Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
19-09-2024 17:19
Static task
static1
Behavioral task
behavioral1
Sample
ebd3531f3b88fc50a302fa5c42962cda_JaffaCakes118.html
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ebd3531f3b88fc50a302fa5c42962cda_JaffaCakes118.html
Resource
win10v2004-20240802-en
General
-
Target
ebd3531f3b88fc50a302fa5c42962cda_JaffaCakes118.html
-
Size
53KB
-
MD5
ebd3531f3b88fc50a302fa5c42962cda
-
SHA1
8265f7b8a60b12fdc5eed00bfd667884aeea00d2
-
SHA256
167cceed9ecdade70230eb7d3f01ce1550a1e86ebe133579804cd69589c95f44
-
SHA512
003476bbcde919a438124231900e0bd3814f03ed4656f4402f44ed292f88865364d737639e60ce9ea667b9b165d2b6cf1038ec0b807fa7f7febfb1ac1cd321bf
-
SSDEEP
768:3bIULQH7a+f64c58DWjRpHY9fgKU62iy2UZaBccIgOuK7u6u9iVi8SznxyqmRt7c:2ba+iDu0D7fqV
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 10 IoCs
pid Process 1536 msedge.exe 1536 msedge.exe 1772 msedge.exe 1772 msedge.exe 540 identity_helper.exe 540 identity_helper.exe 1056 msedge.exe 1056 msedge.exe 1056 msedge.exe 1056 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
pid Process 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe 1772 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1772 wrote to memory of 1876 1772 msedge.exe 82 PID 1772 wrote to memory of 1876 1772 msedge.exe 82 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1500 1772 msedge.exe 83 PID 1772 wrote to memory of 1536 1772 msedge.exe 84 PID 1772 wrote to memory of 1536 1772 msedge.exe 84 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85 PID 1772 wrote to memory of 2484 1772 msedge.exe 85
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\ebd3531f3b88fc50a302fa5c42962cda_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1772 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd6dce46f8,0x7ffd6dce4708,0x7ffd6dce47182⤵PID:1876
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:22⤵PID:1500
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
PID:1536
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:82⤵PID:2484
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:12⤵PID:1392
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:12⤵PID:3988
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:82⤵PID:2964
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:540
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:12⤵PID:5016
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:12⤵PID:2308
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:12⤵PID:1616
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:12⤵PID:4856
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,17028787565593231360,12100904714708461807,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4820 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1056
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3112
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:1460
Network
-
Remote address:8.8.8.8:53Requestcdn.mymediaz.comIN AResponsecdn.mymediaz.comIN A172.67.196.74cdn.mymediaz.comIN A104.21.57.254
-
GEThttps://cdn.mymediaz.com/theme/Flix/ConnSmythe/css/subscriptions/theme-rev/green.3c482507.cssmsedge.exeRemote address:172.67.196.74:443RequestGET /theme/Flix/ConnSmythe/css/subscriptions/theme-rev/green.3c482507.css HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31WboS8pUB%2FTTb6yHZA50EL4ZkEkGF0iJrSVF%2FXBAR6JjJXV0yHm6isksfgVVO9AjoC79lc0acy1lumWC4oFROZYANrkxZEdlF%2B%2BvU8vMydvMVlri9ZEHlqAD5qEMjcGgrXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e499b67cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/logos/gamez/min/moshgame.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKkyQV2XreFdkCXQn5pp57jvGoRM3TxIV3mf4sxKZRAcTrjmE0uLcN6fBraHri3eL6Enm%2BUf8YVSXIIFUvyYN28XqZbk447Ypf5QofcJvJkWueApWlcHy1dNRGvIMgct666N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e499b6acd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e510d82cd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
