hxxps://mega[.]nz/file/1UZxiDhI#3I2TwpY9U8SZXYQmbtvAoVUoN63T_sR1TsPTIjU3BYI

Resubmissions

07/10/2024, 17:54 UTC

241007-wg32tsvcld 3

02/10/2024, 17:46 UTC

241002-wcdldasela 10

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07/10/2024, 17:54 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/1UZxiDhI#3I2TwpY9U8SZXYQmbtvAoVUoN63T_sR1TsPTIjU3BYI

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3016	msedge.exe
3016	msedge.exe
5100	msedge.exe
5100	msedge.exe
4604	identity_helper.exe
4604	identity_helper.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe
4692	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe
5100	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5100 wrote to memory of 4592	5100	msedge.exe	82
PID 5100 wrote to memory of 4592	5100	msedge.exe	82
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 1540	5100	msedge.exe	84
PID 5100 wrote to memory of 3016	5100	msedge.exe	85
PID 5100 wrote to memory of 3016	5100	msedge.exe	85
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86
PID 5100 wrote to memory of 1496	5100	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mega.nz/file/1UZxiDhI#3I2TwpY9U8SZXYQmbtvAoVUoN63T_sR1TsPTIjU3BYI
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed61946f8,0x7ffed6194708,0x7ffed6194718
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:1540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2992 /prefetch:8
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,13269843263866293018,2106978895213511182,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2844 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4692

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4852

Network

DNS

mega.nz

msedge.exe

Remote address:

8.8.8.8:53

Request

mega.nz

IN A

Response

mega.nz

IN A

31.216.145.5

mega.nz

IN A

31.216.144.5
GET

https://mega.nz/file/1UZxiDhI

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /file/1UZxiDhI HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 859
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Robots-Tag: noindex
Set-Cookie: geoip=GB
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz ad.mega.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive
GET

https://mega.nz/secureboot.js?r=1727912416

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /secureboot.js?r=1727912416 HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 57798
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/loading-sprite_v4.png

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /loading-sprite_v4.png HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 3414
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
GET

https://mega.nz/favicon.ico?v=3

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /favicon.ico?v=3 HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/x-icon
Content-Length: 1029
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/android-chrome-144x144.png

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /android-chrome-144x144.png HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 7057
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
GET

https://mega.nz/sw.js?v=1

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /sw.js?v=1 HTTP/1.1
Host: mega.nz
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Service-Worker: script
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: same-origin
Sec-Fetch-Dest: serviceworker
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 1208
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET

https://mega.nz/manifest.json

msedge.exe

Remote address:

31.216.145.5:443

Request

GET /manifest.json HTTP/1.1
Host: mega.nz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: manifest
Referer: https://mega.nz/file/1UZxiDhI
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Content-Length: 275
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
DNS

eu.static.mega.co.nz

msedge.exe

Remote address:

8.8.8.8:53

Request

eu.static.mega.co.nz

IN A

Response

eu.static.mega.co.nz

IN A

89.44.169.134

eu.static.mega.co.nz

IN A

66.203.124.37

eu.static.mega.co.nz

IN A

66.203.127.13

eu.static.mega.co.nz

IN A

66.203.127.11

eu.static.mega.co.nz

IN A

89.44.169.132
GET

https://eu.static.mega.co.nz/4/lang/en_315b44888fe2f29feda3fc939394d624aa5717fc2454041c2ba840dd7ffc2ce3.json

