091ed5
GET /chunk-vendors.76e8e4d0.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1523
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-5f3"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4396
server: cloudflare
cf-ray: 749be7dd2e74b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
142.250.74.72200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K4GPX49
IP 142.250.74.72:0
File type ASCII text, with very long lines (24751)
Hash 8a28956462348f29d5a2526b53647a3f
37840f3cdb7645a5def89e5b850c7d89eabf1d5f
8ac2fec238dcee0d5b2b8ad11f41723c03310d8c4851325544fe6c03fae0e3df
GET /gtm.js?id=GTM-K4GPX49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 21:58:39 GMT
expires: Mon, 12 Sep 2022 21:58:39 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50482
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.megarush.com/index.30053c2cd5717880348c.css
172.67.22.147200 OK 34 kB URL HTTP/2 www.megarush.com/index.30053c2cd5717880348c.css
IP 172.67.22.147:0
Hash 83477ec13fa19a5c84f0f880c3f45efe
f9226d03a40a7d522ab221a2edcc87f83718587e
c05d23ba3a87d95c1367b7f0708dcda057d25612f31133ad853db0b471bd7151
GET /index.30053c2cd5717880348c.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=228336
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-37bf0"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4396
server: cloudflare
cf-ray: 749be7dd2e76b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FCJuVyzI+Rbg0mrrqNjVXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xtc6g2Fop80u/B+5auJjC4PjYgQ=
www.megarush.com/favicons/favicon-16x16.png
172.67.22.147200 OK 437 B URL HTTP/2 www.megarush.com/favicons/favicon-16x16.png
IP 172.67.22.147:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 914b291e561aafc860f86bc23c4065f1
b47bda2b8d530bbaead0fbcba219ac18247d1410
08f8a35ac0dda8a81618b381bfc0747ac80e022c0ff44dcb4d8d153dad724b45
GET /favicons/favicon-16x16.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 437
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-1b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6063503
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7dfd96fb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/js/index.f6004837.js
172.67.22.147200 OK 295 kB URL HTTP/2 www.megarush.com/js/index.f6004837.js
IP 172.67.22.147:0
Size 295 kB (295350 bytes)
Hash aa81a3ed37d9febcdcd398ad6c711470
2f7f02464ee7536c017fb45e6bc7e452492832de
92ac61423b02fc4898602b942cc327c5e5fc3eb00b4540ee1ada245471cb7008
GET /js/index.f6004837.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-160eb4"
expires: Sun, 11 Sep 2022 11:14:38 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4396
server: cloudflare
cf-ray: 749be7dd2e7eb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/js/chunk-vendors.8490e2f1.js
172.67.22.147200 OK 122 kB URL HTTP/2 www.megarush.com/js/chunk-vendors.8490e2f1.js
IP 172.67.22.147:0
Size 122 kB (122118 bytes)
Hash 3e2800dbca0c43e9c660bd8f3100a680
97aa4d28db891f73330682f8632404c7b051ef58
7da759c64b66e129cbef4b64ce36caf524df2c0c8294c0bb3dea5f7258697d8a
GET /js/chunk-vendors.8490e2f1.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=326117
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-4f9e5"
expires: Sun, 11 Sep 2022 11:14:38 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4396
server: cloudflare
cf-ray: 749be7dd2e7bb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1700b2f343795258bd1a1d66bea85d54
8ef4a1ed0aba96bc7b9223a0edfe5eddc68bce40
768bd4dc88aa066af64e09fa2945f8f75c6204ae6309f7f1cf996b10f95edcd0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "768BD4DC88AA066AF64E09FA2945F8F75C6204AE6309F7F1CF996B10F95EDCD0"
Last-Modified: Sat, 10 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10118
Expires: Tue, 13 Sep 2022 00:47:17 GMT
Date: Mon, 12 Sep 2022 21:58:39 GMT
Connection: keep-alive
megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=631fab82d506f26ea3e80986
104.18.38.157101 Switching Protocols 0 B URL HTTP/1.1 megalotto-api.gigmagic.io/v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=631fab82d506f26ea3e80986
IP 104.18.38.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2?key=5c7e3e9c1c62609cee83f960&isDesktopDevice=true&sid=631fab82d506f26ea3e80986 HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.megarush.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hgFljimwRtBo8NLdrgnCWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 12 Sep 2022 21:58:39 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 8tad7Y8BlRIof6YAfA6P7bwUpas=
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=37cd76cd7b4434682f3f2d1b20ad6cb2; path=/; HttpOnly; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749be7e02afeb50b-OSL
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1700b2f343795258bd1a1d66bea85d54
8ef4a1ed0aba96bc7b9223a0edfe5eddc68bce40
768bd4dc88aa066af64e09fa2945f8f75c6204ae6309f7f1cf996b10f95edcd0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "768BD4DC88AA066AF64E09FA2945F8F75C6204AE6309F7F1CF996B10F95EDCD0"
Last-Modified: Sat, 10 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10118
Expires: Tue, 13 Sep 2022 00:47:17 GMT
Date: Mon, 12 Sep 2022 21:58:39 GMT
Connection: keep-alive
megalotto-static.gigmagic.io/translations/no.json
104.18.38.157200 OK 75 kB URL HTTP/2 megalotto-static.gigmagic.io/translations/no.json
IP 104.18.38.157:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65298), with no line terminators
Hash c65c57dc0700025bf90a1adde1aff75b
32292b13109ae3c175acc85eb5c042e3433f2cbb
4063d90c64b9268398cff98e82b3b3b825d7dede0f4572000134d9d163feda84
GET /translations/no.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: application/json; charset=utf-8
content-length: 75078