GEThttps://cdn.mymediaz.com/theme/Flix/ConnSmythe/js/subscriptions/min-rev/scripts.min.d2c6bd0c.jsmsedge.exeRemote address:172.67.196.74:443RequestGET /theme/Flix/ConnSmythe/js/subscriptions/min-rev/scripts.min.d2c6bd0c.js HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGh%2BFH7ptOEMtXjHgHNeRWznARtEj1MeC0GF8iVb1BovHhQjFJyZ%2BL3JUBhRC60NJ3i7O4Zy%2BYfnsJcDJcvfi0fERfaA4EfEZ5R8Q4Hw5IEBAWwuMF8CS3xdvx%2FH7k5QG0%2Fd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a21cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9GA0D30i0AG%2F8m%2FM5crW%2FMyZAM3dlOmpHdp7KqJvJn5PisJtoveo3HCSGGrNSEZJWiY8q7lPdQWMw%2FSR%2FfsYn3wTd3JukJGjzpDI3X3KtOgYj29n1Hp1g%2FKZIM3%2FZW0hHO8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a20cd58-LHR
alt-svc: h3=":443"; ma=86400
-
GEThttps://cdn.mymediaz.com/theme/Flix/ConnSmythe/js/subscriptions/validation/min-rev/regValidation.min.0f44734e.jsmsedge.exeRemote address:172.67.196.74:443RequestGET /theme/Flix/ConnSmythe/js/subscriptions/validation/min-rev/regValidation.min.0f44734e.js HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHxt9jEB21jaxd5DUfnJ5T%2FOTCNZZXBrwmuVCtHiQj7tm%2Ft2xfLnevjtYFCnNrDt0d8OvDNFXh0ksvg1jUyHHd9hZ1CQybgBn42aFtQVDr43oRkEw%2BWuc%2BquuxC2VPeAKv%2BI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a28cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/en.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CV8n163tkkS2zEzTSx5KogLyF33sJu3%2F%2FOxoCS1utpI0m7MLRET1KTCZKrPBlXidgaDqSwe%2B210M9zctMl1yu%2FR1kkx%2BnLC3KQ%2FmC%2BOSN2nyP9U3Jf4J6lRKF1xzIWqfPX9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a2acd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/ar.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4yozDIR9XdjPdF%2BYGpvnqcXo%2FE2vI%2FAwNwTxqrqe7Jdr2n362H92wQ8iick%2BBoTwWLrCF8IlURwUkYsSpUHOgtDxO3ZoDdPj5LOuw%2BclFhC3kBVjcS%2BC6M8Vme13cwayVqV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a31cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/da.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cVCg0yWqsBFDh49WxfMePHhhqZD9trrOPFiYJOWaX3Cx8t6r5ZXMNZZGGzdmKsWVjCkgxmg0IzX96gnzfiZRaWhqKbWVTIxaIcv%2BLKmjUYW9QyXgzZpG8G2b2rVSq7BmX3W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a2ccd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/de.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMDEhlUpXXSR45tewW%2BVcu0jduy5hXeMXC4XfaoF8RouKWWpINvcByeSgPufhZPfgsPFOiMSzDneCJ409%2FNecV0%2B99HIVbpnvgjQqnrVvgsTyVzQjYxp0SvrqgKW5gei3oEg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a2dcd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/es.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ln807EzaxrpGU%2BWogYg7zdU5zGcOGIZ7p652YMLU7jSOPkg7VtZg8HkaTj%2F%2By1A%2F7wY%2Ftnvei%2B0pFykIFOg4Bg3wvz3yaxAs%2B0Z6otS2%2F4tm0PGq3oJDplYWwR3jUQ82%2BS%2Fu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a2ecd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/fr.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FH48IeFtGhOO0GmHfkYFok36JKg02pANbnKwTdekLLZqGEux3yPMkgkqViOoxvUanNONf2sxiWvDLKIR%2FQWt6CwiYhmR6XG4P%2BGoRVcqIFCXWSwE3%2BKdHboH%2BypIrPc5voR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a36cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/it.