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/lang/en_315b44888fe2f29feda3fc939394d624aa5717fc2454041c2ba840dd7ffc2ce3.json HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:13 GMT
content-type: application/json
content-length: 381728
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-5d320"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-1_ed4d09c067524631ba4f93c8318fada5e09c4c099d49a88781733821edfe8e48.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-1_ed4d09c067524631ba4f93c8318fada5e09c4c099d49a88781733821edfe8e48.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:13 GMT
content-type: application/javascript
content-length: 408648
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-63c48"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-2_d4751f46fd7156b0eed6b9e753db3df136f621e7ab2fd8dceade57242c814d33.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-2_d4751f46fd7156b0eed6b9e753db3df136f621e7ab2fd8dceade57242c814d33.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:13 GMT
content-type: application/javascript
content-length: 509844
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7c794"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-3_d8014b108685fca3cf5e75c17dbd0aad08b2132b95b391c21aa027fbb1ad9bcf.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-3_d8014b108685fca3cf5e75c17dbd0aad08b2132b95b391c21aa027fbb1ad9bcf.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 521382
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7f4a6"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-4_6450a54915a1302d551267a155725ccca1f1e5f1072cf3313071cdcc366b5d55.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-4_6450a54915a1302d551267a155725ccca1f1e5f1072cf3313071cdcc366b5d55.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 484371
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-76413"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-5_9a11cc1d4e89a314d3ec0e885056aa572b0d5d5b787d0c8b8e0a9fe1a90cee94.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-5_9a11cc1d4e89a314d3ec0e885056aa572b0d5d5b787d0c8b8e0a9fe1a90cee94.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 479753
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-75209"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-6_bd184c4fd9ca1145bcd2e2aa978b37c949c410e3cb05052a4d9dd6bf727b7677.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-6_bd184c4fd9ca1145bcd2e2aa978b37c949c410e3cb05052a4d9dd6bf727b7677.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 521132
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7f3ac"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/mega-1_07d7f1cae5f34137fc1b4cca77ca88bebb96f2ee241b4d8de4a1cb1c347628bd.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-1_07d7f1cae5f34137fc1b4cca77ca88bebb96f2ee241b4d8de4a1cb1c347628bd.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: text/css
content-length: 480356
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-75464"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/html/templates_b05b19ad78f8a4c19377c6f43706981373e74d83a059878e0a8028b134228c20.json

