hxxps://mega[.]nz/folder/2Z9yAAKA#nY6eHCfz-h7mJGBPgPkshA

Analysis

max time kernel
13s
max time network
9s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
19/08/2024, 10:46 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/folder/2Z9yAAKA#nY6eHCfz-h7mJGBPgPkshA

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133685379875399889"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe

Suspicious use of AdjustPrivilegeToken 28 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: 33	2684	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2684	AUDIODG.EXE
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4116 wrote to memory of 3024	4116	chrome.exe	81
PID 4116 wrote to memory of 3024	4116	chrome.exe	81
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 808	4116	chrome.exe	83
PID 4116 wrote to memory of 1584	4116	chrome.exe	84
PID 4116 wrote to memory of 1584	4116	chrome.exe	84
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85
PID 4116 wrote to memory of 3440	4116	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mega.nz/folder/2Z9yAAKA#nY6eHCfz-h7mJGBPgPkshA
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1fd0cc40,0x7ffe1fd0cc4c,0x7ffe1fd0cc58
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1812,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  PID:808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2104,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2100 /prefetch:3
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2188 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4556,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4564 /prefetch:8
  2⤵
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4632,i,12725795504678069691,7286939018109251513,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  PID:2440

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2408

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1720

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x0000000000000490 0x00000000000004DC
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2684

Network

DNS

mega.nz

chrome.exe

Remote address:

8.8.8.8:53

Request

mega.nz

IN A

Response

mega.nz

IN A

31.216.145.5

mega.nz

IN A

31.216.144.5
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

216.58.215.42

content-autofill.googleapis.com

IN A

172.217.20.170

content-autofill.googleapis.com

IN A

142.250.178.138

content-autofill.googleapis.com

IN A

172.217.20.202

content-autofill.googleapis.com

IN A

216.58.214.170

content-autofill.googleapis.com

IN A

142.250.201.170

content-autofill.googleapis.com

IN A

172.217.18.202

content-autofill.googleapis.com

IN A

216.58.214.74

content-autofill.googleapis.com

IN A

216.58.213.74

content-autofill.googleapis.com

IN A

142.250.179.74

content-autofill.googleapis.com

IN A

142.250.179.106

content-autofill.googleapis.com

IN A

142.250.75.234
DNS

8.8.8.8.in-addr.arpa

chrome.exe

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

13.125.203.66.in-addr.arpa

chrome.exe

Remote address:

8.8.8.8:53

Request

13.125.203.66.in-addr.arpa

IN PTR

Response

13.125.203.66.in-addr.arpa

IN PTR

bt3apimegaconz
GET

https://mega.nz/folder/2Z9yAAKA

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /folder/2Z9yAAKA HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 877
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Robots-Tag: noindex
Set-Cookie: geoip=GB
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz ad.mega.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive
GET

https://mega.nz/secureboot.js?r=1723681165

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /secureboot.js?r=1723681165 HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://mega.nz/folder/2Z9yAAKA
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 57539
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/loading-sprite_v4.png

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /loading-sprite_v4.png HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://mega.nz/folder/2Z9yAAKA
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 3414
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
GET

https://mega.nz/favicon.ico?v=3

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /favicon.ico?v=3 HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://mega.nz/folder/2Z9yAAKA
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/x-icon
Content-Length: 1029
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/nodedec.js?v=5

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /nodedec.js?v=5 HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: same-origin
Sec-Fetch-Dest: worker
Referer: https://mega.nz/folder/2Z9yAAKA
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 9876
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/sw.js?v=1

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /sw.js?v=1 HTTP/1.1
Host: mega.nz
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
Service-Worker: script
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: same-origin
Sec-Fetch-Dest: serviceworker
Referer: https://mega.nz/folder/2Z9yAAKA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 1208
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/sjcl.js

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /sjcl.js HTTP/1.1
Host: mega.nz
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://mega.nz/nodedec.js?v=5
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 22139
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/rsaasm.js

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /rsaasm.js HTTP/1.1
Host: mega.nz
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://mega.nz/nodedec.js?v=5
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 37695
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/manifest.json

chrome.exe

Remote address:

31.216.145.5:443

Request

GET /manifest.json HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: manifest
Referer: https://mega.nz/folder/2Z9yAAKA
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Content-Length: 275
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://eu.static.mega.co.nz/4/lang/en_9994bb163809cb991ee8ad7da5455261a74490eb418456f6a5ccd4e0ffad2523.json

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/lang/en_9994bb163809cb991ee8ad7da5455261a74490eb418456f6a5ccd4e0ffad2523.json HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:26 GMT
content-type: application/json
content-length: 96014
last-modified: Thu, 15 Aug 2024 04:39:26 GMT
vary: Accept-Encoding
etag: "66bd867e-1770e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-1_3a42998e6f7318edd6f6ea0568cc7824c9273044f89e2c38ae326fc554ad5a84.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-1_3a42998e6f7318edd6f6ea0568cc7824c9273044f89e2c38ae326fc554ad5a84.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:26 GMT
content-type: application/javascript
content-length: 115400
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-1c2c8"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-2_5bb4bb4a3566db71661d45edd48018318a13b6be73a4682bd01290ccc5bac100.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-2_5bb4bb4a3566db71661d45edd48018318a13b6be73a4682bd01290ccc5bac100.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 122972
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-1e05c"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-3_502456ed2c08898db9c43355c1021b950e3ef2b478ba9a1338ac344452579841.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-3_502456ed2c08898db9c43355c1021b950e3ef2b478ba9a1338ac344452579841.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 113978
last-modified: Thu, 15 Aug 2024 04:39:32 GMT
vary: Accept-Encoding
etag: "66bd8684-1bd3a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-4_abbe3f1c0c8d9591b28c7785aa399faf86513af6a1e0f6ce5d0e05e3bb6c44b7.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-4_abbe3f1c0c8d9591b28c7785aa399faf86513af6a1e0f6ce5d0e05e3bb6c44b7.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 114096
last-modified: Thu, 15 Aug 2024 04:39:32 GMT
vary: Accept-Encoding
etag: "66bd8684-1bdb0"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-5_4344e1bc2caea0b5c2478c0003eae10fce7dbf77ffc5fd2e87b00f62abd02656.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-5_4344e1bc2caea0b5c2478c0003eae10fce7dbf77ffc5fd2e87b00f62abd02656.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 109901
last-modified: Thu, 15 Aug 2024 04:39:30 GMT
vary: Accept-Encoding
etag: "66bd8682-1ad4d"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-6_9345a7ec6bf5211c5330ab702fdd2b1ea202a00441a8cec867a0cfb7d6fb1420.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-6_9345a7ec6bf5211c5330ab702fdd2b1ea202a00441a8cec867a0cfb7d6fb1420.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 115668
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-1c3d4"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-1_bfda10965a5785b4fea4de9bdbfec5eb8f936f41d14618f363c1e7c7abacee09.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/mega-1_bfda10965a5785b4fea4de9bdbfec5eb8f936f41d14618f363c1e7c7abacee09.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: text/css
content-length: 77155
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-12d63"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/html/templates_31fc9d9b2792525bb05f5818d97547d288da4e631a574225b110cdb6efaeca58.json

