urlscan.io logo urlscan.io
SecurityTrails logo

getmega.net Open in urlscan Pro
2606:4700:3034::6815:5f48  Public Scan

Go To Rescan Add Verdict Report
URL: https://getmega.net/
Submission: On December 19 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3034::6815:5f48, located in United States and belongs to CLOUDFLARENET, US. The main domain is getmega.net.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.
This is the only time getmega.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    2606:4700:3034::6815:5f48 (United States)

ASN13335 (CLOUDFLARENET, US)
getmega.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
pertawee.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
3    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
18 getmega.net
getmega.net
358 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
741 KB
9 pertawee.net
pertawee.net
41 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 116
region1.analytics.google.com — Cisco Umbrella Rank: 2693
58 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
541 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
242 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
54 12
Domain Requested by
18 getmega.net getmega.net
static.cloudflareinsights.com
9 pertawee.net getmega.net
pertawee.net
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com getmega.net
www.gstatic.com
www.google.com
3 www.facebook.com connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 connect.facebook.net getmega.net
connect.facebook.net
1 my.rtmark.net getmega.net
1 www.google.de getmega.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 apis.google.com getmega.net
1 static.cloudflareinsights.com getmega.net
1 www.googletagmanager.com getmega.net
1 fonts.googleapis.com getmega.net
54 15

This site contains no links.

Subject Issuer Validity Valid
getmega.net
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
pertawee.net
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://getmega.net/
Frame ID: 9EC4D7EF5D0CD2EFF4A312F098F70B71
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Frame ID: 2F128244524D438701F272CE4B7EF35B
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26597e43de8f84%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=995&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Frame ID: 5858DEC9677B76011E12CB754CF7E4DF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13de78d99e0ef4%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Frame ID: 271275DE148D7E7766C5E896268F82A1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d3db53fec256%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Frame ID: 5C2EBF689F7419947DC2240F94ED2628
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt
Frame ID: 160933172178771691BF2E450B21D23C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get direct link from Mega.Nz - GetMega.Net

