hxxps://mega[.]nz/folder/XVtlQK7Z#1v5NUo5eopwZ0C0c7Mqlbg

Analysis

max time kernel
55s
max time network
59s
platform
windows10-1703_x64
resource
win10-20231220-en
resource tags

arch:x64arch:x86image:win10-20231220-enlocale:en-usos:windows10-1703-x64system
submitted
13/01/2024, 20:54 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/folder/XVtlQK7Z#1v5NUo5eopwZ0C0c7Mqlbg

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3934047325-4097474570-3437169968-1000_Classes\Local Settings	firefox.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeDebugPrivilege	4716	firefox.exe
Token: SeDebugPrivilege	4716	firefox.exe
Token: 33	3280	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3280	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 4 IoCs

pid	Process
4716	firefox.exe
4716	firefox.exe
4716	firefox.exe
4716	firefox.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
4716	firefox.exe
4716	firefox.exe
4716	firefox.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4716	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4328 wrote to memory of 4716	4328	firefox.exe	57
PID 4716 wrote to memory of 3780	4716	firefox.exe	75
PID 4716 wrote to memory of 3780	4716	firefox.exe	75
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 4356	4716	firefox.exe	76
PID 4716 wrote to memory of 2972	4716	firefox.exe	77
PID 4716 wrote to memory of 2972	4716	firefox.exe	77
PID 4716 wrote to memory of 2972	4716	firefox.exe	77

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://mega.nz/folder/XVtlQK7Z#1v5NUo5eopwZ0C0c7Mqlbg"
1⤵
- Suspicious use of WriteProcessMemory
PID:4328
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://mega.nz/folder/XVtlQK7Z#1v5NUo5eopwZ0C0c7Mqlbg
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:4716
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.0.444123641\988194237" -parentBuildID 20221007134813 -prefsHandle 1672 -prefMapHandle 1660 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f58862d7-c6a5-45ef-9353-31fdac6e018c} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 1764 294cc3ed858 gpu
    3⤵
    PID:3780
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.1.1231034595\1101989584" -parentBuildID 20221007134813 -prefsHandle 2128 -prefMapHandle 2124 -prefsLen 21608 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1638cb40-caf7-493e-aa27-56e67427bb1b} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 2140 294c1672b58 socket
    3⤵
    - Checks processor information in registry
    PID:4356
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.2.942396668\915178292" -childID 1 -isForBrowser -prefsHandle 2744 -prefMapHandle 2880 -prefsLen 21711 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0b56a67d-3651-4fef-8a07-ab0bc7db0a3f} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 2916 294d06cff58 tab
    3⤵
    PID:2972
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.3.1675004190\1260892464" -childID 2 -isForBrowser -prefsHandle 3544 -prefMapHandle 3540 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f6730295-3ca6-4d86-90f5-18a753a5c67f} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 3556 294c1662858 tab
    3⤵
    PID:3120
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.6.768739475\1190650708" -childID 5 -isForBrowser -prefsHandle 5096 -prefMapHandle 5100 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0824aa47-777b-4efd-9a19-5fc3d3c640f7} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 5084 294d2a0eb58 tab
    3⤵
    PID:2836
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.5.1458042058\2068437476" -childID 4 -isForBrowser -prefsHandle 4904 -prefMapHandle 4908 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a5f376fe-bbb1-4ad8-beb7-36ddfcbea879} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 4896 294d2a0e858 tab
    3⤵
    PID:5092
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.4.93974231\1316165454" -childID 3 -isForBrowser -prefsHandle 4752 -prefMapHandle 4728 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8128fb0a-e57e-41e5-b495-afcafa95237a} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 4264 294d2a0e258 tab
    3⤵
    PID:360
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4716.7.1198783418\466226930" -childID 6 -isForBrowser -prefsHandle 5436 -prefMapHandle 5588 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe51735a-3333-491f-8ee9-4236f55aa396} 4716 "\\.\pipe\gecko-crash-server-pipe.4716" 4060 294d25cb058 tab
    3⤵
    PID:1232

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x284
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3280

Network

DNS

mega.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

mega.nz

IN A

Response

mega.nz

IN A

31.216.144.5

mega.nz

IN A

31.216.145.5
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

34.213.155.5

shavar.prod.mozaws.net

IN A

44.239.151.67

shavar.prod.mozaws.net

IN A

52.24.152.80
GET

https://mega.nz/folder/XVtlQK7Z

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /folder/XVtlQK7Z HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

Response

HTTP/1.1 200 OK

Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 939
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Robots-Tag: noindex
Set-Cookie: geoip=RO
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive
GET

https://mega.nz/secureboot.js?r=1704935862

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /secureboot.js?r=1704935862 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/folder/XVtlQK7Z
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 61342
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/loading-sprite_v4.png

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /loading-sprite_v4.png HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/folder/XVtlQK7Z
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 3414
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
GET

https://mega.nz/favicon.ico?v=3

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /favicon.ico?v=3 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/folder/XVtlQK7Z
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: image/x-icon
Content-Length: 1029
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/sw.js?v=1

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /sw.js?v=1 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 1208
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/nodedec.js?v=3

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /nodedec.js?v=3 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/folder/XVtlQK7Z
Connection: keep-alive
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 9807
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/sjcl.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /sjcl.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 22139
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
DNS

mega.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

mega.nz

IN A

Response

mega.nz

IN A

31.216.145.5

mega.nz

IN A

31.216.144.5
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A
DNS

mega.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

mega.nz

IN AAAA

Response

mega.nz

IN AAAA

2a0b:e46:1:144::5

mega.nz

IN AAAA

2a0b:e46:1:145::5
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

34.213.155.5

shavar.prod.mozaws.net

IN A

44.239.151.67

shavar.prod.mozaws.net

IN A

52.24.152.80
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

44.239.151.67

shavar.prod.mozaws.net

IN A

34.213.155.5

shavar.prod.mozaws.net

IN A

52.24.152.80
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A
DNS

5.144.216.31.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.144.216.31.in-addr.arpa