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/html/templates_31fc9d9b2792525bb05f5818d97547d288da4e631a574225b110cdb6efaeca58.json HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/json
content-length: 108450
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-1a7a2"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 69976
last-modified: Thu, 15 Aug 2024 04:39:32 GMT
vary: Accept-Encoding
etag: "66bd8684-11158"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-8_bc91f313152b74408e3715be06f8b45c9450f6f4814a11e5a2ab431e886fee21.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-8_bc91f313152b74408e3715be06f8b45c9450f6f4814a11e5a2ab431e886fee21.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 87897
last-modified: Thu, 15 Aug 2024 04:39:32 GMT
vary: Accept-Encoding
etag: "66bd8684-15759"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: text/css
content-length: 1377
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-561"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-9_2fca778327ae4a89eaff6bed1debb43363a39b8d8792ac067d3f99e8d4aa9648.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-9_2fca778327ae4a89eaff6bed1debb43363a39b8d8792ac067d3f99e8d4aa9648.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 118105
last-modified: Thu, 15 Aug 2024 04:39:30 GMT
vary: Accept-Encoding
etag: "66bd8682-1cd59"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-2_288f141074b0fabca9dd1b68a0f77562901697a1e700bb4de3b657ca569488d6.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/mega-2_288f141074b0fabca9dd1b68a0f77562901697a1e700bb4de3b657ca569488d6.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: text/css
content-length: 30174
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-75de"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-10_1efe9232ed4a5b76f475c7eb0a29fa6b30881fe4ff2dfde25a3d7be8c18787be.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-10_1efe9232ed4a5b76f475c7eb0a29fa6b30881fe4ff2dfde25a3d7be8c18787be.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 109211
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-1aa9b"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-11_06384133424c1ff5d00b7a38235a0bb24960538debd164f23c0b2fd986eb7ba3.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-11_06384133424c1ff5d00b7a38235a0bb24960538debd164f23c0b2fd986eb7ba3.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 76917
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-12c75"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-3_4cd5d7232bdb9cee4fec55ae72186f50179d28973e927d50d00ff4cde881d945.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/mega-3_4cd5d7232bdb9cee4fec55ae72186f50179d28973e927d50d00ff4cde881d945.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: text/css
content-length: 116973
last-modified: Thu, 15 Aug 2024 04:39:34 GMT
vary: Accept-Encoding
etag: "66bd8686-1c8ed"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-12_cfeffd5ef1fb76bb408ed211e41188c6720b61a8288789de43bd5ffdb321766b.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-12_cfeffd5ef1fb76bb408ed211e41188c6720b61a8288789de43bd5ffdb321766b.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 105086
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-19a7e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-13_7d5e9e17762b6a5f617ca56bd99d0e5f220d6a5f6688648aca58de999d06010a.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-13_7d5e9e17762b6a5f617ca56bd99d0e5f220d6a5f6688648aca58de999d06010a.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 97029
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-17b05"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-14_20feaefc13b3f858bcd1112fa402d9a3e223296bb43a82c4672ce7ac6c4f43b6.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-14_20feaefc13b3f858bcd1112fa402d9a3e223296bb43a82c4672ce7ac6c4f43b6.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:27 GMT
content-type: application/javascript
content-length: 87088
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-15430"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-4_9daed924351f673e5655acf3f2a2bb6f644c913d4d3cd0fcce9e40c8aa9461e2.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/mega-4_9daed924351f673e5655acf3f2a2bb6f644c913d4d3cd0fcce9e40c8aa9461e2.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: text/css
content-length: 44734
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-aebe"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-15_0976327b30a1e93ef375adfc3f355a621474779437f5416c59c5e919722339f0.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-15_0976327b30a1e93ef375adfc3f355a621474779437f5416c59c5e919722339f0.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: application/javascript
content-length: 90087
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-15fe7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/mega-16_39d36295272c934bcf8a24dce3774acf3e18f9ed8692ddbea8c7e2171f67b2a1.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/mega-16_39d36295272c934bcf8a24dce3774acf3e18f9ed8692ddbea8c7e2171f67b2a1.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: application/javascript
content-length: 101996
last-modified: Thu, 15 Aug 2024 04:39:31 GMT
vary: Accept-Encoding
etag: "66bd8683-18e6c"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: text/css
content-length: 9042
last-modified: Thu, 15 Aug 2024 04:39:34 GMT
vary: Accept-Encoding
etag: "66bd8686-2352"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: application/javascript
content-length: 49684
last-modified: Thu, 15 Aug 2024 04:39:33 GMT
vary: Accept-Encoding
etag: "66bd8685-c214"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: text/css
content-length: 639
last-modified: Thu, 15 Aug 2024 04:39:34 GMT
vary: Accept-Encoding
etag: "66bd8686-27f"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:28 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-16014"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-23064"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Lato-Regular.woff2?v=6343dd45044b0726 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-2c9b4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.851146c6f8f7d29d.woff2?h=3e5470acc