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okmJchjTpJS37pWAc81Bsk9bBJCulrU9OeZKaFut6n6pSbKxpCZK%2Fq6jP2Z1h2jB5v8Fuj5b9egR8R0Ehj3aTJEhZDoSzIuxvUMK7yUFKYVo1JycTcDhFPdqiLAZMbM2RvO%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a32cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/ja.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5iisE0r0XXDNUSOuL53eWRQy819lmfkzLZ4GxhpV936ibEzAKhCpJK%2Fk1HTffPX9HyHeUBWKJc%2FUekJ02ur8obDhe8TlBl6Ayte%2BZEJU%2BfgYFJWK0GUp64QUqAUZAO0VVWq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a35cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/nl.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fb5Ls4rU10uYm%2B0YzVXgwL57ncwHsWQmdk5%2F%2BOleksGlvJLD1tAAKtXLK8h%2BBlh6epgaHBnlzHxJmvE0OhwZ7zXmDrqTSopFM3jwuDGEGR%2FHlDP50BrrwBtTmII7Kt2mryp%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a2fcd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/no.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgWCd1fVRrNGOmeEQVivpnohbxCsUtT%2BK2MxNXO8VJl04oATpRwhKh8eXOlxsR3VlneNVHGgr8uecPMybG5nrjN5GpmqYHCNUuHhyil7i5l7XLm4UydRKEqWoLbsA%2BjUpMxO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a1bcd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/pl.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTj5ADyS%2Frz4zSF8FKkkqFh46QD1cv1pDxrlRKHjXhE9lEj%2FTqZ19EHn4V14%2BeD7ZTzxCyqJS%2Fd7wk7u8ifZ%2Bw6gENcOzSOHhQXaD1qP%2B147WNa0v%2FDobJBHkXx%2FYGhA6ypT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a34cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/pt.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t49UeOfrcfS952tfC%2FPmrDG4ebo1BFhLHVfMkAtBybrfRtUl9IJ1kvb6ZzvVT56SAiEqW8X9pIMtAhIk4Kjy3Aqt0YoTUkZnNJPimafeDEk44KmZgogm2V14U037YM7F%2FJj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a26cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/sv.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfdCxA8WUWZJryoIT475gTcIDv2vaGpmNYnSpEGnfjNjExiFYgqAHFndAKSZdbT0HVe59KWW%2B%2B6MUfg8jfVvKmDsLxbMH%2FPfnFfbynRFHOnt8HhQYp%2Betv%2BbNx7e0grBbI2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a25cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/flags/min/zh.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdps9fl7OYVKedoqtTADT2dW5b5i0Zty3oKxWC9uiGVLa730%2BQuuCaSwfMTYlleLUHJkj7%2BmDALBTwtSJanu%2B02F3JIG2vRV0IhxowHb9kgSlxrcz1QIY%2FJ1z7stVaEpPyL6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a23cd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/logos/gamez/min/moshgame_dark.png HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaUs28ufO7%2FQEL5RM0iF59CKb4ITGrA7JIGiVzBSmhIoLBxO%2FnBnff8mqPT32DVwZcRbb8yzyycEkAflc7KayZBcVVl5osKwYBxyxCaJasta5CfxqoCoqoq6s%2FnY78c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e548a1ecd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4H5ZA2Vh9qt6WI8Yi9hrvv47d0mwLMRtNn40QdfaitFGqxvbyWjsq%2BiMfQmEYY1Em1R6TYdEIOanSMH%2BkCU6aQ7VTaYTDOtMSAqMkq272tjtI%2FIL8WNYw17ahVLLJho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e557b86cd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1AOqgTz00OtK7PrfkmDYcpr1yRWYEPvBvhOuTVvyfDic4CM1C9wS9FteJGdF5gLt2U04U8v6B5bibodVlCdas%2Fe2iabd2OurZCBhK98gaxuDdG3I6JKfrzUs7zN3pk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e56bd1ecd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMH%2Ft5afkKGmSIgWt%2F%2Bzfxg6hvIe4R8NlY0CRsFSAFl8JTNCw1UpkulY4VeY0H0attC7jMmmq8RIlkqhy7HpV0CATMmQc7I6jEgYssxkXNsskOmx9vb2lxYO%2BV1UyyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e57be83cd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET /img/assets/favicon.ico HTTP/2.0
