www.fileplanet.com Open in urlscan Pro
104.27.203.89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fileplanet.com/it/memz-trojan
Submission Tags: falconsandbox
Submission: On November 19 via api (November 19th 2024, 4:26:00 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 62 HTTP transactions. The main IP is 104.27.203.89, located in and belongs to CLOUDFLARENET, US. The main domain is www.fileplanet.com.
TLS certificate: Issued by WE1 on October 9th 2024. Valid for: 3 months.

This is the only time www.fileplanet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	104.27.203.89 104.27.203.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.27.204.89 104.27.204.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:214... 2600:9000:214f:2800:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
4	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
3	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2600:9000:26e... 2600:9000:26e8:e000:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.68.171.69 3.68.171.69	16509 (AMAZON-02) (AMAZON-02)
62	15

33 104.27.203.89 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.fileplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fileplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.27.204.89 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fileplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:2800:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

fileplanet-1.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.134 (San Francisco, United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:e000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.171.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-171-69.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	fileplanet.com 1 redirects www.fileplanet.com cdn.fileplanet.com	272 KB
10	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5292 api.cmp.inmobi.com — Cisco Umbrella Rank: 18916	215 KB
5	disqus.com fileplanet-1.disqus.com disqus.com — Cisco Umbrella Rank: 1315 referrer.disqus.com — Cisco Umbrella Rank: 9536	27 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 19002 c.statcounter.com — Cisco Umbrella Rank: 11933	14 KB
1	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 6938	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	124 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
62	10

	Domain	Requested by
29	cdn.fileplanet.com	www.fileplanet.com cdn.fileplanet.com ajax.googleapis.com
9	cmp.inmobi.com	www.fileplanet.com cmp.inmobi.com
6	www.fileplanet.com	1 redirects www.fileplanet.com cmp.inmobi.com static.cloudflareinsights.com
4	fonts.gstatic.com	cdn.fileplanet.com
3	referrer.disqus.com	www.fileplanet.com
2	www.google-analytics.com	www.fileplanet.com www.google-analytics.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	c.disquscdn.com	www.fileplanet.com
1	disqus.com	fileplanet-1.disqus.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	fileplanet-1.disqus.com	cdn.fileplanet.com
1	c.statcounter.com	www.statcounter.com
1	ajax.googleapis.com	www.fileplanet.com
1	static.cloudflareinsights.com	www.fileplanet.com
1	www.statcounter.com	www.fileplanet.com
62	16

This site contains no links.

Subject Issuer	Validity	Valid
fileplanet.com WE1	`2024-10-09` - `2025-01-08`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.disquscdn.com Amazon RSA 2048 M02	`2024-07-30` - `2025-08-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.fileplanet.com/it/memz-trojan
Frame ID: FE08A418410EEB199989737983DD253C
Requests: 59 HTTP requests in this frame

Frame: https://www.fileplanet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 46379CF44674054C5DAB21E330D6912B
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=fileplanet-1&t_u=https%3A%2F%2Fwww.fileplanet.com%2Fit%2Fmemz-trojan&t_d=Memz%20Trojan%20-%20Download&t_t=Memz%20Trojan%20-%20Download&s_o=default
Frame ID: 30E5A79BAE88E5BC5F965D9325AFA033
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Memz Trojan - Download

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

47 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

751 kB
Transfer

2291 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.fileplanet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.fileplanet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request memz-trojan Show response
www.fileplanet.com/it/ 26 KB
9 KB 229ms
165ms Document
text/html 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3b088dff19b89c42a5b2585322c350b8dca894326d51fcf3030b77a488fc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e4d70686ca0e526-TXL
content-encoding: br
content-language: it-IT
content-type: text/html;charset=UTF-8
date: Tue, 19 Nov 2024 04:25:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrFXNMjWKCQ30xWq5Jf5Azl3CLkB7mrALfhnsb1lvQ3K4Q4CVBRU3mnosRvarfGb1UlOosKknT2CL8vm6olEK6b61h5rCXzbgI1g4CtOtCm2SpjWCWIkCkpQymw5xk6kWNJtUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=37949&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4315&recv_bytes=4500&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=175&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 comb-gr7-base.css
cdn.fileplanet.com/css/gr7/ 40 KB
9 KB 65ms
49ms Stylesheet
text/css 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/css/gr7/comb-gr7-base.css?v=1731594046857

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32046f4786556cf6855e410799eef948c20ab1137d96e35369c432ccc6049cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "a156-61e5ea9a8b792-gzip"
age: 367299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KYhAY3ZAaAjDZV%2BeAnVm8S4jKteEotzeCTYm9%2BqvRkTO61XrWaXztYBX6UU1yP8TAcZ3H%2FOiA1pAh1y0mzkE56ft%2BeSURVKCcshpcecT2m7IQckxwYkvGM9b4iVpKR7iCbLSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Nov 2026 22:24:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=24&recv=21&lost=0&retrans=0&sent_bytes=14570&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=254&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: text/css
last-modified: Mon, 29 Jul 2024 08:29:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af0de526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8615
server: cloudflare

