Report - mail.olmail.com/

Report Overview

Visitedpublic

2025-08-01 07:05:39

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
click-v4.exmainclck.com	unknown	2025-07-06	2025-07-14	2025-07-29	513 B	1.7 kB	198.134.116.17
api.meedoobestkeyplati.com	unknown	2025-04-12	2025-07-18	2025-07-26	2.0 kB	59 kB	188.114.97.1
127.0.0.1	unknown	unknown	No data	No data	449 B	0 B	0.0.0.0
eu.static.mega.co.nz	64878	2012-07-25	2013-01-19	2025-07-30	25 kB	14 MB	66.203.124.37
mega.nz	16544	2014-10-01	2014-11-03	2025-07-31	2.3 kB	211 kB	31.216.144.5
mail.olmail.com	unknown	unknown	No data	No data	1.9 kB	2.8 kB	134.119.176.30
meedoobestkeyplati.com	unknown	2025-04-12	2025-07-18	2025-07-30	693 B	1.8 kB	188.114.97.1
g.api.mega.co.nz	23332	2012-07-25	2013-12-26	2025-07-28	1.5 kB	1.8 kB	66.203.125.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-08-01 07:05:15	low	Client IP	31.216.144.5	ET INFO File Sharing Domain Observed in TLS SNI (mega .nz)

Threat Detection Systems

Detection System	Indicator	Verdict	Alert
Quad9 DNS	meedoobestkeyplati.com	malicious	Sinkholed
Quad9 DNS	api.meedoobestkeyplati.com	malicious	Sinkholed
Quad9 DNS	127.0.0.1	malicious	Sinkholed

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	mega.nz/4e51fcc6-30da-474b-821f-aa2cada39cb2	ScriptElement	28 kB	2023-03-07	2025-08-06
URL mega.nz/4e51fcc6-30da-474b-821f-aa2cada39cb2 IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 1248 Size 28 kB (28398 bytes) MD5 30a72b79e1de3f7bb48ac9c38cfe26fb SHA1 6e76245e1d5a1ca1ffcb887175874f9ed9293766 SHA256 c8580c21984ea06cc3b42d1feae90eefc14605b24fc35c8edf1a7982295204d7 Format Code Loading...

	mega.nz/802c090b-a95b-4c4f-8ce1-227c2d46ba1a	ScriptElement	37 B	2023-03-07	2025-08-06
URL mega.nz/802c090b-a95b-4c4f-8ce1-227c2d46ba1a IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 1228 Size 37 B (37 bytes) MD5 039bafef2406979c560430a61c2078ea SHA1 649f59b9386398ad8e609ec1a4b338e6656c02f8 SHA256 2e884b248bc8fd99426b98c9e2b0347d64a1d76e0cbed818a7ed42a09afa75b4 Format Code Loading...

	api.meedoobestkeyplati.com/assets/f.js	ScriptElement	38 kB	2025-06-04	2025-08-06
URL api.meedoobestkeyplati.com/assets/f.js IP / ASN 188.114.97.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-04 Last Seen 2025-08-06 Times Seen 32 Size 38 kB (38307 bytes) MD5 8f6925152a6e85fc4ffe8a6b2ab33d7a SHA1 144c119b3c7e67bfa7edd026d054ddc1fab213e1 SHA256 f8880f8dc34550ad63ba2bcaf775ff01c2e8c0de3050fd6dfc6ceab531459020 Format Code Loading...

	mega.nz/secureboot.js?r=1753938166	ScriptElement	191 kB	2025-07-31	2025-08-06
URL mega.nz/secureboot.js?r=1753938166 IP / ASN 31.216.144.5 #203055 Datacenter Luxembourg S.A. Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-31 Last Seen 2025-08-06 Times Seen 29 Size 191 kB (191440 bytes) MD5 194597793c45eea0c98e9a1ece008c3b SHA1 c72ba83292ed30ad4f908a85f1a3241017c56a66 SHA256 b7e27ac5067a3ee0e1558e394c94337f1bb129e0b65f24380b57789f0e2513cd Format Code Loading...

	mega.nz/1504cbc2-0fda-4462-8136-1eeefd0f2ea8	ScriptElement	200 B	2025-01-10	2025-08-06
URL mega.nz/1504cbc2-0fda-4462-8136-1eeefd0f2ea8 IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-01-10 Last Seen 2025-08-06 Times Seen 295 Size 200 B (200 bytes) MD5 fcf609c0b705c1b873fc30e94a8a72f2 SHA1 4f4e6ae980f40abf9df2cb69b3b30ed8b92e0162 SHA256 ca0b050b1e4e5291f59c2b4a310ff9b1d161a3250b7d5c4537bade2ad77266b2 Format Code Loading...

	mega.nz/f621ff67-9662-4f0e-bcef-43e581b0526c	ScriptElement	8.7 MB	2025-07-31	2025-08-05
URL mega.nz/f621ff67-9662-4f0e-bcef-43e581b0526c IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-31 Last Seen 2025-08-05 Times Seen 9 Size 8.7 MB (8726083 bytes) MD5 259470e12fb024cc3363b7b3b43e5df6 SHA1 9c437036a921c6230bfa2b41e37b364231bcb0ba SHA256 b0f6bfa58fd4c43d79d2cd4d1cd07c33fd24010801f4549c41c33fb0171417aa Format Code Loading...

	mega.nz/0030949f-3bce-4bf9-bebc-59aa2c591aa3	ScriptElement	73 B	2023-03-07	2025-08-06
URL mega.nz/0030949f-3bce-4bf9-bebc-59aa2c591aa3 IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-06 Times Seen 1041 Size 73 B (73 bytes) MD5 0dd8130d7db464efa9c71a961b684944 SHA1 f68efee0c065dc94909e4e28fa9285df751d7fd0 SHA256 faade5384f10ce8bb1ff7428682f6f67d7f880411e370b8696ddd1364476116a Format Code Loading...

	api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd	ScriptElement	3.6 kB	2025-06-04	2025-08-06
URL api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd IP / ASN 188.114.97.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-04 Last Seen 2025-08-06 Times Seen 36 Size 3.6 kB (3561 bytes) MD5 cb8cb4997b0670e46499d7f272f85a3d SHA1 fc2096cfced5e8f4bfeff8ca0f55567b041706e0 SHA256 2e5930671e44834071f5721bbe67a5cf10ded5155b2ff835417655ab9b3546b8 Format Code Loading...

	api.meedoobestkeyplati.com/service-worker.js	ScriptElement	7.2 kB	2025-06-15	2025-08-06
URL api.meedoobestkeyplati.com/service-worker.js IP / ASN 188.114.97.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2025-06-15 Last Seen 2025-08-06 Times Seen 31 Size 7.2 kB (7204 bytes) MD5 132fb59b33edb658898213d05c72678a SHA1 17d1d388c5516223fdd16c5309da1c409fe8ca19 SHA256 1369abfbcf45490e89b693bad8c9f415e88d130d0e1ba6e6abb912fee5556866 Format Code Loading...

	api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd	ScriptElement	4.1 kB	2025-07-03	2025-08-06
URL api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd IP / ASN 188.114.97.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-07-03 Last Seen 2025-08-06 Times Seen 23 Size 4.1 kB (4080 bytes) MD5 68c94f0177533160c77298b086b8a11a SHA1 3a85f265004288404c1c926b71b4a4304b72137a SHA256 f4e1a2827fdb02076f0aafebcef3dfd3a778ec234d98fac63fdcaa5d743ab9cf Format Code Loading...

	api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd	ScriptElement	8 B	2025-06-15	2025-08-06
URL api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd IP / ASN 188.114.97.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-15 Last Seen 2025-08-06 Times Seen 31 Size 8 B (8 bytes) MD5 b338d064511803754cf2bb55ff13e5a0 SHA1 6357dedd136e57367b9f87e62bfd53300484612e SHA256 6c9df6d9df1e75f198df49c652f1dee1a66dad511c1fd579f59be2b6952ec27d Format Code Loading...