IN PTR

Response

5.144.216.31.in-addr.arpa

IN PTR

31-216-144-5ipdcluxcom
DNS

eu.static.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN A

Response

eu.static.mega.co.nz

IN A

89.44.169.134

eu.static.mega.co.nz

IN A

66.203.124.37

eu.static.mega.co.nz

IN A

89.44.169.132
DNS

eu.static.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN A
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN A

Response

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
if-modified-since: Fri, 25 Mar 2022 17:45:46 GMT
if-none-match: "1648230346554"
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221705161435295%22

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json

Request

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221705161435295%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Content-Length, Alert
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:13:09 GMT
age: 2525
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 2377
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Backoff, Content-Length
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Sat, 13 Jan 2024 20:15:13 GMT
age: 2401
last-modified: Fri, 12 Jan 2024 00:00:05 GMT
content-type: application/json
last-modified: Sat, 13 Jan 2024 15:57:15 GMT
content-type: application/json
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.107.243.93
GET

https://push.services.mozilla.com/

firefox.exe

Remote address:

34.107.243.93:443

Request

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ahosOmctlmIviR1P0taTRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

Response

HTTP/1.1 101 Switching Protocols

sec-websocket-accept: vCpBzwgBZDxtAJF+6AUtpWN6UHU=
date: Sat, 13 Jan 2024 20:55:14 GMT
Via: 1.1 google
Upgrade: websocket
Connection: Upgrade
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

g.api.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

g.api.mega.co.nz

IN A

Response

g.api.mega.co.nz

IN CNAME

lu.api.mega.co.nz

lu.api.mega.co.nz

IN A

66.203.125.11

lu.api.mega.co.nz

IN A

66.203.125.15

lu.api.mega.co.nz

IN A

66.203.125.12

lu.api.mega.co.nz

IN A

66.203.125.14

lu.api.mega.co.nz

IN A

66.203.125.13

lu.api.mega.co.nz

IN A

66.203.125.16
POST

https://g.api.mega.co.nz/cs?id=0

firefox.exe

Remote address:

66.203.125.11:443

Request

POST /cs?id=0 HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 13
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 99
Content-Length: 99
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=738392879&v=3&lang=en&domain=meganz

firefox.exe

Remote address:

66.203.125.11:443

Request

POST /cs?id=738392879&v=3&lang=en&domain=meganz HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 46
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 3
Content-Length: 3
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=55194339&v=3&lang=en&domain=meganz&ec=&n=XVtlQK7Z

firefox.exe

Remote address:

66.203.125.11:443

Request

POST /cs?id=55194339&v=3&lang=en&domain=meganz&ec=&n=XVtlQK7Z HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 30
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 1031
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
DNS

lu.api.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

lu.api.mega.co.nz

IN A

Response

lu.api.mega.co.nz

IN A

66.203.125.13

lu.api.mega.co.nz

IN A

66.203.125.14

lu.api.mega.co.nz

IN A

66.203.125.15

lu.api.mega.co.nz

IN A

66.203.125.16

lu.api.mega.co.nz

IN A

66.203.125.11

lu.api.mega.co.nz

IN A

66.203.125.12
DNS

lu.api.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

lu.api.mega.co.nz

IN A
DNS

lu.api.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

lu.api.mega.co.nz

IN A
DNS

eu.static.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN A

Response

eu.static.mega.co.nz

IN A

89.44.169.132

eu.static.mega.co.nz

IN A

66.203.124.37

eu.static.mega.co.nz

IN A

89.44.169.134
DNS

eu.static.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN AAAA

Response

eu.static.mega.co.nz

IN AAAA

2001:678:25c:2215::552

eu.static.mega.co.nz

IN AAAA

2a0b:e46:1:50::37

eu.static.mega.co.nz

IN AAAA

2001:678:25c:2215::550
DNS

eu.static.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN AAAA
GET

https://eu.static.mega.co.nz/4/lang/en_3cee720122ff07133af56b1620039b574d966512733285ef6eddc589bff09925.json

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/lang/en_3cee720122ff07133af56b1620039b574d966512733285ef6eddc589bff09925.json HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:15 GMT
content-type: application/json
content-length: 95002
last-modified: Thu, 11 Jan 2024 03:20:08 GMT
vary: Accept-Encoding
etag: "659f5e68-1731a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-1_d8011627272da0aa9771fa3deabb7e0616d1d7f57f9c5b667f46e1524ce4a1a6.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-1_d8011627272da0aa9771fa3deabb7e0616d1d7f57f9c5b667f46e1524ce4a1a6.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:15 GMT
content-type: application/javascript
content-length: 115412
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-1c2d4"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-2_f781e629660d8cb1fb4cfeea91f46c4ccda5789d46b730565018aa0a0d66c82e.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-2_f781e629660d8cb1fb4cfeea91f46c4ccda5789d46b730565018aa0a0d66c82e.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 111739
last-modified: Thu, 11 Jan 2024 03:20:12 GMT
vary: Accept-Encoding
etag: "659f5e6c-1b47b"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-3_8e704df955dff3f413ebf3b8c38503422623d794482c8278877acbf158e04861.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-3_8e704df955dff3f413ebf3b8c38503422623d794482c8278877acbf158e04861.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 115468
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-1c30c"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-4_10cb79b69e984341464591bcd9ee2bb56bba1554c3893ed479dc0964df868e1f.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-4_10cb79b69e984341464591bcd9ee2bb56bba1554c3893ed479dc0964df868e1f.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 109306
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-1aafa"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-5_4ef9719b8f02e2872ff58ced3d1faf6a097af37fa4f6513f0cac390f54083f36.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-5_4ef9719b8f02e2872ff58ced3d1faf6a097af37fa4f6513f0cac390f54083f36.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 105451
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-19beb"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-6_5d89c2f454430d25aa623ccd831245055c84cc4b5bdb593a8d754ba36d0819cf.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-6_5d89c2f454430d25aa623ccd831245055c84cc4b5bdb593a8d754ba36d0819cf.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 116535
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-1c737"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-7_102401ee712f4617b5e315e873c180004b9cef7fe87aab7b69702bcb57dbad2b.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-7_102401ee712f4617b5e315e873c180004b9cef7fe87aab7b69702bcb57dbad2b.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: application/javascript
content-length: 78769
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-133b1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-1_072f1fe96f08bafe424738cd0101ec2d14a2ac56a0137c9629cf3588f234cce4.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-1_072f1fe96f08bafe424738cd0101ec2d14a2ac56a0137c9629cf3588f234cce4.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:16 GMT
content-type: text/css
content-length: 77031
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-12ce7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/html/templates_b5234919e2a889c18222bff172417fe6c89c492780e576510a95597a31c9cbf8.json