host: cdn.mymediaz.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 302
content-type: text/html; charset=UTF-8
location: http://mymediaz.com
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9EOJCwy2mtbYo5l4OyKGkHGa7xcbPjgiwj2Z6U%2F3Uyqa%2FdUlqaYP1I7BDp%2FXxNvlJOnWGGQxLsYCIO1p%2BUE5trZ5l%2FwQfzKPDtDNkR21eGJ7MmjriGrb6Ui78F8gQvaJ2Hz4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e89a83dcd58-LHR
alt-svc: h3=":443"; ma=86400
-
Remote address:172.67.196.74:443RequestGET / HTTP/2.0
host: mymediaz.com
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-type: text/html; charset=UTF-8
last-modified: Thu, 19 Sep 2024 17:15:32 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06OfE6Pyfykz3loXLIgES0133Fwc21HjyyxHV76IpTFqlZSTzXixeyBkqLjSbP%2B3JPjFQUuF47K9%2B7ZIwbbuOY9xCWQCT2A%2FrjRL%2FdeQ5dNYwdkQyxQNiWMP%2BpDLPcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b3e9bba4fcd58-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request74.196.67.172.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestmymediaz.comIN AResponsemymediaz.comIN A172.67.196.74mymediaz.comIN A104.21.57.254
-
Remote address:172.67.196.74:80RequestGET / HTTP/1.1
Host: mymediaz.com
Connection: keep-alive
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 19 Sep 2024 18:19:54 GMT
Location: https://mymediaz.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRGxlBlNii1Mv82ZAyG4AfNr6f6b3PxB%2ByNU5OXQebbJ6%2BVLglD5vWK%2FQFdtAZHbCH1T7JOJoempx8HsT1XlYGmTepxkjKJhwnvJbtxuufCQn02pEZKGtt9IP7xRues%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Speculation-Rules: "/cdn-cgi/speculation"
Server: cloudflare
CF-RAY: 8c5b3e4e9b82417d-LHR
-
Remote address:8.8.8.8:53Request79.190.18.2.in-addr.arpaIN PTRResponse79.190.18.2.in-addr.arpaIN PTRa2-18-190-79deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requesta.nel.cloudflare.comIN AResponsea.nel.cloudflare.comIN A35.190.80.1
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
OPTIONShttps://a.nel.cloudflare.com/report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3Dmsedge.exeRemote address:35.190.80.1:443RequestOPTIONS /report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://mymediaz.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
POSThttps://a.nel.cloudflare.com/report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3Dmsedge.exeRemote address:35.190.80.1:443RequestPOST /report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3D HTTP/2.0
host: a.nel.cloudflare.com
content-length: 395
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request1.80.190.35.in-addr.arpaIN PTRResponse1.80.190.35.in-addr.arpaIN PTR18019035bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Requestaffiliate-robot.comIN AResponseaffiliate-robot.comIN A199.83.128.193affiliate-robot.comIN A199.83.132.193
-
Remote address:199.83.128.193:80RequestGET /scripts/trackjs.js HTTP/1.1
Host: affiliate-robot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 503 Service Unavailable
Cache-Control: no-cache, no-store
Connection: close
Content-Length: 690
X-Iinfo: 1050-89166099-0 0NNN RT(1726766397212 1) q(0 -1 -1 -1) r(2 -1)
-
Remote address:8.8.8.8:53Requeststatic.hotjar.comIN AResponsestatic.hotjar.comIN CNAMEstatic-cdn.hotjar.comstatic-cdn.hotjar.comIN A18.165.242.8static-cdn.hotjar.comIN A18.165.242.121static-cdn.hotjar.comIN A18.165.242.88static-cdn.hotjar.comIN A18.165.242.80