HTTP Transactions (69)

URL IP Response Size

GET eu.static.mega.co.nz/4/js/BDL-9_42bc3d13389cc00b955a6a4c50ab18a8399d72c84abe220e2a61bd64a87f9947.js

66.203.124.37

200 OK

650 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-9_42bc3d13389cc00b955a6a4c50ab18a8399d72c84abe220e2a61bd64a87f9947.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size650 kB (650278 bytes)

MD59e5b0d0d8fd19ced18cbd1dbfa61405c

SHA1022ff242cf93f52b2ee1193bc90880508863b25c

SHA25642bc3d13389cc00b955a6a4c50ab18a8399d72c84abe220e2a61bd64a87f9947

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-9_42bc3d13389cc00b955a6a4c50ab18a8399d72c84abe220e2a61bd64a87f9947.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 130968
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-1ff98"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/css/BDL-8_1c255773e95915631318c45724e0dc5df530caac133d38f8e8b617e491bebfdb.css

66.203.124.37

200 OK

57 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-8_1c255773e95915631318c45724e0dc5df530caac133d38f8e8b617e491bebfdb.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (2217)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size57 kB (56748 bytes)

MD56bbf05f240edfb81d823c0799356d497

SHA153b1dfdc0df2203951e5d88999b67ff2b33c432f

SHA2561c255773e95915631318c45724e0dc5df530caac133d38f8e8b617e491bebfdb

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-8_1c255773e95915631318c45724e0dc5df530caac133d38f8e8b617e491bebfdb.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 11335
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-2c47"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-facebook

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-facebook

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/sprites/fm-illustration-sprite-wide.svg?v=e397e234dc118de4

66.203.124.37

200 OK

69 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/sprites/fm-illustration-sprite-wide.svg?v=e397e234dc118de4

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2023-10-16

Last Seen2025-08-06

Times Seen845

Size69 kB (68811 bytes)

MD5770b69c3df131f0ebc4b0ce308d1ef33

SHA167f2e3f1036b6ba9cf541175c98c7503a308a517

SHA256a5169bc493a31b5513e7fb9357bb189e053f76a9c7d4a45232c145554bbeb075

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/sprites/fm-illustration-sprite-wide.svg?v=e397e234dc118de4 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 22129
last-modified: Thu, 31 Jul 2025 06:17:56 GMT
vary: Accept-Encoding
etag: "688b0a94-5671"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET mega.nz/favicon.ico

31.216.144.5

200 OK

6.5 kB

URL GET HTTPS

mega.nz/favicon.ico

IP / ASN

31.216.144.5

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-12

Last Seen2025-08-06

Times Seen1184

Size6.5 kB (6518 bytes)

MD572f13fa5f987ea923a68a818d38fb540

SHA1f014620d35787fcfdef193c20bb383f5655b9e1e

SHA25637127c1a29c164cdaa75ec72ae685094c2468fe0577f743cb1f307d23dd35ec1

Certificate Info

IssuerLet's Encrypt

Subjectmega.nz

Fingerprint02:72:B9:99:61:81:54:BF:A5:B4:A3:B7:C3:8F:4E:A7:67:1B:3D:91

ValidityTue, 17 Jun 2025 22:00:55 GMT - Mon, 15 Sep 2025 22:00:54 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/file/YmogzKSL
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1029
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip

GET eu.static.mega.co.nz/4/fonts/Inter-SemiBold.woff2?v=598278c73b24c2ce

66.203.124.37

200 OK

107 kB

URL GET HTTPS

eu.static.mega.co.nz/4/fonts/Inter-SemiBold.woff2?v=598278c73b24c2ce

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 106788, version 1.0

First Seen2023-05-21

Last Seen2025-08-06

Times Seen464

Size107 kB (106788 bytes)

MD5920533ddd1d6ea543f7fc3e89b4556bb

SHA1bc11a427dcb55d1354a5ea07bbc353c57fe9cc0b

SHA256d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/fonts/Inter-SemiBold.woff2?v=598278c73b24c2ce HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:19 GMT
content-type: font/woff2
content-length: 106788
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
vary: Accept-Encoding
etag: "688af919-1a124"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mail.olmail.com/favicon.ico

134.119.176.30

404 Not Found

9 B

URL GET HTTPS

mail.olmail.com/favicon.ico

IP / ASN

134.119.176.30

#29066 velia.net Internetdienste GmbH

Requested byhttps://mail.olmail.com/

Resource Info

File typeASCII text, with no line terminators

First Seen2023-03-08

Last Seen2025-08-07

Times Seen11135

Size9 B (9 bytes)

MD5d8f4a1993546cc4b850cde3599e27aec

SHA1094b763b4cfcc0b05e5d040581cd513c3ca08067

SHA256907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Certificate Info

IssuerLet's Encrypt

Subjectolmail.com

FingerprintE0:AD:B2:60:2F:83:C2:D5:69:2F:99:34:64:DF:E0:7D:D2:8B:D5:6C

ValidityWed, 16 Jul 2025 14:21:52 GMT - Tue, 14 Oct 2025 14:21:51 GMT

Technology Fingerprints

Cowboy (Web servers)

Erlang (Programming languages)

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mail.olmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.olmail.com/
Cookie: sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Fri, 01 Aug 2025 07:05:12 GMT
server: Cowboy
X-Firefox-Spdy: h2

GET meedoobestkeyplati.com/indexactiverevenue.php?flow_id=109&conversion=3M3Yoq*fuMM&bid=0.005&source_subid=olmail.com&banner=7127828&carrier=Blix+Solutions&IP=91.90.42.154&campaign=1725413&query=hotmail%2Cpersonal+email&state=03

188.114.97.1

200 OK

1.3 kB

URL User Request GET HTTPS

meedoobestkeyplati.com/indexactiverevenue.php?flow_id=109&conversion=3M3Yoq*fuMM&bid=0.005&source_subid=olmail.com&banner=7127828&carrier=Blix+Solutions&IP=91.90.42.154&campaign=1725413&query=hotmail%2Cpersonal+email&state=03

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size1.3 kB (1273 bytes)

MD58e5f45e2465bc5c31f627eeb967bc6bf

SHA12b4b7cb736628c287d2c9d537c92227d12fc6a00

SHA256df4a486636e1466e80278dd06ddaeb1f24d3a79559e0f4a71baa8cbf0ed8db65

Certificate Info

IssuerGoogle Trust Services

Subjectmeedoobestkeyplati.com

FingerprintD7:21:58:C3:59:50:BF:80:16:C8:98:88:C4:95:4C:4E:E3:26:0B:2F

ValidityTue, 10 Jun 2025 17:45:47 GMT - Mon, 08 Sep 2025 18:43:19 GMT

Technology Fingerprints

Cloudflare (CDN)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /indexactiverevenue.php?flow_id=109&conversion=3M3Yoq*fuMM&bid=0.005&source_subid=olmail.com&banner=7127828&carrier=Blix+Solutions&IP=91.90.42.154&campaign=1725413&query=hotmail%2Cpersonal+email&state=03 HTTP/1.1
Host: meedoobestkeyplati.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Aug 2025 07:05:14 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3syrYqwixZ%2FA8wOgHw6M%2BowjnYec9OC7A%2FisvJxXLWQRrpQpqUp2AZr2iJcM42EsMVdMeeR8Gk72RiVJuKitwhNGYZ%2Fw1xUCJ7j%2BhjlaYvIBuA4B"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 96837c65586d5689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST g.api.mega.co.nz/cs?id=0

66.203.125.16

200 OK

215 B

URL POST HTTPS

g.api.mega.co.nz/cs?id=0

IP / ASN

66.203.125.16

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJSON text data

First Seen2025-07-02

Last Seen2025-08-06

Times Seen139

Size215 B (215 bytes)

MD59736634456c936319a5253d57ca92739

SHA18bbdc413794283eadae949ae5b8e43cc1aa4ad9d

SHA2563d264993e5eeaa571d4420fdd2a6bdb2bb3715e913cc0baed33cbadfe5a1c490

Certificate Info

IssuerSectigo Limited

Subject*.api.mega.co.nz

FingerprintF1:92:87:B0:48:35:8B:0C:87:B6:40:CD:57:89:6E:C8:6B:7B:5B:5D

ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

HTTP Headers

POST /cs?id=0 HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 13
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, X-Hashcash, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length, X-Hashcash
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 215
Content-Length: 215
Connection: keep-alive

GET eu.static.mega.co.nz/4/css/BDL-4_460b3b52462b6269eb04d2bbb999617da411aae6881853b934a9611ab39177ed.css

66.203.124.37

200 OK

705 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-4_460b3b52462b6269eb04d2bbb999617da411aae6881853b934a9611ab39177ed.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (728)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size705 kB (704749 bytes)

MD50826737a2d05a84f37b4a744ec1b694d

SHA1c345c9cba02c44a659e3c0e9a094083ae9577b3a

SHA256460b3b52462b6269eb04d2bbb999617da411aae6881853b934a9611ab39177ed

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-4_460b3b52462b6269eb04d2bbb999617da411aae6881853b934a9611ab39177ed.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 113995
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-1bd4b"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/html/download.html-postbuild_66d11618650abc2ee3e5c2557a7f42fc536441c152c10729c066a6129aa531f6.html