GET
H3 200 comb-gr7-base.js Show response
cdn.fileplanet.com/js/gr7/ 371 KB
106 KB 99ms
84ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/gr7/comb-gr7-base.js?v=1731594046857

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91481c4d4b9084069b7688ea98d71015895d1902734348a6406ab5119ed0bf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "5cdff-565c971109703-gzip"
age: 367299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcwIiuOGnF9fiEVc9CWtBMJjWWX1DppbMKid5vaZeUuGYowRJbd%2BQKxFNRH6MBTf4GDwWkTVdJ%2FhWFq%2FUVddQyXaofCLiBpxB%2B6yaa42JVhGIqasOMpiQ1PFj9MDoTwuojHqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Nov 2026 22:24:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=33&recv=21&lost=0&retrans=0&sent_bytes=25181&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=259&x=1", cfHdrFlush;dur=32
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2018 09:12:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af0ae526-TXL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery.md5.js Show response
cdn.fileplanet.com/js/ 4 KB
2 KB 172ms
157ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/jquery.md5.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "f18-50201f3240440-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcLbbg5gyHuLotYFdEZ%2FpwjNfENoOI1QUcQl47bA2iNUMMsFdB1Lc0e2w31tTQnp1WA6OpV3iictk2AxkCmbqZtkbUbQuxmpK4t3l%2B%2FOhG3olmTXLo0yur9Bclt4uXcr3IwrIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=33&recv=21&lost=0&retrans=0&sent_bytes=25181&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=259&x=1", cfHdrFlush;dur=32
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Mon, 01 Sep 2014 14:38:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af0be526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1568
server: cloudflare

GET
H3 200 jquery.color-2.1.2.js Show response
cdn.fileplanet.com/js/gr7/ 16 KB
6 KB 48ms
46ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/gr7/jquery.color-2.1.2.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc1902c74fe6cb8e5db0e5785a34886a8c24dcaa3b6ddf96effa34508ce8524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3f97-54b4f79b5360e-gzip"
age: 973594
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljiMRKlfkTitrcvyJx2jTtfkYhBGf4d%2Fm2ULobWEUpt2y3%2FsvjcvWWPHhGyU00BuZI%2Fu7iFmRn%2FUnNRLiSiCt0TCuCglZ%2FhqwDeqKTLUIlzYU5uYE7pL0tHbX5MzuyQ7w5BksA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 07 Nov 2026 21:59:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=139&recv=83&lost=0&retrans=0&sent_bytes=142633&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=451&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2017 10:46:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae94ce526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5236
server: cloudflare

GET
H3 200 color-thief.umd.js Show response
cdn.fileplanet.com/js/ 6 KB
3 KB 65ms
61ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/color-thief.umd.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fd5c6dc5fa8656dc82046f9e0c5f3f52826c7bdcd10b4824319dd69637d008d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1994-5a4d4c0ba2540-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZCcuLJ%2BdlMhtuzDh4jdsvxs%2BuEQne5D8M9Cxp6RbkTAPLsF0KDO7bCGf3euKJc%2BuyTAtOJtARhK5CYXTc5oFzAzdBvJq7yGqags2dQqmECmKXcJwdtp9Y3iF%2BQDedq5O8tqYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=172&recv=83&lost=0&retrans=0&sent_bytes=177604&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=456&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 16:09:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae94de526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2648
server: cloudflare

GET
H3 200 color-thief-fp.js Show response
cdn.fileplanet.com/js/ 6 KB
3 KB 54ms
50ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/color-thief-fp.js?v=2

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3970e6ea352fd40113620ba000357fa9d815bee48f16523af14a65120b9aa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "169b-6101333c8566d-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wljBQnOwke1wgBsjfJ9RIruJ7CsFFd%2FE2Qc6yHd6peiVX7zh8aSF2%2FCPHpZBodoTaYgLBokibPtiYb4Xt%2F4R6FwhzyQ37nP5RTBvj%2BnFlRiHOZZ2or19Jl8nVgtZQNEf%2F0QYNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=155&recv=83&lost=0&retrans=0&sent_bytes=160122&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=452&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Mon, 29 Jan 2024 10:35:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae94fe526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2222
server: cloudflare