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/html/templates_b05b19ad78f8a4c19377c6f43706981373e74d83a059878e0a8028b134228c20.json HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/json
content-length: 763994
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-ba85a"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 310110
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-4bb5e"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-8_3ac34b9aa5397c60f7b1991eca9d55fdd63baaaed3f69ab188978d9e3a0bfd86.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-8_3ac34b9aa5397c60f7b1991eca9d55fdd63baaaed3f69ab188978d9e3a0bfd86.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 447109
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-6d285"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: text/css
content-length: 10479
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-28ef"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-9_353411aef6c5b7a3b07a6abf0df2e53adb977e293839b8d15694157ffb379fb6.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-9_353411aef6c5b7a3b07a6abf0df2e53adb977e293839b8d15694157ffb379fb6.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 513069
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7d42d"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/mega-2_a13153ddbda2bfe9534b1a635bf6f48f55c7e468af3f13322823af4657592d56.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-2_a13153ddbda2bfe9534b1a635bf6f48f55c7e468af3f13322823af4657592d56.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: text/css
content-length: 250722
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-3d362"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-10_1fc1bf29ab8b2f42d0d8a7c81f6ec10cc2ceaf149b1629ff529cc45c6780f579.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-10_1fc1bf29ab8b2f42d0d8a7c81f6ec10cc2ceaf149b1629ff529cc45c6780f579.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 501672
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7a7a8"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-11_4b24ed590ae07ff2db348e8301c38a6b83e9858da0f50069e8818d9f3f787013.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-11_4b24ed590ae07ff2db348e8301c38a6b83e9858da0f50069e8818d9f3f787013.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 459038
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7011e"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/mega-3_e3151faec6eacf9e9cbd75e6b3ef188fe800b177d741c8a7190980c5329c5130.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-3_e3151faec6eacf9e9cbd75e6b3ef188fe800b177d741c8a7190980c5329c5130.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: text/css
content-length: 730394
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-b251a"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-12_d8965f3ac63e690fa5c077aac68a56f13ee0afe5ecdd4e5b67c80a7673c3b914.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-12_d8965f3ac63e690fa5c077aac68a56f13ee0afe5ecdd4e5b67c80a7673c3b914.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 509012
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7c454"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-13_c3581809461610bacb04b099882771c4c5e73cc807a5d681ff9dc4bde8a4095c.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-13_c3581809461610bacb04b099882771c4c5e73cc807a5d681ff9dc4bde8a4095c.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 514308
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7d904"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-14_d7aff862c4a47cf466bcbc26f3522cf12987af1f7d8f0b9a4b13a4ea844ec929.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-14_d7aff862c4a47cf466bcbc26f3522cf12987af1f7d8f0b9a4b13a4ea844ec929.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:14 GMT
content-type: application/javascript
content-length: 487965
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-7721d"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/mega-4_1ff8f30113622dcfe889d63c21257161ec84f23da85d8db0cb6405af543a6237.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-4_1ff8f30113622dcfe889d63c21257161ec84f23da85d8db0cb6405af543a6237.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: text/css
content-length: 305428
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-4a914"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/images/mega/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: image/svg+xml
content-length: 3544
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-dd8"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-15_8d2e047646dcc144d1ee5891d87fdbac9744bc940f0cc4e6dbf7ac2060ebfc50.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-15_8d2e047646dcc144d1ee5891d87fdbac9744bc940f0cc4e6dbf7ac2060ebfc50.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: application/javascript
content-length: 401725
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-6213d"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/mega-16_e87b6936b3e0df4cc2e63d7904e9d9491c5f434ed4ad2ded3479aead0ce667c9.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/mega-16_e87b6936b3e0df4cc2e63d7904e9d9491c5f434ed4ad2ded3479aead0ce667c9.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: application/javascript
content-length: 463668
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-71334"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: text/css
content-length: 41595
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-a27b"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: application/javascript
content-length: 443062
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-6c2b6"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/html/download.html-postbuild_2749a59feff4141009bb961edd622162e7589b7f6c446e9be297528f0cdff89d.html

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/html/download.html-postbuild_2749a59feff4141009bb961edd622162e7589b7f6c446e9be297528f0cdff89d.html HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: text/html
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: W/"66fdda92-2e88"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
GET

https://eu.static.mega.co.nz/4/html/js/download_d68ea012b36fc8925130210f60c590ff2288fb4c660b9029f75ba828d0cc0597.js

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/html/js/download_d68ea012b36fc8925130210f60c590ff2288fb4c660b9029f75ba828d0cc0597.js HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://mega.nz
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:15 GMT
content-type: application/javascript
content-length: 38666
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-970a"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.ee0d4eee3ddc0278.woff2?h=2ed308d18

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-mono.ee0d4eee3ddc0278.woff2?h=2ed308d18 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: font/woff2
content-length: 69044
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-10db4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/Lato-Regular.woff2?v=6343dd45044b0726 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: font/woff2
content-length: 182708
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-2c9b4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/Lato-Semibold.woff2?v=7194963095272d0e HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: font/woff2
content-length: 184076
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-2cf0c"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://mega.nz
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: font/woff2
content-length: 90132
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-16014"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

5.145.216.31.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.145.216.31.in-addr.arpa

IN PTR

Response

5.145.216.31.in-addr.arpa

IN PTR

31-216-145-5ipdcluxcom
DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

134.169.44.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.169.44.89.in-addr.arpa

IN PTR

Response

134.169.44.89.in-addr.arpa

IN PTR

89-44-169-134ipdcluxcom
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.ax-0001.ax-msedge.net

g-bing-com.ax-0001.ax-msedge.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.27.10

ax-0001.ax-msedge.net

IN A

150.171.28.10
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

Remote address:

150.171.27.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2BF3983B927B6ED20A2B8D2A93E46F2C; domain=.bing.com; expires=Sat, 01-Nov-2025 22:21:14 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B02D3B1AF4F644AEB9688D57544F1EF8 Ref B: LON601060104042 Ref C: 2024-10-07T22:21:14Z
date: Mon, 07 Oct 2024 22:21:13 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

Remote address:

150.171.27.10:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=2BF3983B927B6ED20A2B8D2A93E46F2C

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=NUrfT7lUK2rIAQQ8-VyKF0cwQ3qrFM7_seHbjUkW7_4; domain=.bing.com; expires=Sat, 01-Nov-2025 22:21:14 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 690CB3F57F974F5DBDCE7A6305FBBE8F Ref B: LON601060104042 Ref C: 2024-10-07T22:21:14Z
date: Mon, 07 Oct 2024 22:21:14 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

Remote address:

150.171.27.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=2BF3983B927B6ED20A2B8D2A93E46F2C; MSPTC=NUrfT7lUK2rIAQQ8-VyKF0cwQ3qrFM7_seHbjUkW7_4

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5A29C1191624ACDA6DBAE179C891381 Ref B: LON601060104042 Ref C: 2024-10-07T22:21:14Z
date: Mon, 07 Oct 2024 22:21:14 GMT
DNS

g.api.mega.co.nz

msedge.exe

Remote address:

8.8.8.8:53

Request

g.api.mega.co.nz

IN A

Response

g.api.mega.co.nz

IN CNAME

lu.api.mega.co.nz

lu.api.mega.co.nz

IN A

66.203.125.15

lu.api.mega.co.nz

IN A

66.203.125.11

lu.api.mega.co.nz

IN A

66.203.125.12

lu.api.mega.co.nz

IN A

66.203.125.13

lu.api.mega.co.nz

IN A

66.203.125.14

lu.api.mega.co.nz

IN A

66.203.125.16
POST

https://g.api.mega.co.nz/cs?id=0

msedge.exe

Remote address:

66.203.125.15:443

Request

POST /cs?id=0 HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 13
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 107
Content-Length: 107
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=0&v=2

msedge.exe

Remote address:

66.203.125.15:443

Request

POST /cs?id=0&v=2 HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 33
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 24
Content-Length: 24
Connection: keep-alive
POST

https://g.api.mega.co.nz/cs?id=219907377&v=3&lang=en&domain=meganz&bb=3

msedge.exe

Remote address:

66.203.125.15:443

Request

POST /cs?id=219907377&v=3&lang=en&domain=meganz&bb=3 HTTP/1.1
Host: g.api.mega.co.nz
Connection: keep-alive
Content-Length: 20
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: https://mega.nz
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mega.nz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 435
Content-Length: 435
Connection: keep-alive
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

15.125.203.66.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.125.203.66.in-addr.arpa

IN PTR

Response

15.125.203.66.in-addr.arpa

IN PTR

bt5apimegaconz
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-illustration-sprite-wide.e397e234dc118de4.svg

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-illustration-sprite-wide.e397e234dc118de4.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/svg+xml
content-length: 68811
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-10ccb"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/download-dialog.png?v=cf6daa0027e27782

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/images/mega/download-dialog.png?v=cf6daa0027e27782 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/png
content-length: 70369
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-112e1"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/svg+xml
content-length: 89334
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-15cf6"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.2a9a4124f13b9f7e.svg

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/imagery/sprites-fm-uni-uni.2a9a4124f13b9f7e.svg HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/svg+xml
content-length: 187882
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-2ddea"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/dialog-sprite.png?v=57a6bd1346996955

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/images/mega/dialog-sprite.png?v=57a6bd1346996955 HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/png
content-length: 30699
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-77eb"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/gif
content-length: 8787
last-modified: Wed, 02 Oct 2024 23:43:14 GMT
etag: "66fdda92-2253"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
GET

https://eu.static.mega.co.nz/4/images/mega/psa/psa_terms.png

msedge.exe

Remote address:

89.44.169.134:443

Request

GET /4/images/mega/psa/psa_terms.png HTTP/2.0
host: eu.static.mega.co.nz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mega.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.22.1
date: Mon, 07 Oct 2024 22:21:16 GMT
content-type: image/png
content-length: 15016
last-modified: Thu, 03 Oct 2024 22:31:23 GMT
etag: "66ff1b3b-3aa8"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
DNS

99.209.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.209.201.84.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response

31.216.145.5:443

https://mega.nz/sw.js?v=1

tls, http

msedge.exe

6.0kB
79.9kB
42
66

HTTP Request

GET https://mega.nz/file/1UZxiDhI

HTTP Response

200

HTTP Request

GET https://mega.nz/secureboot.js?r=1727912416

HTTP Response

200

HTTP Request

GET https://mega.nz/loading-sprite_v4.png

HTTP Response

200

HTTP Request

GET https://mega.nz/favicon.ico?v=3

HTTP Response

200

HTTP Request

GET https://mega.nz/android-chrome-144x144.png

HTTP Response

200

HTTP Request

GET https://mega.nz/sw.js?v=1

HTTP Response

200
31.216.145.5:443

https://mega.nz/manifest.json

tls, http

msedge.exe

1.6kB
4.5kB
10
10

HTTP Request

GET https://mega.nz/manifest.json

HTTP Response

200
89.44.169.134:443

https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

tls, http2

msedge.exe

382.1kB
11.9MB
6687
8595

HTTP Request

GET https://eu.static.mega.co.nz/4/lang/en_315b44888fe2f29feda3fc939394d624aa5717fc2454041c2ba840dd7ffc2ce3.json

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-1_ed4d09c067524631ba4f93c8318fada5e09c4c099d49a88781733821edfe8e48.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-2_d4751f46fd7156b0eed6b9e753db3df136f621e7ab2fd8dceade57242c814d33.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-3_d8014b108685fca3cf5e75c17dbd0aad08b2132b95b391c21aa027fbb1ad9bcf.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-4_6450a54915a1302d551267a155725ccca1f1e5f1072cf3313071cdcc366b5d55.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-5_9a11cc1d4e89a314d3ec0e885056aa572b0d5d5b787d0c8b8e0a9fe1a90cee94.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-6_bd184c4fd9ca1145bcd2e2aa978b37c949c410e3cb05052a4d9dd6bf727b7677.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-1_07d7f1cae5f34137fc1b4cca77ca88bebb96f2ee241b4d8de4a1cb1c347628bd.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/html/templates_b05b19ad78f8a4c19377c6f43706981373e74d83a059878e0a8028b134228c20.json

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-7_ef8755958dc3ed928da3382a69c36cf6ec2bfb1a98f1d9e71165ab81fe735e6a.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-8_3ac34b9aa5397c60f7b1991eca9d55fdd63baaaed3f69ab188978d9e3a0bfd86.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/bottom-pages-animations.css-postbuild_077437ba5398f2997efea39e55f89eadd473667177aba0b14a48c8b57c60af43.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-9_353411aef6c5b7a3b07a6abf0df2e53adb977e293839b8d15694157ffb379fb6.js

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-2_a13153ddbda2bfe9534b1a635bf6f48f55c7e468af3f13322823af4657592d56.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-10_1fc1bf29ab8b2f42d0d8a7c81f6ec10cc2ceaf149b1629ff529cc45c6780f579.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-11_4b24ed590ae07ff2db348e8301c38a6b83e9858da0f50069e8818d9f3f787013.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-3_e3151faec6eacf9e9cbd75e6b3ef188fe800b177d741c8a7190980c5329c5130.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-12_d8965f3ac63e690fa5c077aac68a56f13ee0afe5ecdd4e5b67c80a7673c3b914.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-13_c3581809461610bacb04b099882771c4c5e73cc807a5d681ff9dc4bde8a4095c.js