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 08 Sep 2022 13:34:10 GMT
etag: "c65c57dc0700025bf90a1adde1aff75b"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=1b3a24f4123fe071faad6589460b775b; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e0d9151c06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 98985a693a5b14d66dfc0cd0606da6e8
5927a9eb56b6afd19a2daabafef67f144a4ee180
0da4e1b6c1acf17050116b36fa4eccfac2b4e3aab487c4bf34e9bc7f27284853
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 21:58:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 20:41:12 GMT
expires: Mon, 12 Sep 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 4647
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 056408ac2b9ef4e1962ef2c200052e0c
bdab943160cb86bc1b50cfb20e3dab253c701d31
162c44e93beb69a7964d139520b8cfa2a7fc5864e04ccb4a866e1915361303af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 21:58:39 GMT
Last-Modified: Mon, 12 Sep 2022 20:15:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 63 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash 5236e609e3c53efc1950e159bd75152a
ffc06f27aece0dea5a822deb1bbd5924f57ea454
92efe0c78c6fb028844d7ea839d2223d1bbf579fda99f8ba156d876c69a18a14
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdutxanKQsh-g3w0noRY_15OPyS-t-GSBXw_oxqR-wzG58bpix_kUNeamN9Y-Mgnj2GzrTpvtvjpbPFOj_fnK8ihUw
x-goog-generation: 1661954446968697
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 62596
content-encoding: br
x-goog-hash: crc32c=uai+sA==, md5=UjbmCePFPvwZUOFZvXUVKg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 62596
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 12 Sep 2022 21:25:59 GMT
expires: Mon, 12 Sep 2022 22:25:59 GMT
cache-control: public, max-age=3600,no-transform
age: 1960
last-modified: Wed, 31 Aug 2022 14:00:47 GMT
etag: "5236e609e3c53efc1950e159bd75152a"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/safeframe
104.21.39.149200 OK 1.2 kB URL HTTP/2 scripts.mediamathrdrt.com/safeframe
IP 104.21.39.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 16ce364aed629033d2c72bf560eb470e
1ebdbc17dcbe2c94d95ca35d7f1121911ba32b98
0e876080c60ecfe96c47b7a33a3d041fac58ce32e66be0f9af6f8f0a14f944d8
GET /safeframe HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d07c6785-b537-478e-b261-952f82a67e89
x-download-options: noopen
x-runtime: 0.002556
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R) 6.0.10
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQmIOpbmrThI%2BKCyIdkyUyt0eVnovGA3kpyuk075CJhkM4AsRU1HSdhh%2B0mvMCRF4UaIDNCIFAUDV8jNPXjNG9YCC2F9RjtMdWQl%2BthfW9Nikq43axu%2BCvUJGn7zY01Rhos3aJbP8XwEw71h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749be7e13abbb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nGJjDlG2mg8
IP 142.250.74.3:0
Hash 98985a693a5b14d66dfc0cd0606da6e8
5927a9eb56b6afd19a2daabafef67f144a4ee180
0da4e1b6c1acf17050116b36fa4eccfac2b4e3aab487c4bf34e9bc7f27284853
POST /s/gts1d4/nGJjDlG2mg8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 21:58:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.megarush.com/img/home-page/coin-3-2.png
172.67.22.147200 OK 2.2 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-2.png
IP 172.67.22.147:0
File type PNG image data, 89 x 83, 8-bit colormap, non-interlaced\012- data
Hash c90348c562ec643acfbdf36d973d8326
90c07f0c13fd06f043d36c223eb9afaa34abdf7c
68cf52e8ce0267c83f6bac7a67944d9b4fe37c74999eed858cde51705a148aca
GET /img/home-page/coin-3-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 2192
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-890"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6062541
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e32cadb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-3.png
172.67.22.147200 OK 1.8 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-3.png
IP 172.67.22.147:0
File type PNG image data, 64 x 71, 8-bit colormap, non-interlaced\012- data
Hash fbdad22b02cf9a7a23c2f0553b1459e7
b64101b18924eba076f35318cce3e8a8bdec28b0
7aab4f9003ad7bd6b60fc361b6f2a0d2ddda28b35ea8ef6b0eff0f9a2cb81680
GET /img/home-page/coin-3-3.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 1807
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8466304
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e32cafb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-4.png
172.67.22.147200 OK 786 B URL HTTP/2 www.megarush.com/img/home-page/coin-2-4.png
IP 172.67.22.147:0
File type PNG image data, 29 x 33, 8-bit colormap, non-interlaced\012- data
Hash dca8df1b0d982ac3fbbc6c0b506cc0f2
392422815633ebaf9eef022677f0b73e1352ae66
a027ddd9187b5d6a7a537aada497af6ebfca00c2a9f50e7950aaf6ad599b0b09
GET /img/home-page/coin-2-4.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 786
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-312"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e32ca9b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-1-1.png
172.67.22.147200 OK 4.3 kB URL HTTP/2 www.megarush.com/img/home-page/coin-1-1.png
IP 172.67.22.147:0
File type PNG image data, 106 x 105, 8-bit colormap, non-interlaced\012- data
Hash 214e2f889379dcba70bace5878068150
d6873dae324b9fd44a70e73f20dc9eb81253a7ae
bb731b067cd838fadedeab50866dc81f725b8f6e49f4dc2e3b4332eae36c9ef0
GET /img/home-page/coin-1-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 4257
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-10a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e34cc8b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/mega-jackpots.png
172.67.22.147200 OK 64 kB URL HTTP/2 www.megarush.com/img/home-page/mega-jackpots.png
IP 172.67.22.147:0
File type PNG image data, 1618 x 188, 8-bit colormap, non-interlaced\012- data
Hash b4342b052aabdba3960a5b2b5c7e519a
aebc2a2c7be9d8d2895694af3fde7674affef4c2