GET
H3 200 modernizr.js Show response
cdn.fileplanet.com/js/gr7/ 15 KB
7 KB 48ms
44ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/gr7/modernizr.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0d9548ceafb70534815653ccede7640d4607770133381a45b98158d6e6b87a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3ad0-5398f795ed859-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2WjCdRbdBGckPZGZB4FZT7h8%2FdLEXd6zaRbz4dn4kthWCQqyZKCx0aWyjYex19LMUOyAwLmW5d%2F6Ih%2Fu8EHFlSIIuAIk%2FCbc8s7QB%2Fa52UFYJWTnY6xr35oaxjQ19oIo8Qudw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=145&recv=83&lost=0&retrans=0&sent_bytes=148725&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=451&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2016 13:34:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae951e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6194
server: cloudflare

GET
H3 200 jquery.raty.css
cdn.fileplanet.com/css/gr7/ 608 B
964 B 63ms
49ms Stylesheet
text/css 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/css/gr7/jquery.raty.css

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcb96a97b126c94fb42996010ea96c585c2b466deb68b5a2627c60a1412dbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "260-547ef79274715-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lTDLvfZG5ksD8C4UUIKTNzp%2FWYz2QKjL8eK4Fo9NM3tPXwqmFyPeaE02nApCRIi%2FSyLDYr6yn9pF4kFSd%2BIvQNpA53u0Q03Mf%2FZJwuf25Jcxhut%2FssUnHB%2FX5AuGoDi%2BlP6HmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=23&recv=21&lost=0&retrans=0&sent_bytes=13583&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=252&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: text/css
last-modified: Tue, 07 Feb 2017 11:58:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af07e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 253
server: cloudflare

GET
H3 200 jquery.raty.js Show response
cdn.fileplanet.com/js/ 11 KB
4 KB 53ms
50ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/jquery.raty.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77282e409558e7ba342a344b7239a1d7967eb792a3fb9dc5d236d8f6b9db368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2b05-50201f3240440-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mqIffAiKM0CoLzIJ1k%2FkkX88AZld1b61LV5bhkNQr4d9p7%2FPt6ujnYAe8zKggYcjU6qdVCGhUG2qmCHYAK9bF7r%2FIRYtiv%2F6rBSHqtlOLmJ%2Bek6rnRtpaNZPadf3I9R0Mk96w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=151&recv=83&lost=0&retrans=0&sent_bytes=155776&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=452&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Mon, 01 Sep 2014 14:38:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae952e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3540
server: cloudflare

GET
H3 200 raty-inner-20190117.js Show response
cdn.fileplanet.com/js/ 2 KB
2 KB 56ms
52ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/raty-inner-20190117.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30cb07b1afaac52f76aa320c5a3c89716ad1ecb75e4b36a72a846c5c7986d1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "764-580088267ca3b-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXCvr9JU1POOavFkD9jQNFtH6IxO1T6lUs2j1Se%2Bx8WgEAkrIAJ7r4nvxWa%2B0UQMFaxFKdIldBmHOX2xp4TS6G62XjLRnc8k74RXFvKQVk3SK%2Flk20CDAf6uJ4eFYoH3Ga%2Btjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=163&recv=83&lost=0&retrans=0&sent_bytes=168379&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=454&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Tue, 22 Jan 2019 09:21:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae954e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 876
server: cloudflare

GET
H3 200 disqus-loader.js Show response
cdn.fileplanet.com/js/gr7/ 485 B
1 KB 66ms
63ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/gr7/disqus-loader.js?v=2

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561667687be39c87e8c9c720e93055ec71e669b4d8b4996b2e8024b4cd90b149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1e5-5dc8a2bbf39cf-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSzyhlPrnvvE3luMaOINgtT7HmvvtYhY2TBSXHZTDeHpfpi%2F856HBs1r5NV5IOiUPlmCBYOLe6m0EcBaX1Sp2Po8ygOAxYQs498OuowqWktS4icU93TUZJ5WTCEaOAerAtNNiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=165&recv=83&lost=0&retrans=0&sent_bytes=170013&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=455&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Wed, 13 Apr 2022 14:41:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae956e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 344
server: cloudflare

GET
H3 200 close.svg
cdn.fileplanet.com/images/gr7/ 679 B
1 KB 172ms
157ms Image
image/svg+xml 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/images/gr7/close.svg

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6afa206710c281b3e0e61166e3456e529d2ec392700b966d0b4370a7980f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2a7-5398f72741f0b"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5%2FWGaWTqovPZlRm25JhucxpNwdFzZytvOYHg6BFQsV71%2FJF7HIsiUK%2BO0QNuN3CJo5w5zgLxphF2mD5%2FiT7YUFJwbd%2F1tqJJHc5c7TIUbPhSCJpCi3X6q%2BogWAPvY2QXfigoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=33&recv=21&lost=0&retrans=0&sent_bytes=25181&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=255&x=1", cfHdrFlush;dur=36
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/svg+xml
last-modified: Mon, 08 Aug 2016 13:32:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af0ee526-TXL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 menu.svg
cdn.fileplanet.com/images/gr7/ 690 B
1 KB 64ms
48ms Image
image/svg+xml 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/images/gr7/menu.svg