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

100 %
HTTPS

87 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1383 kB
Transfer

3189 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
getmega.net/ 		77 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
208145c4ba0270024ca9260c60e9ea1100b3acb1528c3020493759a0725f9df4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83804bc9bfbb0374-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 14:22:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEtbN3dTtkRdKWyCTabbhmiiv4NFn6TiyPIKWwMgJALVk%2BdOOOFQuSSDoTE8WRZ6jD3KIW2U1APGUzlRjMW1F6DMndw12yju3sfCSxva5hmEip3mgAxhpipmrLojt5a7hpKZmVBCQRordg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1433ca6dee55d1066ec306c75715a4142c21fa2647a8e97e80e0b619e332f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 14:22:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 14:22:09 GMT
bootstrap.min.css
getmega.net/skin/default/css/ 		93 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/css/bootstrap.min.css
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
402620
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGCJAOFpjM8i4RlDY3f59mC6J4yvOZfIS%2Fa0Sy1%2F2SNZkPsfQeh73ZS2FSEeZeZjP3R70%2BeLjl%2BK%2Fvm3nIPT110wMBA9miO1tp7CCsEYt%2Fo0Ftd1yb2qwGTjbH72r10JbPg4fyMRDr3vCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce0d3b0374-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Dec 2023 22:31:49 GMT
flexslider.css
getmega.net/skin/default/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/css/flexslider.css
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b6be62877178717033a67cf6f025b9c2bdce446b0f434a6a824297a104b674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
402620
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VLOnB6kq2HsTPDVLSeJmwHRAHO5JRHDJpFdIa%2BfYb%2F4VCN7Mjq27fp239LylhYqTfKhvSvg4mJGWeDVR%2Fa4wnMu%2BxlhTLGpmGB0aYmLGD4u4b8OGrE2t6fWrJ8R%2Bp3unoMpM%2BghDWWBWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce0d3d0374-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Dec 2023 22:31:49 GMT
templatemo-style.css
getmega.net/skin/default/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/css/templatemo-style.css
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51b5491a8b7b3b1c75c2c51ac3e289b1f6f8c9fd75148bfdc1b09a63f3adf65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
472634
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYk107rCxQA3QjVcLrJ72d5QAkEkVoMqFkU6HBY3DV7nJ23PjSltrfiuhYOX%2B8YzXzTsmL8qtzZzzaFhwgJX0WQdB4lekDS9g6FIghujuzI3ZxRjJeM6%2BeqFxZJOcSvZ4zJfV%2BmLk1WMsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce0d3e0374-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Dec 2023 03:04:55 GMT
ntfc.php
pertawee.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/ntfc.php?p=5516908
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
43620d4167eed0aae2c452914018932e583aef5579f88ce738766f5cbfd5cb7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 13:38:02 GMT
server
nginx
etag
W/"65649bba-32de"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JY1RH5TFW1
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32196b517594282208d3488171badccda1a59d25c74cc858b781be1600bea2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86497
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Dec 2023 14:22:09 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 19 Dec 2023 14:22:09 GMT
jquery-1.11.3.min.js
getmega.net/skin/default/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/js/jquery-1.11.3.min.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331471
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B4nnsY9vOMEIu%2BQNZY5fVkAdrjKGqAJ4EjLfXaFQijYfb025RDZvIbeUIF48OFyi%2B3JC2v0fN8NyUuDV1Dz2A%2BNpVRodUrol4GqEW6kmv4CsihwmadeqXXYXym3sWNOSeGWwjQSc2NSxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce0d400374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 18:17:38 GMT
jquery.flexslider-min.js
getmega.net/skin/default/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/js/jquery.flexslider-min.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
385796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZDGSir0f8XBKniSq4Yr1qFbWsZSkxluCrXVprIKHGvaNReox9AK20h%2FE06c9k%2BM8KdPsvMqCvJ%2B%2F7xKfcm5gkwr17gVBqlnLSQaQLlvasrVYjvpjFg%2BMFC6wKRNoNYLTAhuywB%2FCpAhPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce0d410374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 03:12:13 GMT
jquery.backstretch.min.js
getmega.net/skin/default/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/js/jquery.backstretch.min.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331471
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UHedXbsM3izPD4PSTbBABI5jSAfzVHhymG3KDu4MJaYXPz8kTe9zP%2FDtZsXdxgF7nv0TfdAx3xPiFKaEc11c2tQMtykEXbJqslxGNamYJQqkgSKJE0mrPaI8KMRBvlsP1bzOJz1JwegDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce1d420374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 18:17:38 GMT
templatemo-script.js
getmega.net/skin/default/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/js/templatemo-script.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec92e6e5ea6bafad5e979a838b451f0cb9e36efe7060fa830b4e291d56dee6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
385796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YAhDEIZviRtAqUUJMAYA942eYP7OzwfzMWveGUBn3Y9MPJPyeb6A6Y1KR93E03uqrvlc30U0qgTGAymoJ8sMZOKMNLEzYWzSuwoBsu4SVYqW7HMGChQ0IHbtezXbyjnEt0jCztdAAdK1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce1d430374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 03:12:13 GMT