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/html/templates_b5234919e2a889c18222bff172417fe6c89c492780e576510a95597a31c9cbf8.json HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: application/json
content-length: 105192
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-19ae8"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-8_69550a5355a20a8ac9c321fead2f18676404c0601c8236b2af2c67b83d87ccbe.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-8_69550a5355a20a8ac9c321fead2f18676404c0601c8236b2af2c67b83d87ccbe.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: application/javascript
content-length: 84643
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-14aa3"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_47f7d58d40f84e7fa878532d05a625c2b9700c9300276decec0cbc374c0a5644.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/bottom-pages-animations.css-postbuild_47f7d58d40f84e7fa878532d05a625c2b9700c9300276decec0cbc374c0a5644.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: text/css
content-length: 1485
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-5cd"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-9_931af59115cb573dfb0b9d5e56173e9c331e69d55051751df67da92896030ecd.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-9_931af59115cb573dfb0b9d5e56173e9c331e69d55051751df67da92896030ecd.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: application/javascript
content-length: 120353
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-1d621"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-2_10a05b6765b6026254e38256d6605785a669dcecbb78aa0a4f753eb194adc526.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-2_10a05b6765b6026254e38256d6605785a669dcecbb78aa0a4f753eb194adc526.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: text/css
content-length: 27213
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-6a4d"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-10_a9ba907ba9dd81c5e62c2fed2176cabe298b81311b19e68a758a08e49e99dbb7.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-10_a9ba907ba9dd81c5e62c2fed2176cabe298b81311b19e68a758a08e49e99dbb7.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:17 GMT
content-type: application/javascript
content-length: 102908
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-191fc"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-11_66b24c30c7b0bf6da1d1d3944e545ac10223bfb99a00912625b21ff5c8393fde.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-11_66b24c30c7b0bf6da1d1d3944e545ac10223bfb99a00912625b21ff5c8393fde.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:18 GMT
content-type: application/javascript
content-length: 61285
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-ef65"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-3_30f3181a739be37bec4d6d2523f852a0b37e2ed81b4085f0a3ab7c8dc33680d4.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-3_30f3181a739be37bec4d6d2523f852a0b37e2ed81b4085f0a3ab7c8dc33680d4.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:18 GMT
content-type: text/css
content-length: 123110
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-1e0e6"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-12_4bbc38baee6e521d660537ef5e1dcc7a5b8336987766e788ff3660d27599113c.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-12_4bbc38baee6e521d660537ef5e1dcc7a5b8336987766e788ff3660d27599113c.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:18 GMT
content-type: application/javascript
content-length: 102552
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-19098"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-13_55d79a4829c34f3c7b426ca2374fe72d3153f26cdd6a90b9393a58edd62b8e8c.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-13_55d79a4829c34f3c7b426ca2374fe72d3153f26cdd6a90b9393a58edd62b8e8c.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:18 GMT
content-type: application/javascript
content-length: 86464
last-modified: Thu, 11 Jan 2024 03:20:13 GMT
vary: Accept-Encoding
etag: "659f5e6d-151c0"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-14_929fd0bac155152c7bd8aaae0610f63162642bf0beb21000adca8571868b0080.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-14_929fd0bac155152c7bd8aaae0610f63162642bf0beb21000adca8571868b0080.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:18 GMT
content-type: application/javascript
content-length: 80918
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-13c16"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-4_5779e6dc2e880272298c0fb7aca6bdd982af790fc1ceb1a33e47081382e89f60.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-4_5779e6dc2e880272298c0fb7aca6bdd982af790fc1ceb1a33e47081382e89f60.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: text/css
content-length: 39033
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-9879"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-15_6d963e835cfb0f50e471b6b5538cdcbb43601ba6965d34d4b3e8e83fc14d295f.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-15_6d963e835cfb0f50e471b6b5538cdcbb43601ba6965d34d4b3e8e83fc14d295f.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: application/javascript
content-length: 118576
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-1cf30"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-16_fb7c70bd65399eef30dd070b9cec3088053f0d9867ae00dc2d2c02dfb697be82.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-16_fb7c70bd65399eef30dd070b9cec3088053f0d9867ae00dc2d2c02dfb697be82.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: application/javascript
content-length: 65882
last-modified: Thu, 11 Jan 2024 03:20:14 GMT
vary: Accept-Encoding
etag: "659f5e6e-1015a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-7_18aaf2ab89480440d7bd22444a5096d39ce169c8c401c65c334b22292c7b42dc.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-7_18aaf2ab89480440d7bd22444a5096d39ce169c8c401c65c334b22292c7b42dc.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: text/css
content-length: 9388
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-24ac"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: application/javascript
content-length: 49762
last-modified: Thu, 11 Jan 2024 03:20:15 GMT
vary: Accept-Encoding
etag: "659f5e6f-c262"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
origin: https://mega.nz
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:19 GMT
content-type: text/css
content-length: 734
last-modified: Thu, 11 Jan 2024 03:20:16 GMT
vary: Accept-Encoding
etag: "659f5e70-2de"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:20 GMT
content-type: font/woff2
content-length: 90132
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-16014"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/mobile-button-loader-green.b175f7d362d2b4af.gif

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mobile-button-loader-green.b175f7d362d2b4af.gif HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:20 GMT
content-type: image/gif
content-length: 8787
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-2253"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/mega-chat-onboarding-preview.237bc0c333af649.png

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-chat-onboarding-preview.237bc0c333af649.png HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://mega.nz/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:20 GMT
content-type: image/png
content-length: 103443
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-19413"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:20 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/mega-fm-main-sprite.7d3634e3f4c954e9.png

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-fm-main-sprite.7d3634e3f4c954e9.png HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/png
content-length: 43812
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-ab24"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/mega-loader-dark.10067de1c8e7e26c.gif