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

105d8a94088b7f40c88b945e7f85aebe8a2008afcbae1949fc436e10151cfc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2b2-5398f729c09fb"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B32EFq6I7DtEFfyco5uV3sWiNWWO2Se2yAR7Uu5j0LCQBYcrOOicXNr334SHwgffDkHgjxuABTEPjm0Ju1PPHhtOgdaLuu1%2FwpR2lDnuuWusWQKBFWjzIJt1PpaLkv6Lv5b59Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37389&sent=32&recv=21&lost=0&retrans=0&sent_bytes=24082&recv_bytes=6941&delivery_rate=260859&cwnd=12000&unsent_bytes=0&cid=530f9506aaf004cf&ts=254&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/svg+xml
last-modified: Mon, 08 Aug 2016 13:32:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d7069af10e526-TXL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 logo.svg
cdn.fileplanet.com/images/gr7/ 1 KB
1 KB 100ms
100ms Image
image/svg+xml 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/images/gr7/logo.svg

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79e25c0f41d40227b3de134c7866c6e99659daab3fbf27d16090687eed2de0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"565-5398f727cd975"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEqqzEQetm350oKaDjliY0fMDHDfb8I4WbTka40p9HXtPzGt7r7h0Kw6Jqw6Yb4s5M%2FSpd04Rm%2BiSxJKX%2Fwbo1slu%2FWNLPJmZ5zQb1OTa4EXd68%2F%2BgroZ3znQ39AcggR1Z9cyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42830&sent=52&recv=27&lost=0&retrans=0&sent_bytes=45604&recv_bytes=7557&delivery_rate=239794&cwnd=20400&unsent_bytes=0&cid=530f9506aaf004cf&ts=309&x=1", cfHdrFlush;dur=16
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/svg+xml
last-modified: Mon, 08 Aug 2016 13:32:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706a0fabe526-TXL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 search-header.js Show response
cdn.fileplanet.com/js/gr7/ 1 KB
1 KB 47ms
46ms Script
application/javascript 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/js/gr7/search-header.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3334017214910e5709cc4d0dd8d5caf9b3d6164c7c123b5c137dd55d02a6fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "52c-57058ff5e6854-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HS5Tp%2BYvQzIgdVosyermqkJ24NE%2Fue%2FrKy9WCwQzqsYQ5mcw5J6Ij7EH99hfieJDJhDYY6yLrUYt3u4%2F%2BXm%2F4w6FeMjaRhf2dm78k4SlRkPnKHt2JIOkFILo%2BEKMfgwep1nD0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=135&recv=67&lost=0&retrans=0&sent_bytes=141158&recv_bytes=9610&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=417&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
last-modified: Fri, 06 Jul 2018 18:40:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ab8ebe526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 666
server: cloudflare

GET
H3 200 memz-trojan-100x100.png
cdn.fileplanet.com/gen/ 11 KB
12 KB 169ms
114ms Image
image/png 104.27.204.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/memz-trojan-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.204.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70f280c2332acbecef3ec314f31a699e9bdd8908f2654d18e59b50e1dbf158e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "2dc3-62375533bcd8e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2FfYASDUui5AcNc2UCuVAUV9ZsedJPHWHkGTiJ3sb8ki%2BFfgWH%2BuYTIpIUXt4G1WLqYTFJNRKiLEtCy9DCGiVJCkhCLKeTZ%2BV6yz%2FhlRyV8D8GsXyG%2BJ7Wy60KfzEnvdcWkpvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35271&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4314&recv_bytes=4449&delivery_rate=17356&cwnd=12000&unsent_bytes=0&cid=38bcfe7819a9ac1d&ts=128&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 02:37:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706b0baf4541-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11715
server: cloudflare

GET
H3 200 dbutton-nf.png
cdn.fileplanet.com/ 4 KB
5 KB 55ms
54ms Image
image/webp 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/dbutton-nf.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84dafd5d737bbc74cd077a40846e049e373df4e53b8e397d2dc69fc51cba86cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-bgj: imgq:85,h2pri
etag: "1bb9-5e0ecbcedfede"
age: 21225
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdozixMUDf8gg1U797jz4H5w1Qa%2FG3Kjjp9WsvqfAjGiPwnFBVRdw1Dg0Fb3sSL3T%2F5cjezoLQ8e2PIxuUc5Wn0GYUGX2PaazI70dDvYzo3RgBb22SjCrqPLVjOcTbiALrbtaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 18 Nov 2026 22:32:10 GMT
cf-polished: origFmt=png, origSize=7097
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=158&recv=83&lost=0&retrans=0&sent_bytes=163127&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=453&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/webp
content-disposition: inline; filename="dbutton-nf.webp"
vary: Accept
last-modified: Wed, 08 Jun 2022 09:57:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae94be526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4354
server: cloudflare