contact.js
getmega.net/skin/default/js/ 		1 KB
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/skin/default/js/contact.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d67a5c8a1bff9e983ebe29339cf8adb1617104043c08a26309a937780337192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
472631
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvcaZrxMTXNAoIXURtDG2ZfkxzWz3wujPw%2FnuQyv%2F6b2GkP0cTMJRriqPVl8y75NnsMFWpQzyxkXPMhdlV%2BCBcXmuv0PEFT2ThAOLQlpvgaDcpZ7RP2RXViwVeMMFVbGUaWONyucev9zdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce1d460374-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Dec 2023 03:04:58 GMT
jquery-1.7.1.min.js
getmega.net/images/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/images/jquery-1.7.1.min.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
543017
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT63XrGnuT8ssOfzZTgIOEP5uevlKI3T0x5%2BRriKqj%2Bc%2BZAESbNxdWwOzWlFCgsg%2FgDVr5i7WN7lyUSy41ynqlW0nqdLsWwcisnvXx0LksvAdJBY1DHJhi6gqceQH8r7lk%2FKHMG8VeY9bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce1d470374-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 20 Dec 2023 07:31:52 GMT
ZeroClipboard.js
getmega.net/images/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/images/ZeroClipboard.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d63f4e75b9e087feff2e923e33115b636250ed58cc332d1585722e3f6ca77a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331471
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaHh%2FPiVBtH9Qs8NfkiH0gcDx2ou%2BouIS1kVrr9SxpmFuFNbCBsTHlyWD0etusc99JYyuhpYAD%2FTFbu8FAbn3G6d7GSXuKPtb5NEeDnkFYnJDQUVgGEP5zlZbR74VkcYDneQuCGxL%2BM57w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce1d480374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 18:17:38 GMT
sprintf.js
getmega.net/images/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/images/sprintf.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee3e55c69aea70b0ee6a4b3d6ef508b0251617d3d290c7c8ad145e9cee6ff6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
385796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI59q2U2o2evYUEIOKZ%2FvWeXTqzF%2Bhe3kFGpZHwCa6JR9%2F8RNKL3NlmAgNNjgbc1jtOBPIwxYLEpvCqeuHscysiiaJfGhEy0UZzstXPV8RFbLbAiDATKvDczus0jde3rG9VOOXlXu%2F%2Fzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce4d860374-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Dec 2023 03:12:13 GMT
ajax.js
getmega.net/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getmega.net/ajax.js?ver=1.0
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a699a97a72c9b4d542e19aba81aad06e65c5bb9734c49c2d65edf5f37077ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
579219
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G60Oi7Fh%2BvR4BZuZ2S1NkbV4dVPgBv4TGjAft3Kd2E6HDTsUtdsqbiPFIw2UYjzcbSqUp7ik9EryEBf%2FGf7uPMQJ4EgWkVqj7RVFxGVDjuhZR0et5Yk1TOkWQ5q0ID4oTk1cN40nJEJ3Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bce4d880374-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Dec 2023 21:28:30 GMT
story-bg.jpg
getmega.net/skin/default/img/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getmega.net/skin/default/img/story-bg.jpg
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425f6acddb53aeed6a04ed52be0d656fdf53548d3a4de09b057e8cc0df772571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51627
alt-svc
h3=":443"; ma=86400
content-length
221387
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TU0hGMkgbAzGhP%2BmffH8gKf3Y1V0G114AqT3Kj9EJY0geFE5E5ngrYJkUc2jhNzreN0SA1FjkvNa5F1s%2FjBN9SNyLxyL%2F6UtEKrmaktvEOeAz3hDx3hvZiTC1K7F%2FhDspE%2F53TWuPIgVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83804bce4d8b0374-FRA
expires
Tue, 26 Dec 2023 00:01:42 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://getmega.net/
Origin
https://getmega.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83804bcfad943630-FRA
/
getmega.net/ 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getmega.net/
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnhrS3r5%2B41lLLKYLpwi7%2FSyXbfcEXwYcaskau2CexHgv0mnByFXfNAakBDm5HXOSRegf1PKWheUAC3ynQidtYSJysB62HAieqUSbKOxoTq9vgyg05lJU5W3fbkaIPvS36uaadgT95RoTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
83804bcf2dd6f140-CDG
alt-svc
h3=":443"; ma=86400
priority
u=1,i
status.gif
getmega.net/skin/default/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getmega.net/skin/default/img/status.gif
Requested by
Host: getmega.net
URL: https://getmega.net/skin/default/css/templatemo-style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/skin/default/css/templatemo-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
439111
alt-svc
h3=":443"; ma=86400
content-length
3208
last-modified
Fri, 10 Apr 2020 14:52:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klfMDR3RO0PmmApzOdm7YFclM1jFEbmjTWb6qNFvEwOG9fqzdVjQ5OgOWOz57e76FfahEgDe%2F2zdpqGvG9NIcfCHU6sOzw%2BUWfDtBOZnnNSu3hP0JmoBqcONPmZEn2JuVOm2ZVp9pQ4vUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83804bcf3de2f140-CDG
priority
u=3,i
expires
Thu, 21 Dec 2023 12:23:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getmega.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:01:29 GMT
x-content-type-options
nosniff
age
462040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 06:01:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getmega.net/
Origin
https://getmega.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 05:49:22 GMT