d3fa51da3d01f8341766925f65cf161fc2e403be7594f213c5019f8e27f3ad1d
GET /img/home-page/mega-jackpots.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 63747
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-f903"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8459845
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e34cc7b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-1.png
172.67.22.147200 OK 3.5 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-1.png
IP 172.67.22.147:0
File type PNG image data, 80 x 64, 8-bit colormap, non-interlaced\012- data
Hash 09e800f81a52a109cbf3a8b2f8e727bf
d44509cdbddce4991b70f10276c47786e9993d0b
8ab09b1bcb8c69b51ba57b7c5ee96a36994e6e97e7df49d3cce993e8881ff376
GET /img/home-page/coin-2-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 3452
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e34ccdb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-3-1.png
172.67.22.147200 OK 4.4 kB URL HTTP/2 www.megarush.com/img/home-page/coin-3-1.png
IP 172.67.22.147:0
File type PNG image data, 118 x 119, 8-bit colormap, non-interlaced\012- data
Hash 3da73129d9d4dd65c43060dacf06f3df
9abf4ea9710ba53af92778718c245ddf64c42a5f
6b899e2fa680a916e6d1fe6226eaff68b415eee4658537497ae951024d5793a6
GET /img/home-page/coin-3-1.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 4434
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-1152"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e35cd4b4e8-OSL
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.248200 OK 31 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.248:0
Hash 5ed692d87781c690892243451482275b
2fa22ec492d5b3ccf5f2868c01b06368928850ef
076e61efdc97d3cac831ac144ac8c85bb4402023f8909bc20b2d0bc274e7dec8
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 11:34:23 GMT
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-amz-request-id: tx00000000000009f6173c6-00631fa6b6-3233e6c5-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/loyalty.png
172.67.22.147200 OK 9.7 kB URL HTTP/2 www.megarush.com/img/benefits/loyalty.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash df4d6dc1ebb3bbbace8d15ec77486d46
287e7185a17258c716cbf616aa95287c0db255a9
a6332d5469054e898655c9dc6f8fba37e6c300b523199c1a18441f7ce62878d8
GET /img/benefits/loyalty.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 9659
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-25bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8462147
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e35cd6b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/megaclub.png
172.67.22.147200 OK 11 kB URL HTTP/2 www.megarush.com/img/benefits/megaclub.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit colormap, non-interlaced\012- data
Hash 6a13cb2219f5d42d2a9c95d9104ef8b2
7fcbf688a27942e5fc89d5796144c17095336a41
02796f7fee25c816673368b88fae179a1d4ac8210b8c1dd5198825e56e592e66
GET /img/benefits/megaclub.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 10578
last-modified: Tue, 16 Aug 2022 12:19:34 GMT
etag: "62fb8b56-2952"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1687125
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e35cdab4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/feel-the-rush.png
172.67.22.147200 OK 49 kB URL HTTP/2 www.megarush.com/img/home-page/feel-the-rush.png
IP 172.67.22.147:0
File type PNG image data, 1382 x 188, 8-bit colormap, non-interlaced\012- data
Hash 141c6d0e374b086cf1d604173cb607c8
9e5531e6e26ad4cb621dd35d9521b167ce99ca53
c4bace32963528c901f6784df93b3aecc91e0b39b70cd6ba77bcce02c4e983e2
GET /img/home-page/feel-the-rush.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 48691
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: "6155d0b8-be33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e35cdfb4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/benefits/promotions.png
172.67.22.147200 OK 21 kB URL HTTP/2 www.megarush.com/img/benefits/promotions.png
IP 172.67.22.147:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9863db2ba8c87a673de9ea91482d5e
daca14014aeb80e137b6682a8c816cdd92639b2c
131582b1399fc62d9464a553a37bf6938d29fa48852a4d2564a3f6315f366911
GET /img/benefits/promotions.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 21005
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-520d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1581602
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e35cd5b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/coin-2-2.png
172.67.22.147200 OK 2.6 kB URL HTTP/2 www.megarush.com/img/home-page/coin-2-2.png
IP 172.67.22.147:0
File type PNG image data, 61 x 69, 8-bit colormap, non-interlaced\012- data
Hash bba9175cb7f05129ab03029f757b73ec
3efab582d082e5eb7f9ad9106f564c6f95e1fcc0
5ec2a2d82d3f356dcda627c1858e64278702b9c348f707287c9e72d0cbe05ad7
GET /img/home-page/coin-2-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 2616
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-a38"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8462147
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e34cd0b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/pragmaticPlay.svg
172.67.22.147200 OK 17 kB URL HTTP/2 www.megarush.com/img/icons/pragmaticPlay.svg
IP 172.67.22.147:0
Hash c27b58d1a56b312caa6614e0b135c7cd
0c64e1024e93f6c7f6898d1757307e5e19b731eb
be94444b1da785a6f54d6df984fa50744e9aef71981618f13725bb661f165f9c
GET /img/icons/pragmaticPlay.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-1799"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8298938
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e34cc5b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/affiliates/norges-casino.png