GET
H3 200 hxd-100x100.png
cdn.fileplanet.com/gen/ 12 KB
13 KB 133ms
130ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/hxd-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c4fa5e79d640cd3340e2fadd342215c1bf2e6a02eb96977e30f1df57449f891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "31f9-623750d714364"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bd24U1RuRrlO6gHUjn%2FggQs74hsjHui4rTNtdX%2BVC%2F93BFbkWYx8LcMFo%2FnfkOcc3FbMxzK0ap3pTZ984qHi%2FheWU%2FcAy16U3bIwjzUBvwxFnQ9lw%2FIcMUGQjkXj%2FWS1t2M6Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=234&recv=88&lost=0&retrans=0&sent_bytes=249173&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=534&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 02:18:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae957e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12793
server: cloudflare

GET
H3 200 eclipse-100x100.png
cdn.fileplanet.com/gen/ 8 KB
8 KB 118ms
115ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/eclipse-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30bf68115317bda74b72821479f0f328ad11df8555a0c570404c689eda85f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "1f24-6236711b1c495"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEeb9Xe%2FMhFQZBnfw1iFpbADrwn6NbT1ApFQcBkHx3R4kLOryU8ct5kVGOvhX7OmDmkkl6RnMRzOWo7MTKVKorhKWWKsVqdCg75wG4GDirYtZQRxwKKL4eFaLoVM02hrQLelRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=191&recv=88&lost=0&retrans=0&sent_bytes=199495&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=522&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Tue, 01 Oct 2024 09:37:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae958e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7972
server: cloudflare

GET
H3 200 windows-installer-100x100.png
cdn.fileplanet.com/gen/ 8 KB
8 KB 119ms
117ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/windows-installer-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b62a9afb651cd6792ad8feb28d9a0e0d8a6afe859fc5f0aa0ca757aed07e0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "1eee-616e98b6f0eb1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxcrHNiJn0TrVbAJtbgwpiCwhQgr02809%2FR7A1L2ERjoxWhJoVu%2B55V70LnKqMrOPg%2FzLJ9Yg6iPoUwOgjJjHeOjpPCLIbog0%2BqnFzJYnyI2lnrl9BxmGm%2FGk0HEC6i0xsao4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=199&recv=88&lost=0&retrans=0&sent_bytes=208363&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=524&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 10:49:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae95ae526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7918
server: cloudflare

GET
H3 200 winhex-100x100.png
cdn.fileplanet.com/gen/ 16 KB
17 KB 112ms
109ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/winhex-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70d8e3aab7e047277c26e96f2cf545678db291fc1008afb0889dca93d571b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "3f7f-6237661615d7c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPnInHsocxRL3rnuPz9JmHe3uMSMWDC2%2FAuWSX1numcggMopyOf8y5Yaa62IycTzYV9T98AXz2EkP06NQ7nfh7TCjKdOc8tG9ovPxkqTs6u%2F%2FgmMQrxt%2Bl3CoBpBs8Fxc2egSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=176&recv=88&lost=0&retrans=0&sent_bytes=182164&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=516&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 03:53:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae95be526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16255
server: cloudflare

GET
H3 200 hxd-portable-100x100.png
cdn.fileplanet.com/gen/ 15 KB
16 KB 132ms
129ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/hxd-portable-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d76747fb5c07f2b83c5a4101fa431b0c52903d36596c71072b14413332937ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "3cbe-623750d20549d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMfodMnvGnU6QvpiNqISSW5ZBbENpF%2B9JZRq3yff1xrn9v2CTcRHAU%2B2xpw4QUeUj20pTa0IGJ0cDgXMWkOt7b4abj%2FDrsEfO22osbwNA63TSv5pH6Cf1rBJnl1uKMB4RQkrwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=220&recv=88&lost=0&retrans=0&sent_bytes=232574&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=533&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 02:18:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae95ee526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15550
server: cloudflare

GET
H3 200 installshield-professional-100x100.png
cdn.fileplanet.com/gen/ 14 KB
15 KB 130ms
127ms Image
image/png 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/gen/installshield-professional-100x100.png

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0173946f5e21428a5f0e376de4f523013af1301e27a19a732626f0fbb16f60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cf-cache-status: MISS
etag: "381b-62375189cb3f9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGB%2FoIDAuJIxraMspk2R2mX%2FI9vFrZ5DZ7NxaQUPPSJxALOJ6%2FRdQLWRaGYm2TfRKPb%2FEarMV%2FDsim2onmsu1v0o5%2F9zFGSjFmSmK4hk53FDAHj%2FySxwZszcfd7euQdFhq2RRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36471&sent=207&recv=88&lost=0&retrans=0&sent_bytes=217179&recv_bytes=15721&delivery_rate=770867&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=530&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/png
last-modified: Wed, 02 Oct 2024 02:21:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae95fe526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14363
server: cloudflare