66.203.124.37

200 OK

12 kB

URL GET HTTPS

eu.static.mega.co.nz/4/html/download.html-postbuild_66d11618650abc2ee3e5c2557a7f42fc536441c152c10729c066a6129aa531f6.html

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (12110), with no line terminators

First Seen2025-07-24

Last Seen2025-08-06

Times Seen20

Size12 kB (12110 bytes)

MD5cb6a65f7dd9616a61aed4fbecb3f2b3f

SHA111508edbdbe5e3e6acf2b0e76cc158b66e9b7fad

SHA25666d11618650abc2ee3e5c2557a7f42fc536441c152c10729c066a6129aa531f6

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/html/download.html-postbuild_66d11618650abc2ee3e5c2557a7f42fc536441c152c10729c066a6129aa531f6.html HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/html
content-length: 2432
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-980"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET click-v4.exmainclck.com/click?i=ZMjkiseiShg_0

198.134.116.17

302 Found

1.3 kB

URL User Request GET HTTPS

click-v4.exmainclck.com/click?i=ZMjkiseiShg_0

IP / ASN

198.134.116.17

#27257 WEBAIR-INTERNET

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-07

Times Seen5706993

Size1.3 kB (1273 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectexmainclck.com

Fingerprint60:02:FD:E3:32:6D:E6:06:AD:BF:B2:D9:F3:21:5B:AE:C1:E5:5E:2E

ValidityMon, 07 Jul 2025 12:46:53 GMT - Sun, 05 Oct 2025 12:46:52 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /click?i=ZMjkiseiShg_0 HTTP/1.1
Host: click-v4.exmainclck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 01 Aug 2025 07:05:13 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meedoobestkeyplati.com/indexactiverevenue.php?flow_id=109&conversion=3M3Yoq*fuMM&bid=0.005&source_subid=olmail.com&banner=7127828&carrier=Blix+Solutions&IP=91.90.42.154&campaign=1725413&query=hotmail%2Cpersonal+email&state=03

GET api.meedoobestkeyplati.com/assets/favicon.png

188.114.97.1

200 OK

684 B

URL GET HTTPS

api.meedoobestkeyplati.com/assets/favicon.png

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd

Resource Info

File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced

First Seen2025-06-04

Last Seen2025-08-06

Times Seen35

Size684 B (684 bytes)

MD562a6c1858c85c4b392577ccd3225cc28

SHA103b08c6bc995f593b35b405ac0bb782647b986e7

SHA256e7c1f9e59179a8656eb99f0e0e4abebb5447485861a6f3306c753c223f783f98

Certificate Info

IssuerGoogle Trust Services

Subjectmeedoobestkeyplati.com

FingerprintD7:21:58:C3:59:50:BF:80:16:C8:98:88:C4:95:4C:4E:E3:26:0B:2F

ValidityTue, 10 Jun 2025 17:45:47 GMT - Mon, 08 Sep 2025 18:43:19 GMT

Technology Fingerprints

Cloudflare (CDN)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/favicon.png HTTP/1.1
Host: api.meedoobestkeyplati.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Aug 2025 07:05:14 GMT
content-type: image/png
content-length: 684
server: cloudflare
last-modified: Thu, 29 May 2025 16:45:03 GMT
etag: "68388f0f-2ac"
expires: Sat, 16 Aug 2025 10:18:33 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 1284400
cf-cache-status: HIT
priority: u=6,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=imYLHBN4WUcmEggCe6lfKnOfczumY8ys%2BsnTOIS%2BR%2Fwq5golb5gCva99Ni1JofQc15wFrLCVV9lh6HHKUDAdksM6VOeg8cgTFSKzR%2Flf20OS5cJOQSprvA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 96837c6a3e4d5695-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET eu.static.mega.co.nz/4/lang/en_ef8fa68f62c2c42172c48a69ea47d0e6979bc73d46e1540e886f8a4e1cc9d0a7.json

66.203.124.37

200 OK

412 kB

URL GET HTTPS

eu.static.mega.co.nz/4/lang/en_ef8fa68f62c2c42172c48a69ea47d0e6979bc73d46e1540e886f8a4e1cc9d0a7.json

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJSON text data

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size412 kB (411607 bytes)

MD5b2c3f0e822edf2d6b064ace2842c2cc6

SHA177cf05ca1a45cb12d49cbabbb289b207ce04fa80

SHA256ef8fa68f62c2c42172c48a69ea47d0e6979bc73d46e1540e886f8a4e1cc9d0a7

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/lang/en_ef8fa68f62c2c42172c48a69ea47d0e6979bc73d46e1540e886f8a4e1cc9d0a7.json HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:15 GMT
content-type: application/json
content-length: 105842
last-modified: Thu, 31 Jul 2025 06:17:52 GMT
vary: Accept-Encoding
etag: "688b0a90-19d72"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-1_1aa61593c58fa97150e675c02cf81b5798a968a6fcd6cb48d4cfd956420a00ca.js

66.203.124.37

200 OK

410 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-1_1aa61593c58fa97150e675c02cf81b5798a968a6fcd6cb48d4cfd956420a00ca.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-04-24

Last Seen2025-08-06

Times Seen183

Size410 kB (409821 bytes)

MD5823c4fea1fb3f47f129a5f9dfcfa7573

SHA156fc4834471ef2cbfa67be59c6079e30db072fd0

SHA2561aa61593c58fa97150e675c02cf81b5798a968a6fcd6cb48d4cfd956420a00ca

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-1_1aa61593c58fa97150e675c02cf81b5798a968a6fcd6cb48d4cfd956420a00ca.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:15 GMT
content-type: application/javascript
content-length: 115718
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-1c406"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-2_8d13a4d7430458df41172b0f2c417271c0772d0bdd634f007aab882de22a5d30.js

66.203.124.37

200 OK

649 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-2_8d13a4d7430458df41172b0f2c417271c0772d0bdd634f007aab882de22a5d30.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text, with very long lines (351)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size649 kB (649211 bytes)

MD5906ef69dd6eebef614080e47d7a13ad9

SHA1533530f953ec2e02e5ee5f819f99b145d4c12ae9

SHA2568d13a4d7430458df41172b0f2c417271c0772d0bdd634f007aab882de22a5d30

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-2_8d13a4d7430458df41172b0f2c417271c0772d0bdd634f007aab882de22a5d30.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:15 GMT
content-type: application/javascript
content-length: 150802
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-24d12"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-5_7d7cc40b7fad051d6299397a8d86dc302720781cac50a43956c21b49a7f6be00.js

66.203.124.37

200 OK

648 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-5_7d7cc40b7fad051d6299397a8d86dc302720781cac50a43956c21b49a7f6be00.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size648 kB (647769 bytes)

MD5c08dfe7e1c2797bb416ee2615b12b572

SHA18f662bf20672bc2eba138c4554178699d17e9477

SHA2567d7cc40b7fad051d6299397a8d86dc302720781cac50a43956c21b49a7f6be00

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-5_7d7cc40b7fad051d6299397a8d86dc302720781cac50a43956c21b49a7f6be00.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 147126
last-modified: Thu, 31 Jul 2025 06:17:59 GMT
vary: Accept-Encoding
etag: "688b0a97-23eb6"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/html/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg

66.203.124.37

200 OK

3.5 kB

URL GET HTTPS

eu.static.mega.co.nz/4/html/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2024-09-01

Last Seen2025-08-06

Times Seen791

Size3.5 kB (3544 bytes)

MD58b77a56614a61554062526d9cc9abe1b

SHA1ea96f5169990d03c7e42819515b837bd33bc7e69

SHA25618cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/html/contact-avatar_18cc8179fdcf896e202df0bee3a8a381667c7ab2e8206b7b157494d10beeae12.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: image/svg+xml
content-length: 632
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-278"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/css/BDL-1_360d599cfa1de34383e5d9830c441892a0926be17d5f9c9cd7cb9906bbf4c6e3.css

66.203.124.37

200 OK

522 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-1_360d599cfa1de34383e5d9830c441892a0926be17d5f9c9cd7cb9906bbf4c6e3.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (764)

First Seen2025-07-24

Last Seen2025-08-06

Times Seen31

Size522 kB (521747 bytes)

MD509a86af3c68ec1e88a7b64ef3c2029a5

SHA1be4f80392a95edbca7c67f88d279349bb1e93b7b

SHA256360d599cfa1de34383e5d9830c441892a0926be17d5f9c9cd7cb9906bbf4c6e3

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-1_360d599cfa1de34383e5d9830c441892a0926be17d5f9c9cd7cb9906bbf4c6e3.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 83749
last-modified: Thu, 31 Jul 2025 06:18:01 GMT
vary: Accept-Encoding
etag: "688b0a99-14725"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/mega/download-dialog.png?v=cf6daa0027e27782