172.67.22.147200 OK 12 kB URL HTTP/2 www.megarush.com/img/affiliates/norges-casino.png
IP 172.67.22.147:0
File type PNG image data, 800 x 104, 8-bit colormap, non-interlaced\012- data
Hash 453efb7650d4c514229ddc7cb4b5d04f
f00e51876a720516521db90908019e5ccebe0397
d4d9aa8ca8aba5b99c183e32aee4d416e8c7768dffeb84e644e2ef5c597c546e
GET /img/affiliates/norges-casino.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/png
content-length: 12111
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: "6123a103-2f4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230743
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e36cedb4e8-OSL
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
104.18.38.157200 OK 2 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 104.18.38.157:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-api-session-id
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=baea5d0bac51a12bb7747df6f6519f4c; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e30a9f1c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a951a036d3bd7919e04e970bc0c557d6
07259b8a814183b80ec9602dbfba70f541cdb6a3
0841aebbec029e9fda33219b4795747ec0df63bbd32e66f2611f44118547ab26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: max-age=148672
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 21:58:39 GMT
Etag: "631f3e60-1d7"
Expires: Wed, 14 Sep 2022 15:16:31 GMT
Last-Modified: Mon, 12 Sep 2022 14:12:48 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
104.18.38.157200 OK 31 kB URL HTTP/2 megalotto-img.gigmagic.io/promos/img/arcade-machine.png?w=412&auto=format&fm=png
IP 104.18.38.157:0
File type ISO Media, AVIF Image\012- data
Hash a120f99e6d07b9526d8720e520942423
57edcb554c28a5787dd54c7f64b12ce9b7007d9b
c006a30b946ca1a403a8eaca8cdf20fa22b9ea6912b59023689f6aa65c83b137
GET /promos/img/arcade-machine.png?w=412&auto=format&fm=png HTTP/1.1
Host: megalotto-img.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/avif
content-length: 30644
last-modified: Tue, 06 Sep 2022 09:45:02 GMT
cache-control: public, max-age=31536000, private
x-imgix-id: 025e2e0f8406e2ca40b2649316b0bce6c003b2fa
x-imgix-render-farm: 01.560
age: 562417
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10075-SJC, cache-bru1480031-BRU
x-cache: MISS, HIT
vary: Accept, User-Agent
set-cookie: e7105a0137896fd7032010d42344fdb4=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e38f9bb4fd-OSL
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/games/no_NO.json
104.18.38.157200 OK 714 kB URL HTTP/2 megalotto-static.gigmagic.io/games/no_NO.json
IP 104.18.38.157:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 714 kB (714008 bytes)
Hash 2b8d7eb8d9f56918e231833888a022c4
38aa421f60d49dc4f204d473c435e34529e2e9e8
b3fe1abb3128d08ba81a2de1ae727dba1fc4fec2f829a44dceeb23a219dfc3f9
GET /games/no_NO.json HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Origin: https://www.megarush.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: application/json; charset=utf-8
content-length: 714008
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 06 Sep 2022 08:13:41 GMT
etag: "2b8d7eb8d9f56918e231833888a022c4"
content-encoding: gzip
accept-ranges: bytes
set-cookie: e242caeacb7729c5149f03e087bd04c7=3d1bf3a1a08cce8e844762f5ad0a7d37; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e2da731c06-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11480
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11480
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11480
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
www.megarush.com/img/home-page/smoke-2-small.png
172.67.22.147200 OK 4.2 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2-small.png
IP 172.67.22.147:0
File type PNG image data, 316 x 126, 4-bit colormap, non-interlaced\012- data
Hash 8361a76edf079ca44cd5c81d537c4ba0
b653ecb4ecaef4df2658c460be005f762ae203fb
e57046600ea12b7c2803f5d01c02595de1e29dca15981a2a278b916a9f62a5b0
GET /img/home-page/smoke-2-small.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/png
content-length: 4245
last-modified: Mon, 11 Jul 2022 12:54:28 GMT
etag: "62cc1d84-1095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5358841
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e56f2ab4e8-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11480
Expires: Tue, 13 Sep 2022 01:10:00 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
www.megarush.com/img/logo.113ce962.svg
172.67.22.147200 OK 2.0 kB URL HTTP/2 www.megarush.com/img/logo.113ce962.svg
IP 172.67.22.147:0
Hash dbd21af675c839515f423bdfc2c81fec
c90a71a2db64d8038bd16da3759d78eca14b6bce
bba5f1aa07405b121a840fdfb534693d66d3943ca0b5caabc344a9f9f0d36533
GET /img/logo.113ce962.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-cf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8462148
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e55f18b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/relaxGaming.svg
172.67.22.147200 OK 38 kB URL HTTP/2 www.megarush.com/img/icons/relaxGaming.svg
IP 172.67.22.147:0
Hash c32218c788e678018179fd3bdf802176
8e5f6c49d6bf889385b605c97a691793645da86f
ba7ce2512b9e3af845c5cd16b5450c128da2125f72a4f6b8a2493500b24e7d11
GET /img/icons/relaxGaming.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-22fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6062541
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e33cbcb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/smoke-2.png
172.67.22.147200 OK 75 kB URL HTTP/2 www.megarush.com/img/home-page/smoke-2.png
IP 172.67.22.147:0
File type PNG image data, 1187 x 471, 8-bit/color RGBA, non-interlaced\012- data
Hash b52d54230805a82ccdbc1484c6bde4aa
73fcb683ec6b5598a0b89138843c479d5f479fe0
97b1cfcdf70c6c432984de8f4c9350281c61d6503bd8cd1add15e46ea359eade