GET
H3 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 99ms
44ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"673b1471-8a75"
age: 17532
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fq2m3HWK2uHirVXKuLwWRQrzFOoKtPK%2FptP%2FxcxHQAZsA%2FopKHzqCs0efxtnLW63R2E7mIWHLsKKNf228tL8X1VkazkwgoXhbE5qzmhhzEQAAabwwhOQ665i8gQbbWdKZ2xOXFqj"}],"group":"cf-nel","max_age":604800}
expires: Tue, 19 Nov 2024 11:33:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35969&sent=13&recv=8&lost=0&retrans=0&sent_bytes=6368&recv_bytes=4303&delivery_rate=146627&cwnd=12000&unsent_bytes=0&cid=a95f90796a7dbf3a&ts=53&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 10:18:25 GMT
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706b3c4fe52f-TXL
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 138ms
47ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e4d706b7ed63819-FRA
access-control-allow-origin: *
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/af9H96ewMhx4A/fileplanet.com/ 7 KB
3 KB 145ms
39ms Script
application/javascript 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/af9H96ewMhx4A/fileplanet.com/choice.js?tag_version=V3
Requested by: Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fc211c80d0437e05f8c003fcb010ce35f1db1e421b800352f419158e995a8ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/

Response headers

vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control: max-age=900
content-encoding: gzip
etag: W/"85f034de54e8cb192301e27d22fe1d24"
age: 35
cross-origin-resource-policy: cross-origin
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: pXUwyf8uK_aqBf6nmxbfZ9VGL34NXMnQG7lf194V2g1_JUemre-ATw==
date: Tue, 19 Nov 2024 04:25:44 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 07:30:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
age: 3348
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 05:30:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 03:30:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
age: 443056
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 01:21:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 01:21:39 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H3 200 background.jpg
cdn.fileplanet.com/images/gr7/ 5 KB
6 KB 59ms
58ms Image
image/webp 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/images/gr7/background.jpg

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/gr7/comb-gr7-base.css?v=1731594046857

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30893d037dffb69529112557b87bce30f6f897241d07f26f4ec37f9310db451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.fileplanet.com/css/gr7/comb-gr7-base.css?v=1731594046857

Response headers

cf-bgj: imgq:85,h2pri
etag: "146f9-5398f7289ba65"
age: 14700
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyX5kpVtadPiXE3nrYMwxdhvi9H3pMhEz6OqGnvy%2F6qvMSoAHG2Fc5bH5pSoYp2eCaGxTfBi3mAXNAELAMWrcgnqrglsyyH5D6xiLPFED65uSCIyaYss74RlgwIHD1ywEgbK2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 00:20:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=83705
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=166&recv=83&lost=0&retrans=0&sent_bytes=171086&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=455&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/webp
content-disposition: inline; filename="background.webp"
vary: Accept
last-modified: Mon, 08 Aug 2016 13:32:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae961e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5580
server: cloudflare

GET
H3 200 search-1.png
cdn.fileplanet.com/images/gr7/ 320 B
1 KB 62ms
61ms Image
image/webp 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.fileplanet.com/images/gr7/search-1.png

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/gr7/comb-gr7-base.css?v=1731594046857

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3c48e15e940542dbf810dc4ab12e2cec831e74035af566ae3ee1b59bae1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.fileplanet.com/css/gr7/comb-gr7-base.css?v=1731594046857

Response headers

cf-bgj: imgq:85,h2pri
etag: "28d-54b558212942b"
age: 2030194
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b64Qy6jJVE6qXr18%2Bf%2BL%2Frkts0FbAh3PBEHXuKMSM5nLEjPhjhN3XsBnDSrvI5YBS%2FCcGsPTZKN6ZvnH%2B4j5QpGcYBpXZEWYVZXDVXaMs%2BPbAwWSWtuG0CCAwgq8PUDbqd0bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
cf-polished: origFmt=png, origSize=653
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36054&sent=175&recv=83&lost=0&retrans=0&sent_bytes=181033&recv_bytes=15499&delivery_rate=1541097&cwnd=79200&unsent_bytes=0&cid=530f9506aaf004cf&ts=458&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: image/webp
content-disposition: inline; filename="search-1.webp"
vary: Accept
last-modified: Wed, 22 Mar 2017 17:58:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706ae963e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 320
server: cloudflare