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 14:22:09 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"744e1fa93653e48f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 14:22:09 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b7173500b4da676b471ad328e969f2364f74e051b4e03ccc53c9da63f98c43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 14:22:09 GMT
content-md5
nIvQKVuXpEc0nn+gPwyICw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
x-fb-debug
R9i0ZmJpaxrbTfalBoLjxLNr7R4VM37iRDsJTlnAkGrjCHmn3BIPkDaLDXed/Lj+Ct/4dLhSIyatyJIrIW/WvA==
x-fb-content-md5
e7a4bd3925b62f77f69b5eaf5135cbe6
cross-origin-opener-policy
same-origin-allow-popups
etag
"c1c701370cb8629da1995fd9e7560ba4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 19 Dec 2023 14:32:38 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8202d126a1bd9699b9d97ff51bf012337200b44be67f0f64140b16edd458e802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getmega.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 07:12:20 GMT
x-content-type-options
nosniff
age
457789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19332
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:03:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 07:12:20 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=52b3d7f97bbeb0ac765c4af541cac95f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a1488507bc46f6b298db3af01be4100805b648b446dc204af5759d1ae5ee685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://getmega.net/
Origin
https://getmega.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Dec 2023 14:22:09 GMT
content-md5
/fchSMqxJWwe7tP5+elEIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88320
reporting-endpoints
x-fb-debug
28PgL1/zn5JSTShy1nm1nT1PepVqjIyalW9ECLyUEnLWxRspmLqQCoFzAqrsozRC6/aLeMqwj3NqtQb+pkALuQ==
x-fb-content-md5
5305dbac17ed0c2b37d73107985cbe36
cross-origin-opener-policy
same-origin-allow-popups
etag
"d9740c399dfaa4cb1e396af1baee0180"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Dec 2024 12:21:00 GMT
zone
pertawee.net/ 		880 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/zone?pub=0&zone_id=5516908&is_mobile=false&domain=getmega.net&var=&ymid=&var_3=&tg=0&sw=3.1.471
Requested by
Host: pertawee.net
URL: https://pertawee.net/ntfc.php?p=5516908
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e5a186a51c91309682d3063204a2aa2d53be69220894596a70ccf4f5e94aac25
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id
935483c39204e9cd7149bf7f3d8675b7
date
Tue, 19 Dec 2023 14:22:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getmega.net
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
880
universal.min.js
pertawee.net/pfe/current/ 		86 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/pfe/current/universal.min.js?v=3.1.471
Requested by
Host: pertawee.net
URL: https://pertawee.net/ntfc.php?p=5516908
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 14:22:10 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 17:44:23 GMT
server
nginx
etag
W/"6564d577-1572c"
content-type
application/javascript
access-control-allow-origin
https://getmega.net
cache-control
no-cache
access-control-allow-credentials
true
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JY1RH5TFW1&gtm=45je3bt0v888860403&_p=1702995729771&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1747287464.1702995730&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702995730&sct=1&seg=0&dl=https%3A%2F%2Fgetmega.net%2F&dt=Get%20direct%20link%20from%20Mega.Nz%20-%20GetMega.Net&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1254
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JY1RH5TFW1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 14:22:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getmega.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JY1RH5TFW1&cid=1747287464.1702995730&gtm=45je3bt0v888860403&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JY1RH5TFW1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 14:22:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getmega.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JY1RH5TFW1&cid=1747287464.1702995730&gtm=45je3bt0v888860403&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=346753553
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 14:22:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2F12 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6cc9c36797904b612881d17dbf54829b83bf3b31e82533fb721a274974ad5b03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9wf4CDM5n97Etw7Dp7smLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://getmega.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9wf4CDM5n97Etw7Dp7smLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 14:22:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
custom
pertawee.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://getmega.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://getmega.net
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Dec 2023 14:22:10 GMT
server
nginx
custom
pertawee.net/ 		39 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://getmega.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
afc7a5b3038feb0038e0e1383000b7d5
date
Tue, 19 Dec 2023 14:22:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getmega.net
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sw.js
getmega.net/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://getmega.net/sw.js
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d6f7b1d83657e7251361ed862f71560d8a597f693121cf862b5f43c5e63176