GET /img/home-page/smoke-2.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/png
content-length: 74825
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-12449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8466305
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e57f49b4e8-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/question-mark-1.d872b1da.png
172.67.22.147200 OK 54 kB URL HTTP/2 www.megarush.com/img/question-mark-1.d872b1da.png
IP 172.67.22.147:0
File type PNG image data, 632 x 820, 8-bit colormap, non-interlaced\012- data
Hash d872b1daeb19c1afe87b87c10de4343d
40c2dbf4eea216df495b10b6c039356432b41c4f
56d454faccb635efca719d35f33cd06b0131c75ee321a7f1fb6914099ebdcf96
GET /img/question-mark-1.d872b1da.png HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/png
content-length: 53566
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: "629daa4a-d13e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 7598257
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e57f4cb4e8-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 1008
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 65985
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 179
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 52836
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 67372
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.megarush.com/img/icons/menu.svg
172.67.22.147200 OK 8.7 kB URL HTTP/2 www.megarush.com/img/icons/menu.svg
IP 172.67.22.147:0
Hash 5a84962d85a847d7e9e03491c27b6be5
baf6829d7c93dd2749d13b72853d4176cb9e0c37
be12fc14687c04fb4fb92862e5a9e26a621d3b19daddbd4f46a1cd3b1c4c5dcc
GET /img/icons/menu.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Mar 2022 09:55:04 GMT
etag: W/"62330578-22f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 15237502
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3fd79b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/base.css
172.67.22.147200 OK 85 kB URL HTTP/2 www.megarush.com/base.css
IP 172.67.22.147:0
Hash a0ca74d8d29914bab71130afbff3fc66
cf50848454f563c4db8963c57ab4effe51fd24e3
8de2570a30d72cf7fa2459cbf2365ecc090b3eda4a97d0b73104074f4a8cb198
GET /base.css HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3913
access-control-allow-origin: *
cache-control: max-age=7200
etag: W/"63078847-f49"
expires: Sun, 11 Sep 2022 23:33:06 GMT
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4398
server: cloudflare
cf-ray: 749be7dd2e70b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/video/arcade-game.webm
172.67.22.147206 Partial Content 61 kB URL HTTP/2 www.megarush.com/video/arcade-game.webm
IP 172.67.22.147:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9aaef915ba1a5046a92ef8dfcc58cdba
c25acbf957571a53c4ca7cc5a910757e4cfffd66
565d4805821948f9740cd260a8da41b19189a2f3658867815af960a5a31f035a
GET /video/arcade-game.webm HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: video/webm
content-length: 61172
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
etag: "63078847-eef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-range: bytes 0-61171/61172
cf-cache-status: BYPASS
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-x897j; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
app_uid=CoEDNmMfq5CHwwArBoN5Ag==; expires=Wed, 12-Oct-22 21:58:40 GMT; domain=$host; path=/
server: cloudflare
cf-ray: 749be7e5df9eb4e8-OSL
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=466599145224&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_A0FC2977B3EC4F6CBE3773D8D2C97341
37.157.4.25200 OK 389 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=466599145224&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_A0FC2977B3EC4F6CBE3773D8D2C97341
IP 37.157.4.25:0
File type ASCII text, with CRLF line terminators
Hash 503d137fafb501b9fac6dd43636aaf3d
15796903a5c628356ef6eaec1025e981a953e24b
2f2638fe23b733dff5db0aaad100c1470340553ca5c287f89eebe2dcd71263dc
GET /Serving/TrackPoint/?CC=1&pm=2381934&ADFdivider=%7C&ord=466599145224&Set1=en-US%7Cen-US%7C1280x1024%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.megarush.com%2Fnb-no%3Fbtag%3D656126_A0FC2977B3EC4F6CBE3773D8D2C97341 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 389
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/img/logo.4c52d90d.svg
172.67.22.147200 OK 1.6 kB URL HTTP/2 www.megarush.com/img/logo.4c52d90d.svg
IP 172.67.22.147:0
Hash 59e734ece32272f1fbe4a2902e780722
ed63b91ce132971e0bd3a6ba01c8ecf50bacd8bd
ca1e682cce3db8e7c21c3bf69811ffac2335869cf1e509cec0210efe2f0f3d4f
GET /img/logo.4c52d90d.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-931"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8462148
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e5bf85b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58202 Accepted 76 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text
Hash 483ffa09cea154d304956a80f8b6b0cc
8c4675aeda7de53c381d4027ac239f0ea83a82ca
39cd29318acd06252db1fc7edf14ce35ebbd083cf672cd371bb0e40340370f08
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 351
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
access-control-allow-credentials: true
access-control-allow-origin: https://www.megarush.com
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 21:58:40 GMT
content-length: 76
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b963fc2d831fc262da1e041b20f773a0
f452051f30b022d26f99db1a09fb498ab54e0081
6574e9ec05448374d9de230d8e087aa995cff37304c1ea7bbd1744b893a59fd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6574E9EC05448374D9DE230D8E087AA995CFF37304C1EA7BBD1744B893A59FD0"
Last-Modified: Mon, 12 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6597