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-14_d7aff862c4a47cf466bcbc26f3522cf12987af1f7d8f0b9a4b13a4ea844ec929.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-4_1ff8f30113622dcfe889d63c21257161ec84f23da85d8db0cb6405af543a6237.css

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-15_8d2e047646dcc144d1ee5891d87fdbac9744bc940f0cc4e6dbf7ac2060ebfc50.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/js/mega-16_e87b6936b3e0df4cc2e63d7904e9d9491c5f434ed4ad2ded3479aead0ce667c9.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/css/mega-7_58c04ac027b15931acfb17be4a134e35c8bdd3b99109e617895713a42f32d84a.css

HTTP Request

GET https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/html/download.html-postbuild_2749a59feff4141009bb961edd622162e7589b7f6c446e9be297528f0cdff89d.html

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/html/js/download_d68ea012b36fc8925130210f60c590ff2288fb4c660b9029f75ba828d0cc0597.js

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-mono.ee0d4eee3ddc0278.woff2?h=2ed308d18

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Regular.woff2?v=6343dd45044b0726

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/Lato-Semibold.woff2?v=7194963095272d0e

HTTP Request

GET https://eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
89.44.169.134:443

eu.static.mega.co.nz

tls

msedge.exe

1.1kB
6.2kB
10
10
150.171.27.10:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

tls, http2

2.4kB
9.2kB
21
15

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=0827fb9256cc4a4dad4dca499032d561&localId=w:0C449796-1E55-FEFD-C5A5-A0B044A63D2B&deviceId=6896208601980624&anid=

HTTP Response

204
66.203.125.15:443

g.api.mega.co.nz

tls

msedge.exe

973 B
502 B
8
7
66.203.125.15:443

g.api.mega.co.nz

tls

msedge.exe

973 B
502 B
8
7
66.203.125.15:443

https://g.api.mega.co.nz/cs?id=219907377&v=3&lang=en&domain=meganz&bb=3

tls, http

msedge.exe

3.2kB
7.8kB
14
16

HTTP Request

POST https://g.api.mega.co.nz/cs?id=0

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=0&v=2

HTTP Response

200

HTTP Request

POST https://g.api.mega.co.nz/cs?id=219907377&v=3&lang=en&domain=meganz&bb=3

HTTP Response

200
89.44.169.134:443

https://eu.static.mega.co.nz/4/images/mega/psa/psa_terms.png

tls, http2

msedge.exe

11.1kB
494.3kB
206
367

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-illustration-sprite-wide.e397e234dc118de4.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/download-dialog.png?v=cf6daa0027e27782

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.decaf26625f7b9e2.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.2a9a4124f13b9f7e.svg

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/dialog-sprite.png?v=57a6bd1346996955

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eu.static.mega.co.nz/4/images/mega/psa/psa_terms.png

HTTP Response

200

8.8.8.8:53

mega.nz

dns

msedge.exe

53 B
85 B
1
1

DNS Request

mega.nz

DNS Response

31.216.145.5

31.216.144.5
8.8.8.8:53

eu.static.mega.co.nz

dns

msedge.exe

66 B
146 B
1
1

DNS Request

eu.static.mega.co.nz

DNS Response

89.44.169.134

66.203.124.37

66.203.127.13

66.203.127.11

89.44.169.132
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

5.145.216.31.in-addr.arpa

dns

71 B
110 B
1
1

DNS Request

5.145.216.31.in-addr.arpa
8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

71.159.190.20.in-addr.arpa
8.8.8.8:53

134.169.44.89.in-addr.arpa

dns

72 B
112 B
1
1

DNS Request

134.169.44.89.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

g.bing.com

dns

56 B
148 B
1
1

DNS Request

g.bing.com

DNS Response

150.171.27.10

150.171.28.10
8.8.8.8:53

g.api.mega.co.nz

dns

msedge.exe

62 B
175 B
1
1

DNS Request

g.api.mega.co.nz

DNS Response

66.203.125.15

66.203.125.11

66.203.125.12

66.203.125.13

66.203.125.14

66.203.125.16
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

15.125.203.66.in-addr.arpa

dns

72 B
104 B
1
1

DNS Request

15.125.203.66.in-addr.arpa
224.0.0.251:5353

508 B
8
8.8.8.8:53

99.209.201.84.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

99.209.201.84.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
d267881930cccd2f7e1e955b63c3812b