66.203.124.37

200 OK

70 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/mega/download-dialog.png?v=cf6daa0027e27782

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 853 x 1363, 8-bit colormap, non-interlaced

First Seen2023-05-12

Last Seen2025-08-06

Times Seen730

Size70 kB (70369 bytes)

MD5d74c0efac1a9c59152b0325932d399f1

SHA1a472eadb5b431a4ef40e78ed79eaed9bb8fc8135

SHA256e8bedfbc203b2d09457d44a4ddfaadfb770d637e332f41487438fa9a7f5352f5

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/mega/download-dialog.png?v=cf6daa0027e27782 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 70369
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-112e1"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-7_2ef9a3a6debfc736e5cb2a5f513e14b9c90e364f5a4599def84c7c97b16f53e6.js

66.203.124.37

200 OK

596 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-7_2ef9a3a6debfc736e5cb2a5f513e14b9c90e364f5a4599def84c7c97b16f53e6.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size596 kB (595501 bytes)

MD55340f372adce5e1ce8044f2699ba5280

SHA1efffb9e24710dbceb18cd9992dd683040c8dd4f7

SHA2562ef9a3a6debfc736e5cb2a5f513e14b9c90e364f5a4599def84c7c97b16f53e6

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-7_2ef9a3a6debfc736e5cb2a5f513e14b9c90e364f5a4599def84c7c97b16f53e6.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 115294
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-1c25e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-12_f86b7be16305932221defeecc8833cbd752a138a74058e43e50118181554b228.js

66.203.124.37

200 OK

573 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-12_f86b7be16305932221defeecc8833cbd752a138a74058e43e50118181554b228.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size573 kB (573206 bytes)

MD5523083aca4aee3aac64f3b0ef0d7991f

SHA132bf9094593472a8c31dcec6f41b74c160a96996

SHA256f86b7be16305932221defeecc8833cbd752a138a74058e43e50118181554b228

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-12_f86b7be16305932221defeecc8833cbd752a138a74058e43e50118181554b228.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 114395
last-modified: Thu, 31 Jul 2025 06:17:57 GMT
vary: Accept-Encoding
etag: "688b0a95-1bedb"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/vendor/scheduler-polyfill_66da9107c97037dacd222b1f39336ce288eb8216b37b7120e81d62ee5dccf82c.js

66.203.124.37

200 OK

34 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/vendor/scheduler-polyfill_66da9107c97037dacd222b1f39336ce288eb8216b37b7120e81d62ee5dccf82c.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2024-12-07

Last Seen2025-08-06

Times Seen792

Size34 kB (33736 bytes)

MD5a84088002ad6ca024b9e0dd76839dfc3

SHA1757199046eb295aefcfcd40a3e9b6469dfa0a0b1

SHA25666da9107c97037dacd222b1f39336ce288eb8216b37b7120e81d62ee5dccf82c

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/vendor/scheduler-polyfill_66da9107c97037dacd222b1f39336ce288eb8216b37b7120e81d62ee5dccf82c.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 7946
last-modified: Thu, 31 Jul 2025 06:17:59 GMT
vary: Accept-Encoding
etag: "688b0a97-1f0a"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

POST g.api.mega.co.nz/cs?id=33335879&v=3&lang=en&domain=meganz

66.203.125.16

200 OK

318 B

URL POST HTTPS

g.api.mega.co.nz/cs?id=33335879&v=3&lang=en&domain=meganz

IP / ASN

66.203.125.16

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJSON text data

First Seen2025-07-24

Last Seen2025-08-06

Times Seen21

Size318 B (318 bytes)

MD521aa062943b522f6851a50d9c3fa4cbc

SHA143638fbc1e6011144c1a62fc83138aab7bc92b3b

SHA256cf5f0cd2179aa0c5b30f4d414fa18ba06fa8c09d2f70ac991e2f54370e52dc12

Certificate Info

IssuerSectigo Limited

Subject*.api.mega.co.nz

FingerprintF1:92:87:B0:48:35:8B:0C:87:B6:40:CD:57:89:6E:C8:6B:7B:5B:5D

ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

HTTP Headers

POST /cs?id=33335879&v=3&lang=en&domain=meganz HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 42
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, X-Hashcash, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length, X-Hashcash
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 318
Content-Length: 318
Connection: keep-alive

GET mega.nz/secureboot.js?r=1753938166

31.216.144.5

200 OK

191 kB

URL GET HTTPS

mega.nz/secureboot.js?r=1753938166

IP / ASN

31.216.144.5

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (24180)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen29

Size191 kB (191440 bytes)

MD5194597793c45eea0c98e9a1ece008c3b

SHA1c72ba83292ed30ad4f908a85f1a3241017c56a66

SHA256b7e27ac5067a3ee0e1558e394c94337f1bb129e0b65f24380b57789f0e2513cd

Certificate Info

IssuerLet's Encrypt

Subjectmega.nz

Fingerprint02:72:B9:99:61:81:54:BF:A5:B4:A3:B7:C3:8F:4E:A7:67:1B:3D:91

ValidityTue, 17 Jun 2025 22:00:55 GMT - Mon, 15 Sep 2025 22:00:54 GMT

HTTP Headers

GET /secureboot.js?r=1753938166 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/file/YmogzKSL
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 55790
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-loading

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-loading

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-instagram

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-instagram

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-linkedin

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-linkedin

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/mega/dialog-sprite.png?v=57a6bd1346996955

66.203.124.37

200 OK

31 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/mega/dialog-sprite.png?v=57a6bd1346996955

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 160 x 7432, 8-bit colormap, non-interlaced

First Seen2023-05-12

Last Seen2025-08-06

Times Seen736

Size31 kB (30699 bytes)

MD5c53c4b781f53b21562990926425abfd3

SHA1fff91c4acd5d0c187ad634b79b2619dae9af58ad

SHA2561692f9c36f3aaa9d3e251a92fd2615b55d6f8e8e0bb286fa87184ecb4e20525c

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/mega/dialog-sprite.png?v=57a6bd1346996955 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 30699
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-77eb"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/css/BDL-2_97492be8229b8a8aa80e6313526106984a896d8f649b3e38821da8dbb494332b.css

66.203.124.37

200 OK

28 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-2_97492be8229b8a8aa80e6313526106984a896d8f649b3e38821da8dbb494332b.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (456)

First Seen2025-07-17

Last Seen2025-08-06

Times Seen34

Size28 kB (27608 bytes)

MD5413add780e693bbf39203c8e4a00a49a

SHA10b436ec6794f7ef5c63827825fb4a6a812f0ba29

SHA25697492be8229b8a8aa80e6313526106984a896d8f649b3e38821da8dbb494332b

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-2_97492be8229b8a8aa80e6313526106984a896d8f649b3e38821da8dbb494332b.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 4455
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-1167"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/html/js/download_e647c220d57f531783f0f7d243372cd99ae36d159961eb323beee99edab51ea5.js

66.203.124.37

200 OK

40 kB

URL GET HTTPS

eu.static.mega.co.nz/4/html/js/download_e647c220d57f531783f0f7d243372cd99ae36d159961eb323beee99edab51ea5.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-24

Last Seen2025-08-06

Times Seen20

Size40 kB (40130 bytes)

MD5b7ae83a6177c80addededaf551a7e8ea

SHA127cf51e8cb9047f348cfecf21bac380e0a56a0f2

SHA256e647c220d57f531783f0f7d243372cd99ae36d159961eb323beee99edab51ea5

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/html/js/download_e647c220d57f531783f0f7d243372cd99ae36d159961eb323beee99edab51ea5.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 8724
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-2214"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/mega/psa/transferit_logo.png

66.203.124.37

200 OK

1.5 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/mega/psa/transferit_logo.png

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 144 x 144, 8-bit colormap, non-interlaced

First Seen2025-07-31

Last Seen2025-08-06

Times Seen17

Size1.5 kB (1474 bytes)

MD5d150abbdc9b0768e2c4fcd44d6e4f3bf

SHA1937fee81804516a7a060bf1a507d4280cb5c3f99

SHA256be60a25b98540705741f86cd9846b0360a30c6fab94c91572eee99c8cbe35b6f

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/mega/psa/transferit_logo.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:19 GMT
content-type: image/png
content-length: 1474
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-5c2"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-6_a6ab0e4a5f8927a6168fa06e47f0c576314c796729314bef4ba0859b751768e9.js

66.203.124.37

200 OK

394 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-6_a6ab0e4a5f8927a6168fa06e47f0c576314c796729314bef4ba0859b751768e9.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size394 kB (394263 bytes)