Expires: Mon, 12 Sep 2022 23:48:37 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f78fdba5286e63e70b20cc4f3d00a731
135db6d1a2fbb8d34cb52b808b9f1fe886f53830
3034b2d96216630967d442284c35270cd294bd33530ceb94a748aee9e36a28e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3034B2D96216630967D442284C35270CD294BD33530CEB94A748AEE9E36A28E6"
Last-Modified: Sun, 11 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Mon, 12 Sep 2022 22:56:47 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f78fdba5286e63e70b20cc4f3d00a731
135db6d1a2fbb8d34cb52b808b9f1fe886f53830
3034b2d96216630967d442284c35270cd294bd33530ceb94a748aee9e36a28e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "3034B2D96216630967D442284C35270CD294BD33530CEB94A748AEE9E36A28E6"
Last-Modified: Sun, 11 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Mon, 12 Sep 2022 22:56:47 GMT
Date: Mon, 12 Sep 2022 21:58:40 GMT
Connection: keep-alive
www.megarush.com/img/iso.fc5b238b.svg
172.67.22.147200 OK 532 B URL HTTP/2 www.megarush.com/img/iso.fc5b238b.svg
IP 172.67.22.147:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (489)
Hash acd3bf70fd910bdd4c575a8887190be6
91db895d39ce96e77862b02997c5d4887d904ee8
4058e1d5ca1543b3021cc54f9501b6b9048f5fa0a5b8f729984004ca91bce453
GET /img/iso.fc5b238b.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-363"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230743
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e58f65b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
graphql.datocms.com/
172.67.11.48200 OK 1.2 kB IP 172.67.11.48:0
Hash 1f85f48f9e02e64ba542efa494b82b4d
3d03663d80fc97fba3f39b8f1a9eea40bbd5ddc4
cac3e3d8f64c1dfb1679bfd36d5c5b111431b4f0e51f3f22014b7361efbf9bb4
POST / HTTP/1.1
Host: graphql.datocms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
authorization: Bearer 35d777e787abbc619166a62135c433
Content-Length: 151
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: application/json; charset=utf-8
cf-ray: 749be7e99fd41c0e-OSL
accept-ranges: bytes
access-control-allow-origin: https://www.megarush.com
age: 2999151
cache-control: no-store
content-encoding: gzip
etag: W/"8a069ed1bdcb8517251ab69433826adb"
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Authorization, Accept-Encoding, X-Environment, X-Include-Drafts, X-Exclude-Invalid, Origin
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-environment, x-include-drafts, x-exclude-invalid
access-control-allow-methods: GET, POST
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-remaining, x-ratelimit-reset, x-entities
access-control-max-age: 1728000
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT, HIT
x-cache-hits: 1, 72
x-cacheable-on-cdn: true
x-cacheable-on-cdn-query-length-limit: 203/8192
x-complexity: 92
x-content-type-options: nosniff
x-download-options: noopen
x-environment: main
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-queue-time: 0ms
x-request-id: 0f274e57-e572-4252-8a11-69b9b51533b0
x-runtime: 0.073587
x-served-by: cache-dub4335-DUB, cache-bma1673-BMA
x-timer: S1663019921.920417,VS0,VE0
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
54.230.111.16200 OK 271 B URL HTTP/2 rules.quantcount.com/rules-p--B_1AZ6v1_YDr.js
IP 54.230.111.16:0
Hash 34e255255d25312b08a2cc8566b5bf38
56eb0a5a1cb20d2b51fa071b968ad50a3ac16f85
1980f7805afc0ade5f7d949212900dfe36abaa52cc804b7eeac07a620852cf23
GET /rules-p--B_1AZ6v1_YDr.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 271
last-modified: Tue, 23 Aug 2022 12:06:41 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 12 Sep 2022 21:22:00 GMT
cache-control: max-age=3600
etag: "34e255255d25312b08a2cc8566b5bf38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kypz8zjhhvMJys6WHCDNhZY12svp2IBAB-X74k7emSxIHb_LrMHdRg==
age: 2205
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=2111728816;fpan=1;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908752;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ogl=
143.204.55.35200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=2111728816;fpan=1;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908752;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ogl=
IP 143.204.55.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=2111728816;fpan=1;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;ref=https%3A%2F%2Fwww.megarush.com%2F;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908752;tzo=0;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ogl= HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 02:29:20 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MUKsH0qB0IJ7jSe1qR6HXeIBz9OeHTPN4nLRXNjuBsz9zjBzp_Eu1Q==
age: 70162
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1552103001;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908754;tzo=0;ogl=;ses=8796e888-a078-4a89-be1a-901a51f0c702
91.228.74.208200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1552103001;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908754;tzo=0;ogl=;ses=8796e888-a078-4a89-be1a-901a51f0c702
IP 91.228.74.208:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1552103001;labels=_fp.event.PageView;rf=0;a=p--B_1AZ6v1_YDr;url=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D2381934%26lid%3D95292615%26ctype%3D0%26media%3D0%26PageName%3Dmegarush.com%252fnb-no%26rnd%3D1671410033%26cpref%3D%26loc%3Dhttps%253a%252f%252fwww.megarush.com%252fnb-no%253fbtag%253d656126_A0FC2977B3EC4F6CBE3773D8D2C97341;ref=https%3A%2F%2Fwww.megarush.com%2F;uht=2;fpan=0;fpa=P0-21030896-1663019908752;pbc=;ns=1;ce=0;qjs=1;qv=4fd1222d-20220912103631;cm=;gdpr=0;d=track.adform.net;dst=0;et=1663019908754;tzo=0;ogl=;ses=8796e888-a078-4a89-be1a-901a51f0c702 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:41 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=631fab91-179cc-a8669-ebbc9; expires=Fri, 13-Oct-2023 21:58:41 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1671410033&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_A0FC2977B3EC4F6CBE3773D8D2C97341