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-loader-dark.10067de1c8e7e26c.gif HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/gif
content-length: 41809
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-a351"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/mega-loading-sprite.e80d6d3a0b827536.png

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-loading-sprite.e80d6d3a0b827536.png HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/png
content-length: 3414
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-d56"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/Lato-Regular.woff2?v=6343dd45044b0726 HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: font/woff2
content-length: 182708
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-2c9b4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0 HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: font/woff2
content-length: 142744
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-22d98"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.d4063da614b05c60.woff2?t=1702437006030

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-mono.d4063da614b05c60.woff2?t=1702437006030 HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: font/woff2
content-length: 62156
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-f2cc"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/Lato-Semibold.woff2?v=7194963095272d0e HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: font/woff2
content-length: 184076
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-2cf0c"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02 HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: identity
origin: https://mega.nz
sec-fetch-dest: font
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: font/woff2
content-length: 143460
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
vary: Accept-Encoding
etag: "659f4265-23064"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:21 GMT
content-type: image/svg+xml
content-length: 78164
last-modified: Thu, 11 Jan 2024 03:20:10 GMT
vary: Accept-Encoding
etag: "659f5e6a-13154"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/mega-menus-sprite.aaa9a4ae08139b96.png

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-menus-sprite.aaa9a4ae08139b96.png HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:23 GMT
content-type: image/png
content-length: 5031
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-13a7"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-theme-light.952d720966777ae8.svg

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-theme-light.952d720966777ae8.svg HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:23 GMT
content-type: image/svg+xml
content-length: 13741
last-modified: Thu, 11 Jan 2024 03:20:11 GMT
vary: Accept-Encoding
etag: "659f5e6b-35ad"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/imagery/mega-files-icons.d0eb3dca90ed2246.png

firefox.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/mega-files-icons.d0eb3dca90ed2246.png HTTP/2.0
host: eu.static.mega.co.nz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
date: Sat, 13 Jan 2024 20:55:23 GMT
content-type: image/png
content-length: 109786
last-modified: Thu, 11 Jan 2024 01:20:37 GMT
etag: "659f4265-1acda"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
DNS

134.169.44.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.169.44.89.in-addr.arpa

IN PTR

Response

134.169.44.89.in-addr.arpa

IN PTR

89-44-169-134ipdcluxcom
DNS

134.169.44.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.169.44.89.in-addr.arpa

IN PTR
DNS

11.125.203.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.125.203.66.in-addr.arpa

IN PTR

Response

11.125.203.66.in-addr.arpa

IN PTR

bt1apimegaconz
DNS

11.125.203.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.125.203.66.in-addr.arpa

IN PTR
DNS

5.155.213.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.155.213.34.in-addr.arpa

IN PTR

Response

5.155.213.34.in-addr.arpa

IN PTR

ec2-34-213-155-5 us-west-2compute amazonawscom
DNS

lu.api.mega.co.nz

firefox.exe

Remote address:

8.8.8.8:53

Request

lu.api.mega.co.nz

IN AAAA

Response

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::13

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::12

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::15

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::16

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::11

lu.api.mega.co.nz

IN AAAA

2a0b:e46:1:100::14
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

firefox.exe

Remote address:

31.216.144.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mega.nz/nodedec.js?v=3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
POST

https://g.api.mega.co.nz/cs?id=738392880&v=3&lang=en&domain=meganz

firefox.exe

Remote address:

66.203.125.11:443

Request

POST /cs?id=738392880&v=3&lang=en&domain=meganz HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 12
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 26431
Content-Encoding: gzip
Content-Length: 10608
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=738392881&v=3&lang=en&domain=meganz

firefox.exe

Remote address:

66.203.125.11:443

Request

POST /cs?id=738392881&v=3&lang=en&domain=meganz HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 20
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 4
Content-Length: 4
Connection: keep-alive
GET

https://g.api.mega.co.nz/wsc?v=3&ec=&n=XVtlQK7Z&sn=6RXVkFnnxJs

firefox.exe

Remote address:

66.203.125.11:443

Request

GET /wsc?v=3&ec=&n=XVtlQK7Z&sn=6RXVkFnnxJs HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 78
Transfer-Encoding: chunked
Connection: keep-alive
GET

https://g.api.mega.co.nz/wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs

firefox.exe

Remote address:

66.203.125.11:443

Request

GET /wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 200 OK

Content-Type: text/plain
Content-Length: 1
Cache-Control: no-cache
Cache-Control: no-store
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
GET

https://g.api.mega.co.nz/wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs

firefox.exe

Remote address:

66.203.125.11:443

Request

GET /wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
DNS

aus5.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

aus5.mozilla.org

IN A

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

aus5.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

aus5.mozilla.org

IN A
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR

Response

201.181.244.35.in-addr.arpa

IN PTR

20118124435bcgoogleusercontentcom
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
GET

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

firefox.exe

Remote address:

88.221.134.209:80

Request

GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Last-Modified: Thu, 16 Nov 2023 07:38:17 GMT
ETag: 85430baed3398695717b0263807cf97c
Content-Length: 453023
Accept-Ranges: bytes
X-Timestamp: 1700120296.01123
Content-Type: application/zip
X-Trans-Id: tx83dabe2b359f4df0880f4-00655605b9dfw1
Cache-Control: public, max-age=33568
Expires: Sun, 14 Jan 2024 06:15:03 GMT
Date: Sat, 13 Jan 2024 20:55:35 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

88.221.134.209

a19.dscg10.akamai.net

IN A

88.221.134.155
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:869b
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA
DNS

209.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.134.221.88.in-addr.arpa

IN PTR

Response

209.134.221.88.in-addr.arpa

IN PTR

a88-221-134-209deploystaticakamaitechnologiescom
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

209.85.202.139

redirector.gvt1.com

IN A

209.85.202.100

redirector.gvt1.com

IN A

209.85.202.113

redirector.gvt1.com

IN A

209.85.202.101

redirector.gvt1.com

IN A

209.85.202.102

redirector.gvt1.com

IN A

209.85.202.138
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

209.85.202.138

redirector.gvt1.com

IN A

209.85.202.102

redirector.gvt1.com

IN A

209.85.202.100

redirector.gvt1.com

IN A

209.85.202.101

redirector.gvt1.com

IN A

209.85.202.113

redirector.gvt1.com

IN A

209.85.202.139
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A
DNS

r1---sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1---sn-aigzrnsz.gvt1.com