GET
H3 200 t.php Show response
c.statcounter.com/ 192 B
1 KB 202ms
196ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11927885&u1=985ED48766B147B291A5C907B883AEB7&java=1&security=c02119bb&sc_snum=1&sess=697241&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.fileplanet.com/it/memz-trojan&t=Memz%20Trojan%20-%20Download&invisible=1&sc_rum_e_s=597&sc_rum_e_e=601&sc_rum_f_s=0&sc_rum_f_e=596&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=933oCdAc0r5kSe8pr4S5%2B%2FVfX85d%2FGZedDhwC%2BRVvHUtSxznHBKlaUD2pQ5ljJXso7nlMui0VHAsbNCPnlIF8y0IkHHR%2B%2Fjs%2FAdEBViKZXvf0wqJcEd%2FEikypFBtcJxZPhuzoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4d706bdd3ae52f-TXL
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.fileplanet.com
alt-svc: h3=":443"; ma=86400
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
server-timing: cfL4;desc="?proto=QUIC&rtt=40776&sent=28&recv=18&lost=0&retrans=0&sent_bytes=20230&recv_bytes=5280&delivery_rate=183331&cwnd=19200&unsent_bytes=0&cid=a95f90796a7dbf3a&ts=300&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/json
server: cloudflare

GET
H3 200 raty-fonts.css
cdn.fileplanet.com/css/font-loaders/ 375 B
869 B 45ms
45ms Stylesheet
text/css 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/css/font-loaders/raty-fonts.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99e5d6219177532dc28057fa8923279a0681297e8b569b5b595a694bf45c0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "177-547f06cffe491-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHsq3L%2Fj27vCYisEvrjik3WcXgvFJhxz2ed75FeoFlP8SiE9R2hGMDxAQ0C1Lbt7NTM0M1K%2FJxasNJFcPupC%2FwT23KiqpfIryMiA2KXY0oUbXz%2Fw3soc7bJ0VWzL0Wpi3thQww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37795&sent=251&recv=98&lost=0&retrans=0&sent_bytes=264709&recv_bytes=17303&delivery_rate=1672420&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=594&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: text/css
last-modified: Tue, 07 Feb 2017 13:07:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706bcae0e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 161
server: cloudflare

GET
H3 200 gr7-fonts.css
cdn.fileplanet.com/css/font-loaders/ 8 KB
2 KB 44ms
44ms Stylesheet
text/css 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/css/font-loaders/gr7-fonts.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115e1fe194e82212af1478162b2eba354eab9a5037844c423a9322a711d75b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2000-547ee4e82c802-gzip"
age: 2030194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m00n7Fwex382r3KfFLpxMY%2BtdVhfbNfPTb7MRj9RfiOx8CgewJzXi4T73XFo%2FWIxtlND%2F3zsA6MPMlyZEGKqWI1yfvdtYAtsVcRXaaUdqQss58vB5U4%2FUPlxfyvnlsWbpXHtIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 26 Oct 2026 16:29:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37795&sent=249&recv=98&lost=0&retrans=0&sent_bytes=263045&recv_bytes=17303&delivery_rate=1672420&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=594&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: text/css
last-modified: Tue, 07 Feb 2017 10:35:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706bcae3e526-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 905
server: cloudflare

GET
H3

200

main.js Show response
www.fileplanet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 4637
Redirect Chain

https://www.fileplanet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.fileplanet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

43ms
42ms

Script
application/javascript

104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fileplanet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26246283db21e773e30ae14fbbbbba518a066d54c6b81cb06c340db6b7e64afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbIUIRXSKxtlQtlb3FT6C7738dNL%2Fwu9l9F%2B3tO3v4Ka9t6ZAl4pA5BTRIH6vvIfUYpVLKRswDCJKRxyQGSiNEcx5sONJJQuY2w02tZdoLFcqFjBWNkg%2BFsaXrXzFDEyD8BZbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4d706c3bcbe526-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37849&sent=254&recv=100&lost=0&retrans=0&sent_bytes=266337&recv_bytes=17796&delivery_rate=71716&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=659&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kw8%2FT0PVU4nHq6w7beTRwsI7gQdd%2F0ShWYme1HQADxm06ih4ybsfPcVKrBL5zw1ljsODXP8i22ikYAygCg78nBuijKphPFGfC%2F2fIMcVdBbmlWqsanJlNMvK4Ifg71dT0BruQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4d706bdafae526-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=37795&sent=252&recv=98&lost=0&retrans=0&sent_bytes=265602&recv_bytes=17303&delivery_rate=1672420&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=596&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK embed.js Show response
fileplanet-1.disqus.com/ 80 KB
26 KB 302ms
201ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fileplanet-1.disqus.com/embed.js

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/js/gr7/disqus-loader.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

f558f71c4902ba08c370abb0311ad58569b3ca941403cd4dce38fcb6496016ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control: private, max-age=60
x-service: router
content-encoding: gzip
Age: 0
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 26330
Date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: application/javascript; charset=utf-8
Vary: Accept-Encoding
server: openresty