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
344866
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Nov 2022 10:33:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtpDEI%2FS%2F0NAOMMmXUdZroCzsLdOXfHyhHW3VdE%2BE%2B2BwOoJS7MOsQ8Je6juHm5r1J6t%2FnpOET4nfpfBHham8opvb%2FsgIRWg3H1t%2B0fGDqtdjDKdZzCkCpvAUKFEgcErMA6Nzy8Oh5MarA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83804bd17942f140-CDG
priority
u=1,i
expires
Fri, 22 Dec 2023 14:34:24 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2F12 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 13:08:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2F12 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 05:49:22 GMT
custom
pertawee.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://getmega.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://getmega.net
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Dec 2023 14:22:10 GMT
server
nginx
custom
pertawee.net/ 		39 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://getmega.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0ebfc0fc7ee1e585b6bf5b2df99927ac
date
Tue, 19 Dec 2023 14:22:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getmega.net
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=2e1e669f15b24652b9f48675e3299f4c&zoneId=5516908&checkDuplicate=true&ymid=&var=
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e6f4acb39398db67d00165609a68b53e3408001937ddee9555db5ac48a5139f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getmega.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getmega.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
truncated
/ Frame 2F12 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2F12 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2F12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
66316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F12 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
399314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:26:56 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame 2F12 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 22:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
55392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 22:58:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 2F12 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt&co=aHR0cHM6Ly9nZXRtZWdhLm5ldDo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8nd70a4qu5bh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 19 Dec 2023 14:22:10 GMT
like.php
www.facebook.com/v2.9/plugins/ Frame 5858 		0
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26597e43de8f84%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=995&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=52b3d7f97bbeb0ac765c4af541cac95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getmega.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Dec 2023 14:22:10 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
x0WmLkDjratYyXKIsf+UYzB0SC4Fu97UvjsNVZDZ2R8NOtg6sIh3nImnwab2u3vKgZMkhpNHyksW52GjR1MNhw==
x-xss-protection
0
like.php
www.facebook.com/v2.9/plugins/ Frame 2712 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13de78d99e0ef4%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=52b3d7f97bbeb0ac765c4af541cac95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getmega.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Dec 2023 14:22:10 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
2s7uqcquu3vbMcfDndxWdDEO06fYV0Pdr9TI50ERobP6TD7PnHbxILjDCV5F/Y67B+BnjP9YPkFX7a8xZc6pGA==
x-xss-protection
0
like.php
www.facebook.com/v2.9/plugins/ Frame 5C2E 		0
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=425656991149455&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d3db53fec256%26domain%3Dgetmega.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgetmega.net%252Ff39bdf88257e38%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgetmega.net%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=40
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=52b3d7f97bbeb0ac765c4af541cac95f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getmega.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Dec 2023 14:22:10 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
PT+ws3umb1iBdviNl0BLJIofqyZd1R7vs3F9dPkxlv9u1wcxjh/6Hmp21RrAyWsZ3ks1miA5MWd53YYZZyUtUA==
x-xss-protection
0
custom
pertawee.net/ 		39 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Requested by
Host: getmega.net
URL: https://getmega.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://getmega.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
f727226463d6fc97760a276f9a2e61c1
date
Tue, 19 Dec 2023 14:22:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getmega.net
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
custom
pertawee.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pertawee.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://getmega.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://getmega.net
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Dec 2023 14:22:10 GMT
server
nginx
rum
getmega.net/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getmega.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://getmega.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json