-
Remote address:18.165.242.8:443RequestGET /c/hotjar-916387.js?sv=7 HTTP/2.0
host: static.hotjar.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
date: Thu, 19 Sep 2024 17:20:01 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/fdede626881611ce1109d7921de5a1ee
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fb929558f97ead7678aadd93abbe2ab6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P6
x-amz-cf-id: VpYsuvMwRynJ2GQ91JagN26dodxnEE_aiWq8d2LJMn5rdAAZNDZLlw==
-
Remote address:8.8.8.8:53Request193.128.83.199.in-addr.arpaIN PTRResponse193.128.83.199.in-addr.arpaIN PTR19983128193ipincapdnsnet
-
Remote address:8.8.8.8:53Request193.128.83.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request193.128.83.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request193.128.83.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request193.128.83.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request104.201.58.216.in-addr.arpaIN PTRResponse104.201.58.216.in-addr.arpaIN PTRprg03s02-in-f1041e100net104.201.58.216.in-addr.arpaIN PTRlhr48s48-in-f8�J104.201.58.216.in-addr.arpaIN PTRprg03s02-in-f8�J
-
Remote address:8.8.8.8:53Request104.201.58.216.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request8.242.165.18.in-addr.arpaIN PTRResponse8.242.165.18.in-addr.arpaIN PTRserver-18-165-242-8lhr61r cloudfrontnet
-
Remote address:8.8.8.8:53Request8.242.165.18.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request107.39.156.108.in-addr.arpaIN PTRResponse107.39.156.108.in-addr.arpaIN PTRserver-108-156-39-107lhr50r cloudfrontnet
-
Remote address:8.8.8.8:53Request107.39.156.108.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Requestscript.hotjar.comIN AResponsescript.hotjar.comIN A18.245.253.22script.hotjar.comIN A18.245.253.99script.hotjar.comIN A18.245.253.48script.hotjar.comIN A18.245.253.79
-
Remote address:18.245.253.22:443RequestGET /modules.0721e7cf944cf9d78a0b.js HTTP/2.0
host: script.hotjar.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
content-length: 56508
date: Thu, 19 Sep 2024 13:22:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ac12d2f9dbf41b678b7eb52a4d3e70f3"
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3a316849d54224fb9257759ea4f08e0a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P5
x-amz-cf-id: IdIoXX1el4MvkSprudHC7EhKg0jfWhKQwmqg5pw3VRx8f-th2iMLuQ==
age: 14274
-
Remote address:8.8.8.8:53Request209.205.72.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request22.253.245.18.in-addr.arpaIN PTRResponse22.253.245.18.in-addr.arpaIN PTRserver-18-245-253-22lhr5r cloudfrontnet
-
Remote address:8.8.8.8:53Requestaffbeat.comIN AResponseaffbeat.comIN A172.67.223.127affbeat.comIN A104.21.78.157
-
Remote address:172.67.223.127:80RequestGET /scripts/trackjs.php?pap_tracking_suffix=AffBeat HTTP/1.1
Host: affbeat.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8bY9pwrjFtR9lG27WqHVJDrxeUSaJ%2F9L0l3YTIS3UhkN0zxqvGt8tuGSgOaQCsveuTLTgt01fIViC7AqFPG1fe2%2BgLreULrrxSGPqYL54Lz2WKbmutyRc4aWfyT0A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Speculation-Rules: "/cdn-cgi/speculation"
Server: cloudflare
CF-RAY: 8c5b3e88dc237318-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
-
Remote address:8.8.8.8:53Request127.223.67.172.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request28.118.140.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request197.87.175.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request19.229.111.52.in-addr.arpaIN PTRResponse