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/imagery/sprites-fm-mono.851146c6f8f7d29d.woff2?h=3e5470acc HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-10db0"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Lato-Semibold.woff2?v=7194963095272d0e HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-2cf0c"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/montserrat-regular-webfont.woff?v=b120c269e3d6fb2b

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/montserrat-regular-webfont.woff?v=b120c269e3d6fb2b HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: font/woff
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-21d68"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Bold.woff2?v=68dc6f1014d3c7a0

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Lato-Bold.woff2?v=68dc6f1014d3c7a0 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-2d250"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Light.woff2?v=8399226c9629aa5d

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Lato-Light.woff2?v=8399226c9629aa5d HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-2c4fc"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Inter-Bold.woff2?v=652fef02d893850c

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Inter-Bold.woff2?v=652fef02d893850c HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-1a2e4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: font/woff2
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
vary: Accept-Encoding
etag: W/"66bd4a46-181c4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
DNS

5.145.216.31.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.145.216.31.in-addr.arpa

IN PTR

Response

5.145.216.31.in-addr.arpa

IN PTR

31-216-145-5ipdcluxcom
DNS

42.215.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.215.58.216.in-addr.arpa

IN PTR

Response

42.215.58.216.in-addr.arpa

IN PTR

par21s17-in-f101e100net
DNS

g.api.mega.co.nz

Remote address:

8.8.8.8:53

Request

g.api.mega.co.nz

IN A

Response

g.api.mega.co.nz

IN CNAME

lu.api.mega.co.nz

lu.api.mega.co.nz

IN A

66.203.125.13

lu.api.mega.co.nz

IN A

66.203.125.12

lu.api.mega.co.nz

IN A

66.203.125.15

lu.api.mega.co.nz

IN A

66.203.125.16

lu.api.mega.co.nz

IN A

66.203.125.11

lu.api.mega.co.nz

IN A

66.203.125.14
DNS

37.124.203.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.124.203.66.in-addr.arpa

IN PTR

Response
POST

https://g.api.mega.co.nz/cs?id=0

chrome.exe

Remote address:

66.203.125.13:443

Request

POST /cs?id=0 HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 13
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 87
Content-Length: 87
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=274744514&v=3&lang=en&domain=meganz

chrome.exe

Remote address:

66.203.125.13:443

Request

POST /cs?id=274744514&v=3&lang=en&domain=meganz HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 76
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 26436
Content-Encoding: gzip
Content-Length: 10615
Connection: keep-alive
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.292a5f9ee5a59318.svg

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/imagery/sprites-fm-uni-uni.292a5f9ee5a59318.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/svg+xml
content-length: 43207
last-modified: Thu, 15 Aug 2024 04:39:28 GMT
vary: Accept-Encoding
etag: "66bd8680-a8c7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/images/mega/loader-dark.gif?v=10067de1c8e7e26c

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/loader-dark.gif?v=10067de1c8e7e26c HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/gif
content-length: 41809
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-a351"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/loading-sprite.png?v=e80d6d3a0b827536

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/loading-sprite.png?v=e80d6d3a0b827536 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/png
content-length: 3414
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-d56"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/fm-main-sprite.png?v=7d3634e3f4c954e9

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/fm-main-sprite.png?v=7d3634e3f4c954e9 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/png
content-length: 43812
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-ab24"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/gif
content-length: 8787
last-modified: Thu, 15 Aug 2024 00:22:30 GMT
etag: "66bd4a46-2253"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/svg+xml
content-length: 18226
last-modified: Thu, 15 Aug 2024 04:39:28 GMT
vary: Accept-Encoding
etag: "66bd8680-4732"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
GET

https://eu.static.mega.co.nz/4/images/mega/chat-onboarding-preview.png?v=237bc0c333af649

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/chat-onboarding-preview.png?v=237bc0c333af649 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mega.nz/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:29 GMT
content-type: image/png
content-length: 103443
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-19413"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/top-login-sprite.png?v=33cef2f0849ccdf5