MD5cdfdb0c2aa7e9f151327d75678c819bb

SHA1de38ace1e31b1e6b4c74420f3cea3bb681c1ea1d

SHA256a6ab0e4a5f8927a6168fa06e47f0c576314c796729314bef4ba0859b751768e9

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-6_a6ab0e4a5f8927a6168fa06e47f0c576314c796729314bef4ba0859b751768e9.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 87711
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-1569f"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-10_2db1f5b2b81e304a22cb602c407dc63d5fac2a48da131c6759f64fa0eeca6466.js

66.203.124.37

200 OK

502 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-10_2db1f5b2b81e304a22cb602c407dc63d5fac2a48da131c6759f64fa0eeca6466.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size502 kB (502503 bytes)

MD58a4789a1952f8648a158bfd2f8d2a50a

SHA1d6fe898076cf6ce9a9b18678ec0efa358b4a89bf

SHA2562db1f5b2b81e304a22cb602c407dc63d5fac2a48da131c6759f64fa0eeca6466

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-10_2db1f5b2b81e304a22cb602c407dc63d5fac2a48da131c6759f64fa0eeca6466.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 94872
last-modified: Thu, 31 Jul 2025 06:17:59 GMT
vary: Accept-Encoding
etag: "688b0a97-17298"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-15_2f5f6bb1baa9e7f70061d83bee609ffe07376ff50dac567578f135dfd9331812.js

66.203.124.37

200 OK

258 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-15_2f5f6bb1baa9e7f70061d83bee609ffe07376ff50dac567578f135dfd9331812.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-24

Last Seen2025-08-06

Times Seen31

Size258 kB (258025 bytes)

MD5492c6a9f2060b991aef3dbfafbe62297

SHA13815da2cf1f6a1c6238e7a8712acf228c9528833

SHA2562f5f6bb1baa9e7f70061d83bee609ffe07376ff50dac567578f135dfd9331812

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-15_2f5f6bb1baa9e7f70061d83bee609ffe07376ff50dac567578f135dfd9331812.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 54161
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-d391"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

66.203.124.37

200 OK

443 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2023-04-07

Last Seen2025-08-06

Times Seen1248

Size443 kB (443062 bytes)

MD5057852173e958810f1de0e8adbc9d462

SHA1bd05e51244966615a9dc2b0119f7e8cfa64f22b5

SHA2569c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 49684
last-modified: Thu, 31 Jul 2025 06:17:59 GMT
vary: Accept-Encoding
etag: "688b0a97-c214"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-youtube

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-youtube

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

66.203.124.37

200 OK

8.8 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeGIF image data, version 89a, 32 x 32

First Seen2023-05-04

Last Seen2025-08-06

Times Seen1153

Size8.8 kB (8787 bytes)

MD53f788625bbc4f87885b982ed70876dcb

SHA1d4155b22d2e63b149b42e238ab5c2788199a2f99

SHA256741f05bca4428e5880a44222f68a2f50172860f43b09abb57e3dc12d3ce5766d

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/mobile/button-loader-green.gif?v=b175f7d362d2b4af HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/gif
content-length: 8787
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-2253"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-twitter

66.203.124.37

200 OK

306 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg#icon-twitter

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-07-02

Last Seen2025-08-06

Times Seen76

Size306 kB (305891 bytes)

MD57c56b153d7a6ca6dc20032b9a1b90a12

SHA11edf6810879152f68e9880e6c0c50a01c07303ba

SHA256153c1f00aa8cd19114ddb00ba827f6bb9eef156ecf09f4b4f1d73d51547da064

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-uni-uni.489f43a16f06c995.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 85495
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-14df7"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET mail.olmail.com/

134.119.176.30

200 OK

477 B

URL User Request GET HTTPS

mail.olmail.com/

IP / ASN

134.119.176.30

#29066 velia.net Internetdienste GmbH

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (477), with no line terminators

First Seen2025-08-01

Last Seen2025-08-01

Times Seen1

Size477 B (477 bytes)

MD5d7eac46cb7782d573f95749f323fd396

SHA1325f003d1dbcf6d6ae31db0869aaf18833370c2a

SHA25628bbf970a01b34df50c1b0369bc76998da99a3a6ce9db1cff3e5b8bd4928b195

Certificate Info

IssuerLet's Encrypt

Subjectolmail.com

FingerprintE0:AD:B2:60:2F:83:C2:D5:69:2F:99:34:64:DF:E0:7D:D2:8B:D5:6C

ValidityWed, 16 Jul 2025 14:21:52 GMT - Tue, 14 Oct 2025 14:21:51 GMT

Technology Fingerprints

Erlang (Programming languages)

Cowboy (Web servers)

HTTP Headers

GET / HTTP/1.1
Host: mail.olmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 477
content-type: text/html; charset=utf-8
date: Fri, 01 Aug 2025 07:05:11 GMT
server: Cowboy
set-cookie: sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b; path=/; domain=.olmail.com; expires=Wed, 19 Aug 2093 10:19:19 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

GET mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

31.216.144.5

200 OK

2.1 kB

URL User Request GET HTTPS

mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

IP / ASN

31.216.144.5

#203055 Datacenter Luxembourg S.A.

Requested byN/A

Resource Info

File typeHTML document, ASCII text

First Seen2025-07-31

Last Seen2025-08-01

Times Seen4

Size2.1 kB (2059 bytes)

MD5cf05ae2b3d847690e6091eab57eb9f0c

SHA1c35bc315d965a4fc3f2819efa927c60300985397

SHA256ce23d2d2a9644544bf680ca044e3d6e619630c54720789e877891759df2838ca

Certificate Info

IssuerLet's Encrypt

Subjectmega.nz

Fingerprint02:72:B9:99:61:81:54:BF:A5:B4:A3:B7:C3:8F:4E:A7:67:1B:3D:91

ValidityTue, 17 Jun 2025 22:00:55 GMT - Mon, 15 Sep 2025 22:00:54 GMT

Technology Fingerprints

HTTP Headers

GET /file/YmogzKSL HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.meedoobestkeyplati.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip
Content-Length: 834
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Robots-Tag: noindex
Set-Cookie: geoip=NO; Secure
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz ad.mega.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Connection: Keep-Alive

GET eu.static.mega.co.nz/4/js/BDL-3_e50e717ceb1d396c8465e7978c674d7f9170d5ecac639bcb260df1ad0417da59.js

66.203.124.37

200 OK

632 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-3_e50e717ceb1d396c8465e7978c674d7f9170d5ecac639bcb260df1ad0417da59.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size632 kB (632037 bytes)

MD5aae145c1d1f9e7d8b509550f611a2386

SHA1c3468c1000b8c00ef76b6c0c19cc2f30ead712b4

SHA256e50e717ceb1d396c8465e7978c674d7f9170d5ecac639bcb260df1ad0417da59

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-3_e50e717ceb1d396c8465e7978c674d7f9170d5ecac639bcb260df1ad0417da59.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:15 GMT
content-type: application/javascript
content-length: 141344
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-22820"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

POST g.api.mega.co.nz/cs?id=0&v=2

66.203.125.16

200 OK

147 B

URL POST HTTPS

g.api.mega.co.nz/cs?id=0&v=2

IP / ASN

66.203.125.16

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJSON text data

First Seen2025-07-30

Last Seen2025-08-01

Times Seen5

Size147 B (147 bytes)

MD56a79aca1234c00e503ef87e024745a81

SHA1d46239dccac5eb88a108c1c8d5aca8fb4e7107f4

SHA2568f1c6843ef7e843b5c90a6290999812f1708681578698226fed9749cf77bb6b9

Certificate Info

IssuerSectigo Limited

Subject*.api.mega.co.nz

FingerprintF1:92:87:B0:48:35:8B:0C:87:B6:40:CD:57:89:6E:C8:6B:7B:5B:5D

ValidityTue, 07 Jan 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

HTTP Headers

POST /cs?id=0&v=2 HTTP/1.1
Host: g.api.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 33
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, X-Hashcash, MEGA-Chrome-Antileak
Access-Control-Expose-Headers: Original-Content-Length, X-Hashcash
Access-Control-Max-Age: 86400
Cache-Control: no-store
Original-Content-Length: 147
Content-Length: 147
Connection: keep-alive

GET eu.static.mega.co.nz/4/js/BDL-11_962f92bf96b01ea8f6c8c839737fd3bad9c6ccccb0eea79f666a493c4ea487ca.js

66.203.124.37

200 OK

548 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-11_962f92bf96b01ea8f6c8c839737fd3bad9c6ccccb0eea79f666a493c4ea487ca.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size548 kB (548150 bytes)