-
1.7kB 2.6kB 10 6
-
15.9kB 174.0kB 179 202
HTTP Request
GET https://cdn.mymediaz.com/theme/Flix/ConnSmythe/css/subscriptions/theme-rev/green.3c482507.cssHTTP Request
GET https://cdn.mymediaz.com/img/logos/gamez/min/moshgame.pngHTTP Response
302HTTP Response
302HTTP Request
GET https://mymediaz.com/HTTP Response
200HTTP Request
GET https://cdn.mymediaz.com/theme/Flix/ConnSmythe/js/subscriptions/min-rev/scripts.min.d2c6bd0c.jsHTTP Request
GET https://mymediaz.com/HTTP Request
GET https://cdn.mymediaz.com/theme/Flix/ConnSmythe/js/subscriptions/validation/min-rev/regValidation.min.0f44734e.jsHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/en.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/ar.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/da.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/de.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/es.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/fr.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/it.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/ja.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/nl.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/no.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/pl.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/pt.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/sv.pngHTTP Request
GET https://cdn.mymediaz.com/img/flags/min/zh.pngHTTP Request
GET https://cdn.mymediaz.com/img/logos/gamez/min/moshgame_dark.pngHTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
302HTTP Response
200HTTP Request
GET https://mymediaz.com/HTTP Response
200HTTP Request
GET https://mymediaz.com/HTTP Response
200HTTP Request
GET https://mymediaz.com/HTTP Response
200HTTP Request
GET https://cdn.mymediaz.com/img/assets/favicon.icoHTTP Response
302HTTP Request
GET https://mymediaz.com/HTTP Response
200 -
978 B 1.1kB 8 6
HTTP Request
GET http://mymediaz.com/HTTP Response
301 -
1.2kB 1.8kB 11 8
-
35.190.80.1:443https://a.nel.cloudflare.com/report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3Dtls, http2msedge.exe2.7kB 4.7kB 19 16
HTTP Request
OPTIONS https://a.nel.cloudflare.com/report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3DHTTP Request
POST https://a.nel.cloudflare.com/report/v4?s=6UDkHMjlXXEyoF1f41SnB5dkX01WukwdFS3qv7pc6sJOab1664H%2BK7ItIG08ilgQurKpyHhVaUzHYg6V2wzl9hdvfOKOvMH8fdST6Y%2BgA0SemY0zi0kBAkwHVXoZ0Fs%3D -
1.6kB 1.2kB 9 6
HTTP Request
GET http://affiliate-robot.com/scripts/trackjs.jsHTTP Response
503 -
1.9kB 12.9kB 19 20
HTTP Request
GET https://static.hotjar.com/c/hotjar-916387.js?sv=7HTTP Response
200 -
334 B 224 B 7 5
-
3.3kB 65.7kB 50 56
HTTP Request
GET https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.jsHTTP Response
200 -
242 B 132 B 5 3
-
172.67.223.127:80http://affbeat.com/scripts/trackjs.php?pap_tracking_suffix=AffBeathttpmsedge.exe762 B 992 B 7 4
HTTP Request
GET http://affbeat.com/scripts/trackjs.php?pap_tracking_suffix=AffBeatHTTP Response
404
-
62 B 94 B 1 1
DNS Request
cdn.mymediaz.com
DNS Response
172.67.196.74104.21.57.254
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
72 B 134 B 1 1
DNS Request
74.196.67.172.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
149.220.183.52.in-addr.arpa
-
58 B 90 B 1 1
DNS Request
mymediaz.com
DNS Response
172.67.196.74104.21.57.254
-
70 B 133 B 1 1
DNS Request
79.190.18.2.in-addr.arpa
-
66 B 82 B 1 1
DNS Request
a.nel.cloudflare.com
DNS Response
35.190.80.1
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