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/top-login-sprite.png?v=33cef2f0849ccdf5 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: image/png
content-length: 5648
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-1610"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/register-sprite.png?v=378a84f4453f99d5

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/register-sprite.png?v=378a84f4453f99d5 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: image/png
content-length: 24874
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-612a"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/startpage-sprite@2x.png?v=f8c80ce9c12a1c08

chrome.exe

Remote address:

66.203.124.37:443

Request

GET /4/images/mega/startpage-sprite@2x.png?v=f8c80ce9c12a1c08 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 19 Aug 2024 10:46:32 GMT
content-type: image/png
content-length: 71028
last-modified: Thu, 15 Aug 2024 00:22:31 GMT
etag: "66bd4a47-11574"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
POST

https://g.api.mega.co.nz/cs?id=76599272&v=3&lang=en&domain=meganz&ec=&n=2Z9yAAKA

chrome.exe

Remote address:

66.203.125.13:443

Request

POST /cs?id=76599272&v=3&lang=en&domain=meganz&ec=&n=2Z9yAAKA HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 30
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 22
Transfer-Encoding: chunked
Connection: keep-alive

31.216.145.5:443

https://mega.nz/rsaasm.js

tls, http

chrome.exe

8.0kB
144.7kB
66
111

HTTP Request

GET https://mega.nz/folder/2Z9yAAKA

HTTP Response

200

HTTP Request

GET https://mega.nz/secureboot.js?r=1723681165

HTTP Response

200

HTTP Request

GET https://mega.nz/loading-sprite_v4.png

HTTP Response

200

HTTP Request

GET https://mega.nz/favicon.ico?v=3

HTTP Response

200

HTTP Request

GET https://mega.nz/nodedec.js?v=5

HTTP Response

200

HTTP Request

GET https://mega.nz/sw.js?v=1

HTTP Response

200

HTTP Request

GET https://mega.nz/sjcl.js

HTTP Response

200

HTTP Request

GET https://mega.nz/rsaasm.js

HTTP Response

200
31.216.145.5:443

https://mega.nz/manifest.json

tls, http

chrome.exe

1.5kB
4.3kB
7
7

HTTP Request

GET https://mega.nz/manifest.json

HTTP Response

200
66.203.124.37:443

https://eu.static.mega.co.nz/4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca

tls, http2

chrome.exe

104.4kB
3.7MB
1917
2706

HTTP Request

GET https://eu.static.mega.co.nz/4/lang/en_9994bb163809cb991ee8ad7da5455261a74490eb418456f6a5ccd4e0ffad2523.json

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-1_3a42998e6f7318edd6f6ea0568cc7824c9273044f89e2c38ae326fc554ad5a84.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-2_5bb4bb4a3566db71661d45edd48018318a13b6be73a4682bd01290ccc5bac100.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-3_502456ed2c08898db9c43355c1021b950e3ef2b478ba9a1338ac344452579841.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-4_abbe3f1c0c8d9591b28c7785aa399faf86513af6a1e0f6ce5d0e05e3bb6c44b7.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-5_4344e1bc2caea0b5c2478c0003eae10fce7dbf77ffc5fd2e87b00f62abd02656.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-6_9345a7ec6bf5211c5330ab702fdd2b1ea202a00441a8cec867a0cfb7d6fb1420.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-1_bfda10965a5785b4fea4de9bdbfec5eb8f936f41d14618f363c1e7c7abacee09.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/html/templates_31fc9d9b2792525bb05f5818d97547d288da4e631a574225b110cdb6efaeca58.json