MD531a7a11633b484ff50cd2640d2fbcf52

SHA1a7aae0439d44469cfb1f0a7a50c4ed400c69754f

SHA256962f92bf96b01ea8f6c8c839737fd3bad9c6ccccb0eea79f666a493c4ea487ca

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-11_962f92bf96b01ea8f6c8c839737fd3bad9c6ccccb0eea79f666a493c4ea487ca.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 107863
last-modified: Thu, 31 Jul 2025 06:17:59 GMT
vary: Accept-Encoding
etag: "688b0a97-1a557"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-4_4ae1a5f0c17712282f8725ed110c9bf64bb69dd66dfffceda93a866d454602c5.js

66.203.124.37

200 OK

600 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-4_4ae1a5f0c17712282f8725ed110c9bf64bb69dd66dfffceda93a866d454602c5.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size600 kB (599924 bytes)

MD5b85701e0d91f2625b2b02cdf44de59a1

SHA1d921624e4a18b19e97b133f34ab6b2641d3100ee

SHA2564ae1a5f0c17712282f8725ed110c9bf64bb69dd66dfffceda93a866d454602c5

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-4_4ae1a5f0c17712282f8725ed110c9bf64bb69dd66dfffceda93a866d454602c5.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:15 GMT
content-type: application/javascript
content-length: 134505
last-modified: Thu, 31 Jul 2025 06:17:57 GMT
vary: Accept-Encoding
etag: "688b0a95-20d69"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/js/BDL-8_5589aaf0836632f718238c7ca3e330b28567237b7e0eb9f9a023a8a5aa132456.js

66.203.124.37

200 OK

642 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-8_5589aaf0836632f718238c7ca3e330b28567237b7e0eb9f9a023a8a5aa132456.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size642 kB (641921 bytes)

MD54a7ef89a844fd0ee7133cfc9f00671f1

SHA19511af74a16830ba6bfe172369fdc143524772bb

SHA2565589aaf0836632f718238c7ca3e330b28567237b7e0eb9f9a023a8a5aa132456

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-8_5589aaf0836632f718238c7ca3e330b28567237b7e0eb9f9a023a8a5aa132456.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 146222
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-23b2e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-bucket-3d.309b7aad111304f7.png

66.203.124.37

200 OK

5.9 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-bucket-3d.309b7aad111304f7.png

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 128 x 128, 8-bit colormap, non-interlaced

First Seen2024-10-27

Last Seen2025-08-06

Times Seen776

Size5.9 kB (5917 bytes)

MD5829203ee3e16adc614a3152e72293751

SHA115c5ec593711488f65965a2517530fdcedf19fb7

SHA25630b5b465af353f56efbb33ac6f49a9a68059719f3dc1f89f623d40b41d422657

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/mega-icons-3d-icon-bucket-3d.309b7aad111304f7.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 5917
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-171d"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

POST 127.0.0.1:6341/

0.0.0.0

0 B

URL POST HTTP

127.0.0.1:6341/

IP / ASN

0.0.0.0

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-07

Times Seen5706993

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST / HTTP/1.1
Host: 127.0.0.1:6341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 9
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd

188.114.97.1

200 OK

9.7 kB

URL User Request GET HTTPS

api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (3583)

First Seen2025-07-03

Last Seen2025-08-06

Times Seen23

Size9.7 kB (9666 bytes)

MD5cce39b80ebf8fed0648bd81b28e02e11

SHA1e54f22cb77bf186c3b58116db2fc6df7aa378000

SHA25655ce90e0c9f1e894e1e3b81fccfc8cb74db54b2370877c76e1c10676d2263f2a

Certificate Info

IssuerGoogle Trust Services

Subjectmeedoobestkeyplati.com

FingerprintD7:21:58:C3:59:50:BF:80:16:C8:98:88:C4:95:4C:4E:E3:26:0B:2F

ValidityTue, 10 Jun 2025 17:45:47 GMT - Mon, 08 Sep 2025 18:43:19 GMT

Technology Fingerprints

Cloudflare (CDN)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rt=b370425bcaa368ce5917d0b61baf4bcd HTTP/1.1
Host: api.meedoobestkeyplati.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meedoobestkeyplati.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Aug 2025 07:05:14 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
cache-control: no-store
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aKuSajKY7fCVno1DDg0TfDyX7Xd2cs1i5UrjE0kdXlKZ%2Byb9%2FRsrf%2BBZfwQuWidZD%2B5dguccSIAzR4f08nJgQ8f5KuemTP%2BKpiT2yvYqwoKDVUY3%2B68lig%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 96837c68cc515695-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mega.nz/favicon.ico?v=3

31.216.144.5

200 OK

6.5 kB

URL GET HTTPS

mega.nz/favicon.ico?v=3

IP / ASN

31.216.144.5

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel

First Seen2023-05-12

Last Seen2025-08-06

Times Seen1184

Size6.5 kB (6518 bytes)

MD572f13fa5f987ea923a68a818d38fb540

SHA1f014620d35787fcfdef193c20bb383f5655b9e1e

SHA25637127c1a29c164cdaa75ec72ae685094c2468fe0577f743cb1f307d23dd35ec1

Certificate Info

IssuerLet's Encrypt

Subjectmega.nz

Fingerprint02:72:B9:99:61:81:54:BF:A5:B4:A3:B7:C3:8F:4E:A7:67:1B:3D:91

ValidityTue, 17 Jun 2025 22:00:55 GMT - Mon, 15 Sep 2025 22:00:54 GMT

HTTP Headers

GET /favicon.ico?v=3 HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/file/YmogzKSL
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1029
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400
Content-Encoding: gzip

GET eu.static.mega.co.nz/4/js/BDL-14_6f9d02a79e7fe7ce63be0e397c44c0455a65a9de23bf5367a49581a73e2ce3c3.js

66.203.124.37

200 OK

604 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-14_6f9d02a79e7fe7ce63be0e397c44c0455a65a9de23bf5367a49581a73e2ce3c3.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size604 kB (603507 bytes)

MD51d3aeedf5bed99fec3d562f4c9203def

SHA12ff979f46be7027633f17703c0f8700e724b0d83

SHA2566f9d02a79e7fe7ce63be0e397c44c0455a65a9de23bf5367a49581a73e2ce3c3

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-14_6f9d02a79e7fe7ce63be0e397c44c0455a65a9de23bf5367a49581a73e2ce3c3.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 138342
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-21c66"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-key-3d.10e986479b570c8a.png

66.203.124.37

200 OK

3.2 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-key-3d.10e986479b570c8a.png

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 96 x 96, 8-bit colormap, non-interlaced

First Seen2024-10-27

Last Seen2025-08-06

Times Seen776

Size3.2 kB (3159 bytes)

MD5719b56b6986378fc91dd50c591759d7a

SHA12be2b44a26ffa67d3ec7d8a5f3d711cd261fc202

SHA25601fa8ea62966f7a58ac5d84a1f91660ee5341b3ce29b8d80ef02c10d7ad1cbaa

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/mega-icons-3d-icon-key-3d.10e986479b570c8a.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 3159
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-c57"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg#icon-generic-90

66.203.124.37

200 OK

53 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg#icon-generic-90

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-03-14

Last Seen2025-08-06

Times Seen122

Size53 kB (52828 bytes)

MD53d9663a1820b944c45f0961db2e6372e

SHA1c6b8b98a95e5ba0f94dad23b6d9f4b0d4e7ce31f

SHA25675cda10b8cf9d7c8eb983dd5ce640f2fcd79fe517ed9304023791a0e207abf35

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/svg+xml
content-length: 11646
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-2d7e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg#icon-compressed-90

66.203.124.37

200 OK

53 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg#icon-compressed-90

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeSVG Scalable Vector Graphics image

First Seen2025-03-14

Last Seen2025-08-06

Times Seen122

Size53 kB (52828 bytes)

MD53d9663a1820b944c45f0961db2e6372e

SHA1c6b8b98a95e5ba0f94dad23b6d9f4b0d4e7ce31f

SHA25675cda10b8cf9d7c8eb983dd5ce640f2fcd79fe517ed9304023791a0e207abf35

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-mime-90-uni.6e9449b56f53a44d.svg HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:19 GMT
content-type: image/svg+xml
content-length: 11646
last-modified: Thu, 31 Jul 2025 06:17:55 GMT
vary: Accept-Encoding
etag: "688b0a93-2d7e"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET api.meedoobestkeyplati.com/assets/f.js

188.114.97.1

200 OK

38 kB

URL GET HTTPS

api.meedoobestkeyplati.com/assets/f.js

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38299)