Response headers

date
Tue, 19 Dec 2023 14:22:10 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://getmega.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83804bd39c5bf140-CDG
bframe
www.google.com/recaptcha/api2/ Frame 1609 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0ff8bedb402ef323aa1b5a4b5ba632f276c0999a7a5447627de839347d2ca52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0d2XqVcl7-mG68MvytBv8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://getmega.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0d2XqVcl7-mG68MvytBv8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 14:22:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 1609 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 13:08:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 1609 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LeCtgsUAAAAADMGUuS7MmuOD-QkcoEugtWNjbLt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 05:49:22 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture string| k object| _r4d8d3jrd2 object| 6c6qmkpdc9s object| zfgformats function| setImmediate function| clearImmediate function| _tqvnrn function| _pbayidqx function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| jQuery1113031156446813832295 object| ZeroClipboard function| sprintf string| loadimg string| loadcolor string| title string| colorname string| colorfile object| lang number| tong boolean| errorlogin number| auto_refresh function| showOrHide function| in_array function| get function| ajaxget function| reseturl function| checkacc function| donate function| makelist function| bbcode function| selectAllText string| placeholder object| FB object| gapi object| ___jsl object| __cfBeacon object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_730124 object| __buffer object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

6 Cookies

Domain/Path Name / Value
getmega.net/ Name: using
Value: default
getmega.net/ Name: owner
Value: 3362737750000
.google.com/ Name: NID
Value: 511=k1wP9W-Ukj2vBpHh9eIX3pY1iD9Ljxwj5LTMtE9xx5UHObuHuBT0FaZZL2LT0ACmFQBbvcdCpQ9oq136fpYRodNEF7wdTfs3rgPQ76-Lml5DJZQYB_c-_-urUwsvq6lwTcM5-zP346NGuCBOVVaAIGmUb787mFURLzGbIMwLtjs
.getmega.net/ Name: _ga_JY1RH5TFW1
Value: GS1.1.1702995730.1.0.1702995730.60.0.0
.getmega.net/ Name: _ga
Value: GA1.1.1747287464.1702995730
my.rtmark.net/ Name: ID
Value: 2e1e669f15b24652b9f48675e3299f4c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getmega.net
my.rtmark.net
pertawee.net
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
139.45.195.8
139.45.197.251
2001:4860:4802:34::36
2606:4700:3034::6815:5f48
2606:4700::6810:3865
2a00:1450:4001:803::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
1a1488507bc46f6b298db3af01be4100805b648b446dc204af5759d1ae5ee685
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
208145c4ba0270024ca9260c60e9ea1100b3acb1528c3020493759a0725f9df4
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705
32196b517594282208d3488171badccda1a59d25c74cc858b781be1600bea2a8
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425f6acddb53aeed6a04ed52be0d656fdf53548d3a4de09b057e8cc0df772571
43620d4167eed0aae2c452914018932e583aef5579f88ce738766f5cbfd5cb7f
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d67a5c8a1bff9e983ebe29339cf8adb1617104043c08a26309a937780337192
579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45
5b7173500b4da676b471ad328e969f2364f74e051b4e03ccc53c9da63f98c43e
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
5ee3e55c69aea70b0ee6a4b3d6ef508b0251617d3d290c7c8ad145e9cee6ff6d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
67b6be62877178717033a67cf6f025b9c2bdce446b0f434a6a824297a104b674
6cc9c36797904b612881d17dbf54829b83bf3b31e82533fb721a274974ad5b03
6ec92e6e5ea6bafad5e979a838b451f0cb9e36efe7060fa830b4e291d56dee6c
77a699a97a72c9b4d542e19aba81aad06e65c5bb9734c49c2d65edf5f37077ff
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8202d126a1bd9699b9d97ff51bf012337200b44be67f0f64140b16edd458e802
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c0ff8bedb402ef323aa1b5a4b5ba632f276c0999a7a5447627de839347d2ca52
c1433ca6dee55d1066ec306c75715a4142c21fa2647a8e97e80e0b619e332f51
c51b5491a8b7b3b1c75c2c51ac3e289b1f6f8c9fd75148bfdc1b09a63f3adf65
c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b
d63f4e75b9e087feff2e923e33115b636250ed58cc332d1585722e3f6ca77a34
d9d6f7b1d83657e7251361ed862f71560d8a597f693121cf862b5f43c5e63176
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a186a51c91309682d3063204a2aa2d53be69220894596a70ccf4f5e94aac25
e6f4acb39398db67d00165609a68b53e3408001937ddee9555db5ac48a5139f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881