IN A

Response

r1---sn-aigzrnsz.gvt1.com

IN CNAME

r1.sn-aigzrnsz.gvt1.com

r1.sn-aigzrnsz.gvt1.com

IN A

74.125.175.166
DNS

r1---sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1---sn-aigzrnsz.gvt1.com

IN A
DNS

r1---sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1---sn-aigzrnsz.gvt1.com

IN A
DNS

r1---sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1---sn-aigzrnsz.gvt1.com

IN A
DNS

139.202.85.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.202.85.209.in-addr.arpa

IN PTR

Response

139.202.85.209.in-addr.arpa

IN PTR

dg-in-f1391e100net
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:400b:c00::66

redirector.gvt1.com

IN AAAA

2a00:1450:400b:c00::8a

redirector.gvt1.com

IN AAAA

2a00:1450:400b:c00::64

redirector.gvt1.com

IN AAAA

2a00:1450:400b:c00::65
DNS

r1.sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1.sn-aigzrnsz.gvt1.com

IN A

Response

r1.sn-aigzrnsz.gvt1.com

IN A

74.125.175.166
DNS

166.175.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

166.175.125.74.in-addr.arpa

IN PTR

Response

166.175.125.74.in-addr.arpa

IN PTR

lhr48s34-in-f61e100net
DNS

r1.sn-aigzrnsz.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r1.sn-aigzrnsz.gvt1.com

IN AAAA

Response

r1.sn-aigzrnsz.gvt1.com

IN AAAA

2a00:1450:4009:1b::6

127.0.0.1:49782

firefox.exe
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

7.7kB
188.1kB
68
151

HTTP Request

GET https://mega.nz/folder/XVtlQK7Z

HTTP Response

200

HTTP Request

GET https://mega.nz/secureboot.js?r=1704935862

HTTP Response

200

HTTP Request

GET https://mega.nz/loading-sprite_v4.png

HTTP Response

200

HTTP Request

GET https://mega.nz/favicon.ico?v=3

HTTP Response

200

HTTP Request

GET https://mega.nz/sw.js?v=1

HTTP Response

200

HTTP Request

GET https://mega.nz/nodedec.js?v=3

HTTP Response

200

HTTP Request

GET https://mega.nz/sjcl.js

HTTP Response

200

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

2.1kB
7.6kB
20
18

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles
34.160.144.191:443

content-signature-2.cdn.mozilla.net

firefox.exe

52 B
1
34.213.155.5:443

shavar.services.mozilla.com

tls

firefox.exe

3.6kB
4.2kB
14
10
34.117.237.239:443

contile.services.mozilla.com

tls, http2

firefox.exe

1.4kB
5.6kB
13
11
34.160.144.191:443

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

52 B
1
34.149.100.209:443

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221705161435295%22

tls, http2

firefox.exe

3.2kB
35.6kB
33
47

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221705161435295%22
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

firefox.exe

1.1kB
5.3kB
12
11
34.107.243.93:443

push.services.mozilla.com

tls

firefox.exe

1.0kB
4.8kB
9
8
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

2.4kB
17.7kB
24
29
34.107.243.93:443

https://push.services.mozilla.com/

tls, http

firefox.exe

2.4kB
7.0kB
17
16

HTTP Request

GET https://push.services.mozilla.com/

HTTP Response

101
66.203.125.11:443

https://g.api.mega.co.nz/cs?id=55194339&v=3&lang=en&domain=meganz&ec=&n=XVtlQK7Z

tls, http

firefox.exe

4.1kB
8.1kB
21
18

HTTP Request

POST https://g.api.mega.co.nz/cs?id=0

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=738392879&v=3&lang=en&domain=meganz

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=55194339&v=3&lang=en&domain=meganz&ec=&n=XVtlQK7Z

HTTP Response

200
89.44.169.134:443

eu.static.mega.co.nz

firefox.exe

98 B
52 B
2
1
89.44.169.134:443

eu.static.mega.co.nz

firefox.exe

98 B
52 B
2
1
89.44.169.134:443

https://eu.static.mega.co.nz/4/imagery/mega-files-icons.d0eb3dca90ed2246.png

tls, http2

firefox.exe

167.5kB
4.2MB
2530
3105

HTTP Request

GET https://eu.static.mega.co.nz/4/lang/en_3cee720122ff07133af56b1620039b574d966512733285ef6eddc589bff09925.json

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-1_d8011627272da0aa9771fa3deabb7e0616d1d7f57f9c5b667f46e1524ce4a1a6.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-2_f781e629660d8cb1fb4cfeea91f46c4ccda5789d46b730565018aa0a0d66c82e.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-3_8e704df955dff3f413ebf3b8c38503422623d794482c8278877acbf158e04861.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-4_10cb79b69e984341464591bcd9ee2bb56bba1554c3893ed479dc0964df868e1f.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-5_4ef9719b8f02e2872ff58ced3d1faf6a097af37fa4f6513f0cac390f54083f36.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-6_5d89c2f454430d25aa623ccd831245055c84cc4b5bdb593a8d754ba36d0819cf.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-7_102401ee712f4617b5e315e873c180004b9cef7fe87aab7b69702bcb57dbad2b.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-1_072f1fe96f08bafe424738cd0101ec2d14a2ac56a0137c9629cf3588f234cce4.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/html/templates_b5234919e2a889c18222bff172417fe6c89c492780e576510a95597a31c9cbf8.json

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-8_69550a5355a20a8ac9c321fead2f18676404c0601c8236b2af2c67b83d87ccbe.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_47f7d58d40f84e7fa878532d05a625c2b9700c9300276decec0cbc374c0a5644.css

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-9_931af59115cb573dfb0b9d5e56173e9c331e69d55051751df67da92896030ecd.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-2_10a05b6765b6026254e38256d6605785a669dcecbb78aa0a4f753eb194adc526.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-10_a9ba907ba9dd81c5e62c2fed2176cabe298b81311b19e68a758a08e49e99dbb7.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-11_66b24c30c7b0bf6da1d1d3944e545ac10223bfb99a00912625b21ff5c8393fde.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-3_30f3181a739be37bec4d6d2523f852a0b37e2ed81b4085f0a3ab7c8dc33680d4.css