First Seen2025-06-04

Last Seen2025-08-06

Times Seen32

Size38 kB (38307 bytes)

MD58f6925152a6e85fc4ffe8a6b2ab33d7a

SHA1144c119b3c7e67bfa7edd026d054ddc1fab213e1

SHA256f8880f8dc34550ad63ba2bcaf775ff01c2e8c0de3050fd6dfc6ceab531459020

Certificate Info

IssuerGoogle Trust Services

Subjectmeedoobestkeyplati.com

FingerprintD7:21:58:C3:59:50:BF:80:16:C8:98:88:C4:95:4C:4E:E3:26:0B:2F

ValidityTue, 10 Jun 2025 17:45:47 GMT - Mon, 08 Sep 2025 18:43:19 GMT

Technology Fingerprints

Cloudflare (CDN)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/f.js HTTP/1.1
Host: api.meedoobestkeyplati.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Aug 2025 07:05:14 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 29 May 2025 16:45:03 GMT
vary: Accept-Encoding
etag: "68388f0f-95a3"
expires: Fri, 01 Aug 2025 10:56:39 GMT
cache-control: max-age=43200
content-encoding: gzip
age: 29315
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KCrwSAu1TLI3xnBFhjN3RoU6JMX7bDOMLcmTOq30g3DWHEfVBh4II%2F49gRzuge1eKRYlG%2BOg2VKjOH3xWGcoFKZ8Ude8Cru%2B%2BJJ9tBZWx18aO7ansC6llQ%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 96837c6a0e1a5695-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET eu.static.mega.co.nz/4/js/BDL-13_cfb374778a0eb9fb06e319cd703b1a5d7a2bb9e14c191f1927ed078f550ec9d4.js

66.203.124.37

200 OK

503 kB

URL GET HTTPS

eu.static.mega.co.nz/4/js/BDL-13_cfb374778a0eb9fb06e319cd703b1a5d7a2bb9e14c191f1927ed078f550ec9d4.js

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size503 kB (502976 bytes)

MD53c43f1f09294e0a0334f6f306bd42370

SHA1cdba0d5ebd278208f2eb925f30b70ff9a7034464

SHA256cfb374778a0eb9fb06e319cd703b1a5d7a2bb9e14c191f1927ed078f550ec9d4

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/js/BDL-13_cfb374778a0eb9fb06e319cd703b1a5d7a2bb9e14c191f1927ed078f550ec9d4.js HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/javascript
content-length: 92044
last-modified: Thu, 31 Jul 2025 06:17:58 GMT
vary: Accept-Encoding
etag: "688b0a96-1678c"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/images/mega/icons-3d/icon-lightbulb-3d.png?v=bd8de57b8b075f61

66.203.124.37

200 OK

3.2 kB

URL GET HTTPS

eu.static.mega.co.nz/4/images/mega/icons-3d/icon-lightbulb-3d.png?v=bd8de57b8b075f61

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 104 x 104, 8-bit colormap, non-interlaced

First Seen2024-10-27

Last Seen2025-08-06

Times Seen776

Size3.2 kB (3212 bytes)

MD56c2e717caba4e6b7ba445f0c3bcc7286

SHA19db0868507f38f23e31690f12382d5dece715f41

SHA2567c9916432d5de81002c7b7bec85b40fc33dd343a8cfb8e86fd85291ac79cc765

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/images/mega/icons-3d/icon-lightbulb-3d.png?v=bd8de57b8b075f61 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 3212
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-c8c"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-list-3d.1cbacc9ad7207808.png

66.203.124.37

200 OK

2.2 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/mega-icons-3d-icon-list-3d.1cbacc9ad7207808.png

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced

First Seen2024-10-27

Last Seen2025-08-06

Times Seen776

Size2.2 kB (2214 bytes)

MD53ccd2d9c7d0c2ed39bb9aee5697dae55

SHA1f7e8a89bd2b7a3f22dc8b3870ee2510e1452c9b7

SHA2567d4baf623dbd6fccb2943e8b904c7a9339bdbac35bb4ee9f55c321fe7119ea89

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/mega-icons-3d-icon-list-3d.1cbacc9ad7207808.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 2214
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-8a6"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

66.203.124.37

200 OK

90 kB

URL GET HTTPS

eu.static.mega.co.nz/4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 90132, version 2.655

First Seen2023-05-04

Last Seen2025-08-06

Times Seen1145

Size90 kB (90132 bytes)

MD594676e314a869cea8b70fc6698cb2c48

SHA1c681f9ea637011a45fa30e4750098dee378880d5

SHA25692090a2fc2ee13f67411a5e5778e3265e7401163c87beffa8e0392ccc765a8e8

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/fonts/SourceSansPro-Regular.woff2?v=f71f612f60d5bb7e HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:17 GMT
content-type: font/woff2
content-length: 90132
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
vary: Accept-Encoding
etag: "688af919-16014"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/mega-icons-3d-illustration-s4-3d.54642885c7fc0200.png

66.203.124.37

200 OK

21 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/mega-icons-3d-illustration-s4-3d.54642885c7fc0200.png

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 300 x 450, 8-bit colormap, non-interlaced

First Seen2024-10-27

Last Seen2025-08-06

Times Seen775

Size21 kB (21142 bytes)

MD5c75010d4d5c13ead3a962ba2c1f53bb9

SHA1dab95a4b027ef70e36e139c92fc440f19343071b

SHA256aff82b4fceb3dbf328b92d4f31fcb545c5ac9e8fe4bc47082a88550ed9a01ab1

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/mega-icons-3d-illustration-s4-3d.54642885c7fc0200.png HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: image/png
content-length: 21142
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
etag: "688af919-5296"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca

66.203.124.37

200 OK

99 kB

URL GET HTTPS

eu.static.mega.co.nz/4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 98756, version 1.0

First Seen2023-04-26

Last Seen2025-08-06

Times Seen761

Size99 kB (98756 bytes)

MD5a90c493e75dbd61aec1195dbb9bb6b06

SHA1a3e3ae8b6f79820b0b393a92fc613f50fb9f03c6

SHA256ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/fonts/Inter-Regular.woff2?v=b4e5eb92b9448cca HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:19 GMT
content-type: font/woff2
content-length: 98756
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
vary: Accept-Encoding
etag: "688af919-181c4"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2

GET mega.nz/loading-sprite_light.png

31.216.144.5

200 OK

2.9 kB

URL GET HTTPS

mega.nz/loading-sprite_light.png

IP / ASN

31.216.144.5

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typePNG image data, 225 x 200, 8-bit colormap, non-interlaced

First Seen2024-12-20

Last Seen2025-08-06

Times Seen422

Size2.9 kB (2883 bytes)

MD59921934f1bf864072da77c61020377d7

SHA16d17fe18447d4150fa3df4875a19e90db20c67bb

SHA25673e10e327fb13409cf18780c1356edf4f86350643db0d098e1f476330ce7fcfe

Certificate Info

IssuerLet's Encrypt

Subjectmega.nz

Fingerprint02:72:B9:99:61:81:54:BF:A5:B4:A3:B7:C3:8F:4E:A7:67:1B:3D:91

ValidityTue, 17 Jun 2025 22:00:55 GMT - Mon, 15 Sep 2025 22:00:54 GMT

HTTP Headers

GET /loading-sprite_light.png HTTP/1.1
Host: mega.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/file/YmogzKSL
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2883
Cache-Control: max-age=8640000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Max-Age: 86400

GET eu.static.mega.co.nz/4/html/templates_5ec62cd940ab8d8a4ee33a7d1f8a34107d6570a1cb0c04aab0f9c43256365d22.json

66.203.124.37

200 OK

672 kB

URL GET HTTPS

eu.static.mega.co.nz/4/html/templates_5ec62cd940ab8d8a4ee33a7d1f8a34107d6570a1cb0c04aab0f9c43256365d22.json

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeJSON text data

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size672 kB (671687 bytes)

MD51c4bf4494a5b559f1df02f66bdc42b7b

SHA16085b3bedc94a4a630dafaae263c86fccb892637

SHA2565ec62cd940ab8d8a4ee33a7d1f8a34107d6570a1cb0c04aab0f9c43256365d22

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/html/templates_5ec62cd940ab8d8a4ee33a7d1f8a34107d6570a1cb0c04aab0f9c43256365d22.json HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: application/json
content-length: 99813
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-185e5"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/css/BDL-3_a5b94f36c7e8dcd57d56c6afb7f2db073d4cf76b032e93a007e7b58458b2ab6e.css

66.203.124.37

200 OK

294 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-3_a5b94f36c7e8dcd57d56c6afb7f2db073d4cf76b032e93a007e7b58458b2ab6e.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (550)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size294 kB (294054 bytes)