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-8_bc91f313152b74408e3715be06f8b45c9450f6f4814a11e5a2ab431e886fee21.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-9_2fca778327ae4a89eaff6bed1debb43363a39b8d8792ac067d3f99e8d4aa9648.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-2_288f141074b0fabca9dd1b68a0f77562901697a1e700bb4de3b657ca569488d6.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-10_1efe9232ed4a5b76f475c7eb0a29fa6b30881fe4ff2dfde25a3d7be8c18787be.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-11_06384133424c1ff5d00b7a38235a0bb24960538debd164f23c0b2fd986eb7ba3.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-3_4cd5d7232bdb9cee4fec55ae72186f50179d28973e927d50d00ff4cde881d945.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-12_cfeffd5ef1fb76bb408ed211e41188c6720b61a8288789de43bd5ffdb321766b.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-13_7d5e9e17762b6a5f617ca56bd99d0e5f220d6a5f6688648aca58de999d06010a.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-14_20feaefc13b3f858bcd1112fa402d9a3e223296bb43a82c4672ce7ac6c4f43b6.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-4_9daed924351f673e5655acf3f2a2bb6f644c913d4d3cd0fcce9e40c8aa9461e2.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-15_0976327b30a1e93ef375adfc3f355a621474779437f5416c59c5e919722339f0.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-16_39d36295272c934bcf8a24dce3774acf3e18f9ed8692ddbea8c7e2171f67b2a1.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/folder-link.css-postbuild_1d21b6fd6f92e09c0c138dd448a4aa0fccac3c7061221470dc87f31b03e3fbb9.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/lato-light-ie.woff2?v=3af05cb63f7f4e02

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.851146c6f8f7d29d.woff2?h=3e5470acc

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/montserrat-regular-webfont.woff?v=b120c269e3d6fb2b

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Bold.woff2?v=68dc6f1014d3c7a0

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Light.woff2?v=8399226c9629aa5d

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Inter-Bold.woff2?v=652fef02d893850c

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
66.203.124.37:443

eu.static.mega.co.nz

tls

chrome.exe

1.1kB
6.1kB
10
10
66.203.125.13:443

https://g.api.mega.co.nz/cs?id=274744514&v=3&lang=en&domain=meganz

tls, http

chrome.exe

2.7kB
18.6kB
15
20

HTTP Request

POST https://g.api.mega.co.nz/cs?id=0

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=274744514&v=3&lang=en&domain=meganz

HTTP Response

200
66.203.124.37:443

https://eu.static.mega.co.nz/4/images/mega/startpage-sprite@2x.png?v=f8c80ce9c12a1c08

tls, http2

chrome.exe

9.9kB
384.6kB
173
286

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.292a5f9ee5a59318.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/loader-dark.gif?v=10067de1c8e7e26c

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/loading-sprite.png?v=e80d6d3a0b827536

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/fm-main-sprite.png?v=7d3634e3f4c954e9

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/chat-onboarding-preview.png?v=237bc0c333af649

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/top-login-sprite.png?v=33cef2f0849ccdf5

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/register-sprite.png?v=378a84f4453f99d5

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/startpage-sprite@2x.png?v=f8c80ce9c12a1c08

HTTP Response

200

HTTP Response

200

HTTP Response

200
31.216.145.5:443

mega.nz

tls

chrome.exe

1.1kB
390 B
4
4
66.203.125.13:443

https://g.api.mega.co.nz/cs?id=76599272&v=3&lang=en&domain=meganz&ec=&n=2Z9yAAKA

tls, http

chrome.exe

1.9kB
1.3kB
6
6

HTTP Request

POST https://g.api.mega.co.nz/cs?id=76599272&v=3&lang=en&domain=meganz&ec=&n=2Z9yAAKA

HTTP Response

200

8.8.8.8:53

mega.nz

dns

chrome.exe

268 B
548 B
4
4

DNS Request

mega.nz

DNS Response

31.216.145.5

31.216.144.5

DNS Request

content-autofill.googleapis.com

DNS Response

216.58.215.42

172.217.20.170

142.250.178.138

172.217.20.202

216.58.214.170

142.250.201.170

172.217.18.202

216.58.214.74

216.58.213.74

142.250.179.74

142.250.179.106

142.250.75.234

DNS Request

8.8.8.8.in-addr.arpa

DNS Request

13.125.203.66.in-addr.arpa
8.8.8.8:53

5.145.216.31.in-addr.arpa

dns

71 B
110 B
1
1

DNS Request

5.145.216.31.in-addr.arpa
8.8.8.8:53

42.215.58.216.in-addr.arpa

dns

134 B
286 B
2
2

DNS Request

42.215.58.216.in-addr.arpa

DNS Request

g.api.mega.co.nz

DNS Response

66.203.125.13

66.203.125.12

66.203.125.15

66.203.125.16

66.203.125.11

66.203.125.14
8.8.8.8:53

37.124.203.66.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

37.124.203.66.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
0aad12c868f04da49a4426ed28fbc8e8