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-12_4bbc38baee6e521d660537ef5e1dcc7a5b8336987766e788ff3660d27599113c.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-13_55d79a4829c34f3c7b426ca2374fe72d3153f26cdd6a90b9393a58edd62b8e8c.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-14_929fd0bac155152c7bd8aaae0610f63162642bf0beb21000adca8571868b0080.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-4_5779e6dc2e880272298c0fb7aca6bdd982af790fc1ceb1a33e47081382e89f60.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-15_6d963e835cfb0f50e471b6b5538cdcbb43601ba6965d34d4b3e8e83fc14d295f.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-16_fb7c70bd65399eef30dd070b9cec3088053f0d9867ae00dc2d2c02dfb697be82.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-7_18aaf2ab89480440d7bd22444a5096d39ce169c8c401c65c334b22292c7b42dc.css

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mobile-button-loader-green.b175f7d362d2b4af.gif

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-chat-onboarding-preview.237bc0c333af649.png

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-fm-main-sprite.7d3634e3f4c954e9.png

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-loader-dark.10067de1c8e7e26c.gif

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-loading-sprite.e80d6d3a0b827536.png

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.d4063da614b05c60.woff2?t=1702437006030

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.13e2c92f21f9ba07.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-menus-sprite.aaa9a4ae08139b96.png

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-theme-light.952d720966777ae8.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/mega-files-icons.d0eb3dca90ed2246.png

HTTP Response

200

HTTP Response

200

HTTP Response

200
89.44.169.134:443

eu.static.mega.co.nz

tls, http2

firefox.exe

1.2kB
6.2kB
9
10
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

4.0kB
80.0kB
49
70

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
127.0.0.1:49790

firefox.exe
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

2.6kB
40.3kB
33
40

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

2.7kB
40.3kB
27
40

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

2.7kB
40.5kB
27
40

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
31.216.144.5:443

https://mega.nz/rsaasm.js

tls, http

firefox.exe

3.4kB
40.4kB
38
41

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
66.203.125.11:443

https://g.api.mega.co.nz/wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs

tls, http

firefox.exe

6.5kB
13.9kB
23
26

HTTP Request

POST https://g.api.mega.co.nz/cs?id=738392880&v=3&lang=en&domain=meganz

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=738392881&v=3&lang=en&domain=meganz

HTTP Response

200

HTTP Request

GET https://g.api.mega.co.nz/wsc?v=3&ec=&n=XVtlQK7Z&sn=6RXVkFnnxJs

HTTP Response

200

HTTP Request

GET https://g.api.mega.co.nz/wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs

HTTP Response

200

HTTP Request

GET https://g.api.mega.co.nz/wsc/jkuoEeW8pm8tD0R2NdPLAQ?n=XVtlQK7Z&sn=6RXVkFnnxJs
66.203.125.11:443

g.api.mega.co.nz

tls

firefox.exe

1.1kB
992 B
9
8
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
35.244.181.201:443

aus5.mozilla.org

tls

firefox.exe

2.4kB
5.8kB
19
17
88.221.134.209:80

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

http

firefox.exe

12.5kB
467.2kB
226
343

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

HTTP Response

200
209.85.202.139:443

redirector.gvt1.com

tls

firefox.exe

1.8kB
9.3kB
19
22
74.125.175.166:443

r1---sn-aigzrnsz.gvt1.com

tls

firefox.exe

247.3kB
8.7MB
4401
6248
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe
127.0.0.1:6341

firefox.exe

8.8.8.8:53

mega.nz

dns

firefox.exe

53 B
85 B
1
1

DNS Request

mega.nz

DNS Response

31.216.144.5

31.216.145.5
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

shavar.services.mozilla.com

dns

firefox.exe

73 B
157 B
1
1

DNS Request

shavar.services.mozilla.com

DNS Response

34.213.155.5

44.239.151.67

52.24.152.80
8.8.8.8:53

mega.nz

dns

firefox.exe

53 B
85 B
1
1

DNS Request

mega.nz

DNS Response

31.216.145.5

31.216.144.5
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

148 B
90 B
2
1

DNS Request

contile.services.mozilla.com

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

206 B
119 B
2
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

push.services.mozilla.com

dns

firefox.exe

142 B
125 B
2
1

DNS Request

push.services.mozilla.com

DNS Request

push.services.mozilla.com

DNS Response

34.107.243.93
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

166 B
161 B
2
1

DNS Request

firefox.settings.services.mozilla.com

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
8.8.8.8:53

mega.nz

dns

firefox.exe

53 B
109 B
1
1

DNS Request

mega.nz

DNS Response

2a0b:e46:1:144::5

2a0b:e46:1:145::5
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
116 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