MD52f1b6797728d8ace64c1cb2b217f4c80

SHA1bb3c2c536ed1014aeedb604c3cb1f2d22044da08

SHA256a5b94f36c7e8dcd57d56c6afb7f2db073d4cf76b032e93a007e7b58458b2ab6e

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-3_a5b94f36c7e8dcd57d56c6afb7f2db073d4cf76b032e93a007e7b58458b2ab6e.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 34853
last-modified: Thu, 31 Jul 2025 06:18:01 GMT
vary: Accept-Encoding
etag: "688b0a99-8825"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/css/BDL-6_b2be14626d6f4aa2795c522cf98a32dc272a22fe246a71b8090a25aabca82528.css

66.203.124.37

200 OK

71 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-6_b2be14626d6f4aa2795c522cf98a32dc272a22fe246a71b8090a25aabca82528.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (618)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen18

Size71 kB (70829 bytes)

MD5e1ea9e7904b52ccd4458420d25cbf7ca

SHA1149644f368399ad8cdf86a867e1900dba02194df

SHA256b2be14626d6f4aa2795c522cf98a32dc272a22fe246a71b8090a25aabca82528

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-6_b2be14626d6f4aa2795c522cf98a32dc272a22fe246a71b8090a25aabca82528.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 10863
last-modified: Thu, 31 Jul 2025 06:18:00 GMT
vary: Accept-Encoding
etag: "688b0a98-2a6f"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET mail.olmail.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1NDAzOTExMiwiaWF0IjoxNzU0MDMxOTEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMWJwNWVwaWRkODc5YWN0aTAxOHRndTMiLCJuYmYiOjE3NTQwMzE5MTIsInRzIjoxNzU0MDMxOTEyNTg2NDkzfQ.IwMmSpgL78rT-grAuxwZN8AIqH-OngYNUIqVvCQgEl0&sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b

134.119.176.30

302 Found

1.3 kB

URL User Request GET HTTPS

mail.olmail.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1NDAzOTExMiwiaWF0IjoxNzU0MDMxOTEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMWJwNWVwaWRkODc5YWN0aTAxOHRndTMiLCJuYmYiOjE3NTQwMzE5MTIsInRzIjoxNzU0MDMxOTEyNTg2NDkzfQ.IwMmSpgL78rT-grAuxwZN8AIqH-OngYNUIqVvCQgEl0&sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b

IP / ASN

134.119.176.30

#29066 velia.net Internetdienste GmbH

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-07

Times Seen5706993

Size1.3 kB (1273 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectolmail.com

FingerprintE0:AD:B2:60:2F:83:C2:D5:69:2F:99:34:64:DF:E0:7D:D2:8B:D5:6C

ValidityWed, 16 Jul 2025 14:21:52 GMT - Tue, 14 Oct 2025 14:21:51 GMT

Technology Fingerprints

Erlang (Programming languages)

Cowboy (Web servers)

HTTP Headers

GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1NDAzOTExMiwiaWF0IjoxNzU0MDMxOTEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMWJwNWVwaWRkODc5YWN0aTAxOHRndTMiLCJuYmYiOjE3NTQwMzE5MTIsInRzIjoxNzU0MDMxOTEyNTg2NDkzfQ.IwMmSpgL78rT-grAuxwZN8AIqH-OngYNUIqVvCQgEl0&sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b HTTP/1.1
Host: mail.olmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.olmail.com/
Cookie: sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Fri, 01 Aug 2025 07:05:12 GMT
location: http://click-v4.exmainclck.com/click?i=ZMjkiseiShg_0
server: Cowboy
set-cookie: sid=de3fa491-6ea5-11f0-8a69-cf03e1f4d25b; path=/; domain=.olmail.com; expires=Wed, 19 Aug 2093 10:19:20 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

GET api.meedoobestkeyplati.com/service-worker.js

188.114.97.1

200 OK

7.2 kB

URL GET HTTPS

api.meedoobestkeyplati.com/service-worker.js

IP / ASN

188.114.97.1

#13335 CLOUDFLARENET

Requested byhttps://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd

Resource Info

File typeJavaScript source, ASCII text

First Seen2025-06-15

Last Seen2025-08-06

Times Seen31

Size7.2 kB (7204 bytes)

MD5132fb59b33edb658898213d05c72678a

SHA117d1d388c5516223fdd16c5309da1c409fe8ca19

SHA2561369abfbcf45490e89b693bad8c9f415e88d130d0e1ba6e6abb912fee5556866

Certificate Info

IssuerGoogle Trust Services

Subjectmeedoobestkeyplati.com

FingerprintD7:21:58:C3:59:50:BF:80:16:C8:98:88:C4:95:4C:4E:E3:26:0B:2F

ValidityTue, 10 Jun 2025 17:45:47 GMT - Mon, 08 Sep 2025 18:43:19 GMT

Technology Fingerprints

Cloudflare (CDN)

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-worker.js HTTP/1.1
Host: api.meedoobestkeyplati.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.meedoobestkeyplati.com/?rt=b370425bcaa368ce5917d0b61baf4bcd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Aug 2025 07:05:14 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 09 Jun 2025 16:34:07 GMT
vary: Accept-Encoding
etag: "68470cff-1c24"
expires: Fri, 01 Aug 2025 07:20:02 GMT
cache-control: max-age=43200
content-encoding: gzip
age: 42311
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=O9STyL7NfMeE2P5Wo%2F%2BREdmfiO0CCyuLYi6NQ5EUhyK%2FsDlbtaX3epRLpBISnVofOCE4gHijEuZLOEaxalZfyqddEbAwTHIutrpT3uiILDwDqtygFQ2OpA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 96837c6a0e165695-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET eu.static.mega.co.nz/4/css/BDL-5_0af4eab9cd88658b90d036376427afac986cc99bf8fa009f00db2dc721650c66.css

66.203.124.37

200 OK

323 kB

URL GET HTTPS

eu.static.mega.co.nz/4/css/BDL-5_0af4eab9cd88658b90d036376427afac986cc99bf8fa009f00db2dc721650c66.css

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeASCII text, with very long lines (769)

First Seen2025-07-31

Last Seen2025-08-06

Times Seen12

Size323 kB (323414 bytes)

MD5477866b53a0d028234d8320b4629a736

SHA180d44a3a52f5579b6e0010a8b20106e17e893283

SHA2560af4eab9cd88658b90d036376427afac986cc99bf8fa009f00db2dc721650c66

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/css/BDL-5_0af4eab9cd88658b90d036376427afac986cc99bf8fa009f00db2dc721650c66.css HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mega.nz/
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:16 GMT
content-type: text/css
content-length: 48584
last-modified: Thu, 31 Jul 2025 06:18:01 GMT
vary: Accept-Encoding
etag: "688b0a99-bdc8"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
X-Firefox-Spdy: h2

GET eu.static.mega.co.nz/4/imagery/sprites-fm-mono.38aa11281ea3da66.woff2?h=3b6c9c271

66.203.124.37

200 OK

90 kB

URL GET HTTPS

eu.static.mega.co.nz/4/imagery/sprites-fm-mono.38aa11281ea3da66.woff2?h=3b6c9c271

IP / ASN

66.203.124.37

#203055 Datacenter Luxembourg S.A.

Requested byhttps://mega.nz/file/YmogzKSL#ThP5Sv9-CqHIJyUGsdPVVf87XQTvJm__QrEEJfHBFHk

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 89804, version 1.0

First Seen2025-07-24

Last Seen2025-08-06

Times Seen31

Size90 kB (89804 bytes)

MD57bcc0307192a70ae19769d690c2b31a2

SHA103b48b36b917b86e5b7e13436edeabfd52315017

SHA2566276ca89e835ee0e0ef73cb91680c2e0e8756a29afbd8b6751d8d2cf34dc9158

Certificate Info

IssuerSectigo Limited

Subject*.static.mega.co.nz

FingerprintF4:82:33:22:88:B2:89:93:88:56:36:38:89:36:38:24:EF:23:EF:1A

ValidityTue, 07 Jan 2025 00:00:00 GMT - Sat, 07 Feb 2026 23:59:59 GMT

Technology Fingerprints

Nginx (Web servers, Reverse proxies)

HTTP Headers

GET /4/imagery/sprites-fm-mono.38aa11281ea3da66.woff2?h=3b6c9c271 HTTP/1.1
Host: eu.static.mega.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mega.nz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Aug 2025 07:05:18 GMT
content-type: font/woff2
content-length: 89804
last-modified: Thu, 31 Jul 2025 05:03:21 GMT
vary: Accept-Encoding
etag: "688af919-15ecc"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2