SHA1
e119f2505e6c1af2ed88c6644daef30ec4445ad4

SHA256
e38ecdc87bd5345110b347fe3ccb405944e07d81e8d9bf20925074972b560cf4

SHA512
52244a965e792f983955508e846a7f0d88fd5cbe32b370e8cfc9fb8ad039ae11f1f6771ca031baaf955453f95a9904ed88894af4e3fc4df7865155973281df7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
188B

MD5
008114e1a1a614b35e8a7515da0f3783

SHA1
3c390d38126c7328a8d7e4a72d5848ac9f96549b

SHA256
7301b76033c2970e61bab5eaddaff5aa652c39db5c0ea5632814f989716a1d18

SHA512
a202fc891eace003c346bad7e5d2c73dadf9591d5ce950395ff4b63cc2866b17e02bd3f0ad92749df033a936685851455bcdbfad30f26e765c3c89d3309cb82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
68ec766407fc0a283cebf93ea1134284

SHA1
dca007a80710741181cce255b5cd415fc2e36fa5

SHA256
6cffd54f2d4b67d662628baec280db2d666101bc5e245c6e4b4003b92ac59690

SHA512
da7017fd5b1c242f02bf5d120c62f1a48a455144d2d630f6d08eda334dc61889eb95395f002e3a6bd72e62dad47729fc6bc079f869bb40b5574b1384f694ec56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6c0bf49b68dcaa33d049c04b20930de5

SHA1
8744584e4594b87a3d7a37fe5f8efa91f22bfac0

SHA256
14228c9df36ba43c376b016f197caf9209e8f798f44c2526abe1e517f795df23

SHA512
726984ab22ab1b05515a66d7f40ee567cfdfaa4b39cf568c6adc9ca08e24612302405df9fc78d5d0ab25705a5bcb9196560f06940181e6f9483a81e2cf99a178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
71c3744d7090f32284b0e9cc2576e0d9

SHA1
fe9f3a419eaad28470a778983c88f02976f9a26d

SHA256
fbb44b05f6f2a6ef57f185512b5d16cef31cedfa748989e2c696354a230eecbf

SHA512
7a4e8d17071276d3f3d3cdda3011ccf259f0151583ff5760a0c23b66a37127f8309226300aed5dc4c41ad048c58e42f8c04c811d446adeb06aacf1a76052efc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e3e8.TMP

Filesize
48B

MD5
ff9a7168ee1a095e7391f39cad3ec975

SHA1
01cefe0abcac3fc9d0d14bbbb3b156c4049f882c

SHA256
409c541c612d523342f133e65f40baae14426a66f0cffba123cf3aa2ace3dfff

SHA512
4022d3088336103e15a76a6adeb1b55c5044a1e7cebef29ffe14137d5872e1ad12ca368e62fbab13c67386433bbfc0f23733c38efd7ccdc64dc330c0ec490495

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
f20ad50483cc3e8d3a0d87add2bacbd2

SHA1
bf4a13946d162c4dcffba6581ec93c35b7131be3

SHA256
355984cf87f763738bd8aaf3efb805e7ae6decdb879a93a71c9a90c57bc28342

SHA512
01d2a3f581bc6b24dba1b7885d71d2de0e1b5b1d5a811ff866ed45986e0b7053519f833fcfd3a5775c13e219aa3559046dff787abd41b6fb0ce6695e920d6c20

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request