34.213.155.5

44.239.151.67

52.24.152.80
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
153 B
1
1

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

shavar.services.mozilla.com

dns

firefox.exe

292 B
157 B
4
1

DNS Request

shavar.services.mozilla.com

DNS Request

shavar.services.mozilla.com

DNS Request

shavar.services.mozilla.com

DNS Request

shavar.services.mozilla.com

DNS Response

44.239.151.67

34.213.155.5

52.24.152.80
8.8.8.8:53

5.144.216.31.in-addr.arpa

dns

71 B
110 B
1
1

DNS Request

5.144.216.31.in-addr.arpa
8.8.8.8:53

eu.static.mega.co.nz

dns

firefox.exe

132 B
114 B
2
1

DNS Request

eu.static.mega.co.nz

DNS Request

eu.static.mega.co.nz

DNS Response

89.44.169.134

66.203.124.37

89.44.169.132
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

autopush.prod.mozaws.net

DNS Response

34.107.243.93
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
155 B
1
1

DNS Request

autopush.prod.mozaws.net
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

188 B
187 B
2
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

push.services.mozilla.com

dns

firefox.exe

71 B
125 B
1
1

DNS Request

push.services.mozilla.com

DNS Response

34.107.243.93
8.8.8.8:53

g.api.mega.co.nz

dns

firefox.exe

62 B
175 B
1
1

DNS Request

g.api.mega.co.nz

DNS Response

66.203.125.11

66.203.125.15

66.203.125.12

66.203.125.14

66.203.125.13

66.203.125.16
8.8.8.8:53

lu.api.mega.co.nz

dns

firefox.exe

189 B
159 B
3
1

DNS Request

lu.api.mega.co.nz

DNS Request

lu.api.mega.co.nz

DNS Request

lu.api.mega.co.nz

DNS Response

66.203.125.13

66.203.125.14

66.203.125.15

66.203.125.16

66.203.125.11

66.203.125.12
8.8.8.8:53

eu.static.mega.co.nz

dns

firefox.exe

66 B
114 B
1
1

DNS Request

eu.static.mega.co.nz

DNS Response

89.44.169.132

66.203.124.37

89.44.169.134
8.8.8.8:53

eu.static.mega.co.nz

dns

firefox.exe

132 B
150 B
2
1

DNS Request

eu.static.mega.co.nz

DNS Request

eu.static.mega.co.nz

DNS Response

2001:678:25c:2215::552

2a0b:e46:1:50::37

2001:678:25c:2215::550
8.8.8.8:53

134.169.44.89.in-addr.arpa

dns

144 B
112 B
2
1

DNS Request

134.169.44.89.in-addr.arpa

DNS Request

134.169.44.89.in-addr.arpa
8.8.8.8:53

11.125.203.66.in-addr.arpa

dns

144 B
104 B
2
1

DNS Request

11.125.203.66.in-addr.arpa

DNS Request

11.125.203.66.in-addr.arpa
8.8.8.8:53

5.155.213.34.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

5.155.213.34.in-addr.arpa
8.8.8.8:53

lu.api.mega.co.nz

dns

firefox.exe

63 B
231 B
1
1

DNS Request

lu.api.mega.co.nz

DNS Response

2a0b:e46:1:100::13

2a0b:e46:1:100::12

2a0b:e46:1:100::15

2a0b:e46:1:100::16

2a0b:e46:1:100::11

2a0b:e46:1:100::14
8.8.8.8:53

aus5.mozilla.org

dns

firefox.exe

124 B
180 B
2
1

DNS Request

aus5.mozilla.org

DNS Request

aus5.mozilla.org

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

201.181.244.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

201.181.244.35.in-addr.arpa
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

70 B
286 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
99 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

88.221.134.209

88.221.134.155
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

134 B
123 B
2
1

DNS Request

a19.dscg10.akamai.net

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:869b
8.8.8.8:53

209.134.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

209.134.221.88.in-addr.arpa
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
161 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

209.85.202.139

209.85.202.100

209.85.202.113

209.85.202.101

209.85.202.102

209.85.202.138
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

130 B
161 B
2
1

DNS Request

redirector.gvt1.com

DNS Request

redirector.gvt1.com

DNS Response

209.85.202.138

209.85.202.102

209.85.202.100

209.85.202.101

209.85.202.113

209.85.202.139
209.85.202.139:443

redirector.gvt1.com

https

firefox.exe

2.1kB
9.7kB
9
11
8.8.8.8:53

r1---sn-aigzrnsz.gvt1.com

dns

firefox.exe

284 B
116 B
4
1

DNS Request

r1---sn-aigzrnsz.gvt1.com

DNS Request

r1---sn-aigzrnsz.gvt1.com

DNS Request

r1---sn-aigzrnsz.gvt1.com

DNS Request

r1---sn-aigzrnsz.gvt1.com

DNS Response

74.125.175.166
8.8.8.8:53

139.202.85.209.in-addr.arpa

dns

73 B
107 B
1
1

DNS Request

139.202.85.209.in-addr.arpa
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
177 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:400b:c00::66

2a00:1450:400b:c00::8a

2a00:1450:400b:c00::64

2a00:1450:400b:c00::65
8.8.8.8:53

r1.sn-aigzrnsz.gvt1.com

dns

firefox.exe

69 B
85 B
1
1

DNS Request

r1.sn-aigzrnsz.gvt1.com

DNS Response

74.125.175.166
8.8.8.8:53

166.175.125.74.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

166.175.125.74.in-addr.arpa
8.8.8.8:53

r1.sn-aigzrnsz.gvt1.com

dns

firefox.exe

69 B
97 B
1
1

DNS Request

r1.sn-aigzrnsz.gvt1.com

DNS Response

2a00:1450:4009:1b::6
74.125.175.166:443

r1.sn-aigzrnsz.gvt1.com

https

firefox.exe

1.8kB
6.5kB
5
7

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sx470w5j.default-release\cache2\entries\46452CEA1D6AA2BF58B5942C88BD664FF9175EFC

Filesize
44KB

MD5
12f04f1cf5559ecfabab6a46a26d2ecc

SHA1
2294d9a9914ce1a67e244586e4598686e933f239

SHA256
b97295867cfc0c5aac71e765c5172fd95131805aeff6c699bb5a3e286efd4e09

SHA512
807e533bbaec7d5fd42af90c70abdb7249ad7f821296989205e9e7360d38616d8b6d1915852fa3e490cb4f3c7d2268bdb8ea24dac3168c66b80a4570866534f9

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
684KB

MD5
07edeb4c21086250b0028054ed39cbab

SHA1
44164cab8546b77a404f2753a7aaf790bbbfb958

SHA256
087f560ad0542df3c70e2eea262119efca91c8d198eecfa3c8de6ec63a011fc4

SHA512
e811f15433f632f1530d4d9183eef59922234bbd2efc2335c0287eabb9166ca9a0fb161060cf03f53e92ab0fca684715366f18815e8d406edbd9b605a54f04e0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\datareporting\glean\db\data.safe.bin

Filesize
2KB

MD5
088660fce24742cfd89d51a18486b0dc

SHA1
4499a68845ca18c19a0e4010cf53c1f2a9cc7bd2

SHA256
56040ccfef764a0bbc88a66ef7236c16081e31333e9e84d1b525769b3745e72f

SHA512
6ce7d83cad31fb0ba4cfc4c9bd651621cbda25d7cf21ca9e22122f4dac02eee8f435596d2a28e828c27d2d56d9422528b4480872683e0f985789a632308dab9e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\datareporting\glean\pending_pings\0f442159-652e-4c88-8c0d-5424afed5b73