SHA1
2155a130552c463f3c4ab5b67d09d816dd147f14

SHA256
cd8a63d7ce327baab4457c0f3f170d56847a9dd63137339bcd05772fe06d8103

SHA512
2cacc74a2b5d6e3eedb5bfd85ff7abc49e2fc2f33b6d4caeb0fec4cb082ff4a432f0f042d900dc628b4cf295f9a2a3e1f909e0a89da6bf82a2dae74be92025ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
21KB

MD5
b1dfa46eee24480e9211c9ef246bbb93

SHA1
80437c519fac962873a5768f958c1c350766da15

SHA256
fc79a40b2172a04a5c2fe0d5111ebeb401b9a84ce80c6e9e5b96c9c73c9b0398

SHA512
44aefedf8a4c0c8cbc43c1260dc2bbc4605f83a189b6ef50e99058f54a58b61eb88af3f08164671bad4bd9c5e3b97b755f2fa433490bef56aa15cdf37fb412b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
36KB

MD5
f90ac636cd679507433ab8e543c25de5

SHA1
3a8fe361c68f13c01b09453b8b359722df659b84

SHA256
5b4c63b2790a8f63c12368f11215a4ffec30c142371a819a81180a32baeb2bce

SHA512
7641a3610ad6516c9ecd0d5f4e5fa1893c7c60ca3ba8ae2e1b3b0cc3a72f7f9bef4c776a1f2fc52f366bd28a419ae3594a6576e886e79a20ebd98b55b2acc967

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
616b63002df4982ac49eb14176e2898a

SHA1
e15eaad19382651bee6d83eb26d431f0b26711e9

SHA256
2fed5b60bc341a9416140de4773f8a519c3d9fd352ff23dc20b84c216c164c85

SHA512
c18755a53af2836cf8216af4ba56fbdbfb712fbba7559f888f9aa88f15ecc9c9d08a29423b5d3a5b08d5a7c652b22f619e865365e1c199106e0c739b08648158

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ff3189f2b8a810c33943cfa2cbc9033a

SHA1
3ae7d8d4b61380edbc8c10adae10a1508ad55b07

SHA256
1f240003a78b3db7493195403255c8486f103085d591cd31661f1899e85f74e2

SHA512
1cb83a06693a183685c7c34c8a50acb0ab871ab28561f5a039090fbdd78283358fb3321ba4a91b611fb4ab961fab25ec5309dd18d5816cb9a7c05fa63bfc1029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
2a599a7086d9911bc4b5f35602c928cb

SHA1
97af5e5971feb1faae1eb4b86c1e2d2b5d3f91a3

SHA256
347b25d45ea8587d1579a1b98a9fcbd7fffa040ba6c5662a6be8f30b42390879

SHA512
17b7f2a0ebe75a1e60ab1e9eade31e2a41274fff963d38bdb8cfdeac614893a235f787bf61e3fc8e31fb4c2d9ca5f705b3ec7b30a884f5d0f0efa9dc8e2f3755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
a0f4679284e7d13d07ea0b5e0ff3ad47

SHA1
d244904509348cd6a0e2b7e46a8d6aa4fa06c56b

SHA256
0776e980bc0ea25d6589b4a51b0744879934af1122654a67432076c1593e4fdc

SHA512
a6749b07cceabf50721a91e3a5375fcbb593d9215e9e630cf48532f1a5a29cb78b6542a57cabe9d899d337b08add20afbd50a88e8a15ee7decd6411407a64def

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request