37.157.4.25200 OK 1.3 MB URL HTTP/2 track.adform.net/serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1671410033&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_A0FC2977B3EC4F6CBE3773D8D2C97341
IP 37.157.4.25:0
Size 1.3 MB (1337695 bytes)
Hash 5a2fe7cdaf889dc87b61fd4129d47766
5b9a9987762d3b735ce94619abf8991f31ed8f14
158daea832c59c768ed6e7aa6fc4c52ad5a5d24dd23a159fd8baadb4ddbc6370
GET /serving/container/?pm=2381934&lid=95292615&ctype=0&media=0&PageName=megarush.com%2fnb-no&rnd=1671410033&cpref=&loc=https%3a%2f%2fwww.megarush.com%2fnb-no%3fbtag%3d656126_A0FC2977B3EC4F6CBE3773D8D2C97341 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--flat.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/promotions--flat.svg
IP 172.67.22.147:0
GET /img/icons/promotions--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16955614
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3fd6fb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/search.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/search.svg
IP 172.67.22.147:0
GET /img/icons/search.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-212"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230742
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3fd71b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
35.186.224.25502 Bad Gateway 0 B URL HTTP/2 open.spotify.com/embed/playlist/2ucixR5s50chGr0o0pm4Pi
IP 35.186.224.25:0
GET /embed/playlist/2ucixR5s50chGr0o0pm4Pi HTTP/1.1
Host: open.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: text/html; charset=utf-8
sp-trace-id: 84a4dd34b9df013c
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/glows/blue-jackpot.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/glows/blue-jackpot.svg
IP 172.67.22.147:0
GET /img/home-page/glows/blue-jackpot.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 10:40:02 GMT
etag: W/"61656602-255"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28984350
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e57f4bb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
IP 172.67.22.147:0
GET /nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341 HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:38 GMT
content-type: text/html
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: geoip_country=no; Path=/;
webserver=megarush-prd-58d9bc46b7-x897j; Domain=www.megarush.com; Path=/;
geoip_country=no; Domain=www.megarush.com; Path=/;
LanguageCode=nb-no; Domain=www.megarush.com; Path=/;
73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7dc9dc4b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/promotions--updated.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/promotions--updated.svg
IP 172.67.22.147:0
GET /img/icons/promotions--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8462147
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3dd52b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
104.18.38.157200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/games/jackpots
IP 104.18.38.157:0
POST /igc/megalotto/games/jackpots HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 631fab82d506f26ea3e80986
Origin: https://www.megarush.com
Content-Length: 18
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=baea5d0bac51a12bb7747df6f6519f4c; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e36af21c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/grid-new-2.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/grid-new-2.svg
IP 172.67.22.147:0
GET /img/home-page/grid-new-2.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 18 Oct 2021 10:20:15 GMT
etag: W/"616d4a5f-3194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 28467252
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e58f64b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/scripts/b_megarush.js
104.21.39.149200 OK 0 B URL HTTP/2 scripts.mediamathrdrt.com/scripts/b_megarush.js
IP 104.21.39.149:0
GET /scripts/b_megarush.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: d8c05fa6-ad11-45bb-b171-b7695b0aeea8
etag: W/"b89528e21d6f85cc11459c7b6ec733cb"
x-runtime: 0.005196
expires: 2022-08-13 21:58:39 UTC
x-powered-by: Phusion Passenger(R) 6.0.11
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHXqff39JiPpJT1g3r0AVAAp3zpduoePgnVBhF6a1ECB0qTLhTkPkKGoZJ%2FeeHnmW6vo0YLMSrxguu1tjysaShiPIdO89HYN1MznUEWja%2BiiuzYhHDEkSb0xb6cIcRNcVseHArLckPw1dU%2BT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749be7e069e9b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.megarush.com/img/palms.1f322dbc.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/palms.1f322dbc.svg
IP 172.67.22.147:0
GET /img/palms.1f322dbc.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-33a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 6063116
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e57f53b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/games--flat.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/games--flat.svg
IP 172.67.22.147:0
GET /img/icons/games--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-8c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230742
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3ed64b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/service-worker.js
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/service-worker.js
IP 172.67.22.147:0
GET /service-worker.js HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 14:33:43 GMT
vary: Accept-Encoding
etag: W/"63078847-64d2"
expires: Mon, 12 Sep 2022 21:59:11 GMT
cache-control: max-age=30