Filesize
11KB

MD5
2e064c7c130ca12d11e1a559ba652aff

SHA1
7449b0bfb2168abc4afe849f94214d38a3774d65

SHA256
3eb42b7f491e8cf5f449230373c9910e02accb2ce0d41287b367c113e26adfb7

SHA512
bf014f9fc21634f5f6ddc061cf9f59d61db1c12d5d0bc0dd3cdead150a94881cfc08cb596171df32269673c66520c9c95c12394f0db8a454b7b60b0bef1ae053

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\datareporting\glean\pending_pings\7c4524fc-c8ab-41af-bdce-0e940329570d

Filesize
746B

MD5
68657b56934c5db5226bf450b961d9d8

SHA1
fc5149cf9a48e2c232043508f9fe987de8bc637d

SHA256
75350d08c89f67ecbaf8bc6c2ae7c4fef951e9d47df6142029d95e231b211030

SHA512
f0da5e1ff60cd01dacea6c3450a164d3b4375eba0c7dc6aa53a02be762636f2fc57c240641a4cbbacd83fb8e23d4a7dd9d45658aaff5dcae87ec31fa65721ada

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
517KB

MD5
79fb76daa72e94d102e24a337328520a

SHA1
2032dfff9381ea8d6155537647b181d881d5e9a0

SHA256
deed7ce6b1e97153f278410b1fa01b81d82ca3027b314b92820226a9391f07cf

SHA512
8576a3d6e5ba640fabe3ed4c44c819b9df4764e71be7bfc8407b8994bba5c4d43bdc7b30ce8af9e507a77db8704ed4dc4cd7a5ea7e2f48257690bb3eb12a8aba

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\prefs-1.js

Filesize
7KB

MD5
8f78f8cc67599f9736bd27afa9de0342

SHA1
bf1a0cdc189f66930c1e7aa4613b192e57581a59

SHA256
c42bdb36f4a7e374c3b55f48322a90f5df3823ce6bfb88157dae3bea74e42f5a

SHA512
6d25db989f2c60a1885f57dfe89356d4ffd3829928c30a017073c30fd38e32c17457eee7b93795de36c112a4fdedd665ae211a837f6e52b79cda2b7522771a75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\prefs-1.js

Filesize
6KB

MD5
9a7feff4ace9ab80e2695d6a0cd74298

SHA1
2cddacba9f1ce0ef8401118fb48479ccae8f8cb9

SHA256
fcb521f0d02acec94a0ce1405a5d61afeb84d13e443876e85e4ff7b3926338bc

SHA512
c92a2ff7d1bd504a4e030faec45a30adaeb1da5539f63cb7730ed7ade3d8bbab429db819be3c7338b7291b3ccde77eb53b35c9a00eb3f8d1fe7d1730600ed73b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\prefs-1.js

Filesize
6KB

MD5
d23c6cdf1cff10a3187f6cf0fd38d5f1

SHA1
254b157166cd066bd78ca65f576c716a356c20c0

SHA256
7679531b538bb47ab56b40f767b6053d85515086fe521f59b717dc57fcb9e070

SHA512
cc840dc74a093f62455287b87f9779b1abc53cc47b39f3e82b663daaf2bb22e5f0e124ab044cf5571dcf5c6fbfcd0068eba705be2689285fb306b82288b1c399

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\sessionCheckpoints.json

Filesize
193B

MD5
2ad4fe43dc84c6adbdfd90aaba12703f

SHA1
28a6c7eff625a2da72b932aa00a63c31234f0e7f

SHA256
ecb4133a183cb6c533a1c4ded26b663e2232af77db1a379f9bd68840127c7933

SHA512
2ee947dcf3eb05258c7a8c45cb60082a697dbe6d683152fe7117d20f7d3eb2beaaf5656154b379193cdc763d7f2f3b114cf61b4dd0f8a65326e662165ccf89cc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
5KB

MD5
3aaffe2c9188ead1f75f11c4890f1d92

SHA1
2643b665333f11951ba85efaf98a8aaf6be371d2

SHA256
1a2fd2e2391eb81d2a137b2d5befdc4560dbcbd48ae0a077e7a4ac39308f7f13

SHA512
ccdee68afa653735767dbdeb7ed40ebb434d626d12bc040e028f2cf546b469f135cec7f579a6186196ea801b52db9587407e995ca9ff442fe3c5eb93920cf743

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\sessionstore.jsonlz4

Filesize
5KB

MD5
06f5f572b009ddb9efce7cbdb95fccaa

SHA1
f8bba15e4f898948347b1cb9ddbd0b938ec9a41b

SHA256
45661f376b794da05a6504670be221ebce2b3aa3f1eef70852fe42b169357d79

SHA512
b3046e25478404a74e41014ddb856c9854be3c69e482821b1d35198543aad8b48a10b279ed8b7e85aa3a923bf93e8982188ed2fc5e1643dd2f10dfbb4828df95

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\storage\default\https+++mega.nz\cache\morgue\29\{e5755d07-c56f-4403-86cf-c99a52d9db1d}.final

Filesize
1KB

MD5
3efa9abd92666265dd81c4f4311a96f9

SHA1
41b6b716d67b93555e444cd453f3c6e3f8c9522c

SHA256
5066b1841e8877db31312ef3af86f9bc9234c95071119e025764f45241a4e2e7

SHA512
5961950f077501608a0f2975e7f69c483eeacc4eec4ac77fd650cc1131609501f87819f93ed23aa508a90426156abf038a859fac4112d2d4435bbb634027cd6c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sx470w5j.default-release\storage\default\https+++mega.nz\idb\3713173747_s_edmban.sqlite

Filesize
48KB

MD5
6bc9889cd40fc119dd6ae97b68b70ba0

SHA1
e2eb1019927a380a2bfca249a14415f95e781264

SHA256
ddd1c06493b381c31080937fefcca16b5517949cc715caf81b18b72334af187f

SHA512
7e0456ee93bb11de840039428f6117a9cace116688296b6005ab6d8363433ec7e12da31cf1e236d34d095609594a4ac1b72df1e19dcc35ddadb1b1e8614f746e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response