3.0kB 3.9kB 4 6
-
70 B 120 B 1 1
DNS Request
1.80.190.35.in-addr.arpa
-
65 B 97 B 1 1
DNS Request
affiliate-robot.com
DNS Response
199.83.128.193199.83.132.193
-
63 B 152 B 1 1
DNS Request
static.hotjar.com
DNS Response
18.165.242.818.165.242.12118.165.242.8818.165.242.80
-
146 B 171 B 2 1
DNS Request
104.201.58.216.in-addr.arpa
DNS Request
104.201.58.216.in-addr.arpa
-
365 B 117 B 5 1
DNS Request
193.128.83.199.in-addr.arpa
DNS Request
193.128.83.199.in-addr.arpa
DNS Request
193.128.83.199.in-addr.arpa
DNS Request
193.128.83.199.in-addr.arpa
DNS Request
193.128.83.199.in-addr.arpa
-
142 B 127 B 2 1
DNS Request
8.242.165.18.in-addr.arpa
DNS Request
8.242.165.18.in-addr.arpa
-
146 B 131 B 2 1
DNS Request
107.39.156.108.in-addr.arpa
DNS Request
107.39.156.108.in-addr.arpa
-
525 B 8
-
63 B 127 B 1 1
DNS Request
script.hotjar.com
DNS Response
18.245.253.2218.245.253.9918.245.253.4818.245.253.79
-
72 B 158 B 1 1
DNS Request
209.205.72.20.in-addr.arpa
-
72 B 128 B 1 1
DNS Request
22.253.245.18.in-addr.arpa
-
57 B 89 B 1 1
DNS Request
affbeat.com
DNS Response
172.67.223.127104.21.78.157
-
73 B 135 B 1 1
DNS Request
127.223.67.172.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
28.118.140.52.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
197.87.175.4.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
240.221.184.93.in-addr.arpa
-
4.5kB 4.3kB 11 11
-
72 B 158 B 1 1
DNS Request
19.229.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5eeaa8087eba2f63f31e599f6a7b46ef4
SHA1f639519deee0766a39cfe258d2ac48e3a9d5ac03
SHA25650fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9
SHA512eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c
-
Filesize
152B
MD5b9569e123772ae290f9bac07e0d31748
SHA15806ed9b301d4178a959b26d7b7ccf2c0abc6741
SHA25620ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b
SHA512cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795
-
Filesize
858B
MD5372077e01a1f0d050c3e26fc4fdca83e
SHA113309d00a43a18cd8f1547d4a3cc29d8a0e2047a
SHA256fea351607c05bbe488cde5dd91fda0c12fe5b7ae607fc29b5225d6dd53cbdddd
SHA51251b68c626cb1b5016cea56d6dea026e1e6585b87d0989770b5d996735ff437dd375b2abb8f990ee749f95391cd41d25dbfedbeff71431154644a6a8633331260
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
5KB
MD5855439ae4058b78c5eff82f57eb5ef0e
SHA157646187057d2f9a74e8b43675492a9be48e7780
SHA256986e15169d2e30d20f2e15504395362a995e16717c8192dfa366d4d44777b9bf
SHA51274fee56954a4831851e60d6efbdd930cf1d2dafc8491671ea2a8e96d20106c9e7937669770c834e234d2e8fafb602c0d8269638391b3d4d622b7b2415b45f087
-
Filesize
6KB
MD5b83dec8a434f122990744a92c4535eed
SHA1e0832f86a0df8b90b22baa852c223d0fe2e7ea62
SHA2565609f4bd3423c59fc7f345434514881aa5fd168fbbcd38f3a3b55a84636b2e17
SHA512123e400915ea00789f7b6f420dfabd36f4cb1c066e0b09f1b62cf31cc97cd27055d4e44748731cd2caf95904df78df393bf7c659e5178265f04352a1a592e81f
-
Filesize
6KB
MD586ffc251aa89b4eef174f5b042bd8697
SHA10e9c7875cee25bc659e08230371cf2e5a35ab492
SHA256276a51aa68d531b2cc7640dc43e90dd64be7bb617959961ad74740e351b55900
SHA512c99b40d22ec92721234cbae24f158bd5ff5c1558207d86c7a41f1c391172a97d14d7b0b05c36caf2dbe01bd036a84a259b36c6980914b593b2f554e67745256b
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
10KB
MD5c0f308e8a8afd0f07d13c96633cd1e20
SHA14744b932862ae77b85544ee6063aea90195574c8
SHA2562d3594962cccd90180342515ac8cefef51f117693a6fdb9497d6d00427fb45cf
SHA512bf23931759f8baf68dad28d50f67fba3afa47ecc83fdef119d2fa915287fc071d38e6071910086af256f1203c115d4ce5c8016dd1a4bdb21d9b887288524519f