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7eb9d22b4e8-OSL
X-Firefox-Spdy: h2
megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
104.18.38.157200 OK 0 B URL HTTP/2 megalotto-api.gigmagic.io/igc/megalotto/promotions/filter
IP 104.18.38.157:0
POST /igc/megalotto/promotions/filter HTTP/1.1
Host: megalotto-api.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/
Content-Type: application/json; charset=utf-8
X-API-Key: 5c7e3e9c1c62609cee83f960
X-API-Session-Id: 631fab82d506f26ea3e80986
Origin: https://www.megarush.com
Content-Length: 47
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, Content-Type, Accept, X-API-Key, X-API-Session-Id, x-api-sid, X-Request-ID
set-cookie: e9ef0023e1df886bed2d1501b6b20a23=baea5d0bac51a12bb7747df6f6519f4c; path=/; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 749be7e38b141c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4
104.18.38.157206 Partial Content 0 B URL HTTP/2 megalotto-static.gigmagic.io/video/header-video-720p-av1.mp4
IP 104.18.38.157:0
GET /video/header-video-720p-av1.mp4 HTTP/1.1
Host: megalotto-static.gigmagic.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://www.megarush.com
Connection: keep-alive
Referer: https://www.megarush.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: video/mp4
content-length: 981973
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 27 Oct 2021 09:33:08 GMT
etag: "2afd3c14d9a3bb96572c32fd6858f451"
cf-cache-status: HIT
age: 130
expires: Tue, 13 Sep 2022 01:58:40 GMT
cache-control: public, max-age=14400
content-range: bytes 0-981972/981973
server: cloudflare
cf-ray: 749be7e95f5d1c06-OSL
X-Firefox-Spdy: h2
www.megarush.com/img/icons/playAndGo.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/playAndGo.svg
IP 172.67.22.147:0
GET /img/icons/playAndGo.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Sep 2021 14:59:04 GMT
etag: W/"6155d0b8-dfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 30005146
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e32cb1b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/casino--side-nav.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/casino--side-nav.svg
IP 172.67.22.147:0
GET /img/icons/casino--side-nav.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 09:33:37 GMT
etag: W/"621c96f1-9ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16978340
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3bd37b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--yellow.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--yellow.svg
IP 172.67.22.147:0
GET /img/icons/live-casino--yellow.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Feb 2022 16:02:10 GMT
etag: W/"621cf202-9b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 16955614
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3cd3eb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/megaclub--updated.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/megaclub--updated.svg
IP 172.67.22.147:0
GET /img/icons/megaclub--updated.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8467893
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3cd44b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/live-casino--flat.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/live-casino--flat.svg
IP 172.67.22.147:0
GET /img/icons/live-casino--flat.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230742
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e3ed68b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/icons/mastercard--white.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/mastercard--white.svg
IP 172.67.22.147:0
GET /img/icons/mastercard--white.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Connection: keep-alive
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Aug 2021 13:22:11 GMT
etag: W/"6123a103-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 33230743
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e40d90b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.208200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.208:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.adform.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "CCVp2TsT4DfiBk1BkYXxnA=="
expires: Mon, 19 Sep 2022 21:58:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.megarush.com/img/icons/netent.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/icons/netent.svg
IP 172.67.22.147:0
GET /img/icons/netent.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/nb-no?btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:39 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-519"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8467585
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e33cc0b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.megarush.com/img/home-page/grid-new-1.svg
172.67.22.147200 OK 0 B URL HTTP/2 www.megarush.com/img/home-page/grid-new-1.svg
IP 172.67.22.147:0
GET /img/home-page/grid-new-1.svg HTTP/1.1
Host: www.megarush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.megarush.com/index.30053c2cd5717880348c.css
Cookie: geoip_country=no; webserver=megarush-prd-58d9bc46b7-x897j; geoip_country=no; LanguageCode=nb-no; 73284d4086c9c5cd43ecdef7e2965d52=a782169c8bfd1715cf9ee71a293e9f0e; _ga=GA1.2.1797058714.1663019907; _gid=GA1.2.2042594988.1663019907; _gat_UA-143790984-2=1; btag=656126_A0FC2977B3EC4F6CBE3773D8D2C97341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 21:58:40 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 07:18:34 GMT
etag: W/"629daa4a-31bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 8466305
vary: Accept-Encoding
server: cloudflare
cf-ray: 749be7e57f3fb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2