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
47 KB 45ms
45ms Script
text/javascript 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/af9H96ewMhx4A/fileplanet.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
age: 4218
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-qc-ineu: True
x-cache: Hit from cloudfront
x-amz-cf-id: CSUD2W4ezLTo_i4wmiexRWKpbcaTbXXVbEG7iqKQXjuIDSuq7PaEGg==
date: Tue, 19 Nov 2024 03:15:37 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
cache-control: max-age=172800
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
436 B 50ms
50ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=175951620&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fileplanet.com%2Fit%2Fmemz-trojan&ul=de-de&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1801124567&gjid=1149752907&cid=89469651.1731990356&tid=UA-81936929-1&_gid=249496065.1731990356&_r=1&_slc=1&z=2138517099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5fe9ae23cdd21b0d3ea57b65a0853616e60823a8506f215d7645ded18a3f3b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 04:25:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.fileplanet.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 raty.woff
cdn.fileplanet.com/fonts/jquery.raty/ 2 KB
2 KB 58ms
57ms Font
application/font-woff 104.27.204.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/fonts/jquery.raty/raty.woff

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/font-loaders/raty-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.204.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://cdn.fileplanet.com/css/font-loaders/raty-fonts.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"704-53b46637b3bee"
age: 277395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vj3%2F9gQ22Zh9%2FCBsl25HX3ddNr7rO0rhP3scOlBoE5SdHKM8IifkdrMmNuga7sIVcERA8g4osDkvjq3X8RAxGUjy562twxAbQ4KHWzOADFkhxAHZHFFrEyNBMOz%2FeLFLUsN2dA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 15 Nov 2026 23:22:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35495&sent=25&recv=17&lost=0&retrans=0&sent_bytes=17058&recv_bytes=5094&delivery_rate=12389&cwnd=24000&unsent_bytes=0&cid=38bcfe7819a9ac1d&ts=242&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:55 GMT
content-type: application/font-woff
last-modified: Tue, 30 Aug 2016 09:13:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d706c1c484541-TXL
access-control-allow-origin: *
server: cloudflare

GET
H3 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
15 KB 118ms
70ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/font-loaders/gr7-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://cdn.fileplanet.com/

Response headers

age: 42501
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 16:37:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 16:37:34 GMT
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15572
x-xss-protection: 0
server: sffe

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 104ms
56ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/font-loaders/gr7-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://cdn.fileplanet.com/

Response headers

age: 388613
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 16:29:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 16:29:02 GMT
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16276
x-xss-protection: 0
server: sffe

GET
H3 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 87ms
39ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/font-loaders/gr7-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://cdn.fileplanet.com/

Response headers

age: 478642
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:28:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:28:33 GMT
last-modified: Mon, 27 Apr 2015 23:45:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16164
x-xss-protection: 0
server: sffe

GET
H3 200 DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 129ms
82ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: cdn.fileplanet.com
URL: https://cdn.fileplanet.com/css/font-loaders/gr7-fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.fileplanet.com
Referer: https://cdn.fileplanet.com/

Response headers

age: 31724
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 19:37:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 19:37:11 GMT
last-modified: Mon, 27 Apr 2015 23:46:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16152
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 372 KB
124 KB 150ms
57ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FY7WC4S6RP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cac72dd074536deacd092081c23a81f816cb001d72337b8cdc7c3d8d2377542e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 19 Nov 2024 04:25:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 126764
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 118ms
39ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-expose-headers: *
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: hfuKe_vl5blJZcqfrJYYxDJUxGIM4mgC-Bojnqr4ecXb2KKd9c1uvQ==
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: application/json
x-amz-cf-pop: FRA53-C1
server: CloudFront

POST
H3 200 8e4d70686ca0e526 Show response
www.fileplanet.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4637 0
1 KB 46ms
40ms XHR
text/plain 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fileplanet.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4d70686ca0e526

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhxoW6VQSInBm8QdTSExjea9HysDQsLDMT8MgEaml7XWwE%2FYnEAdXNqw76m22FulApTh18oLMbQ7%2B7qVEaWZYl1KfB3GXb2BC0Tta8BQZKdeT1TnFvC0qUkKLXvLLeUesP56uw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4d706d1da9e526-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37542&sent=263&recv=116&lost=0&retrans=0&sent_bytes=270950&recv_bytes=35142&delivery_rate=91432&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=799&x=1", cfHdrFlush;dur=0
content-length: 0
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 consent Show response
www.fileplanet.com/api/ 2 B
839 B 68ms
68ms XHR
application/json 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fileplanet.com/api/consent

Requested by

Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7Gxq6S4gJlieBhHCIqHF8HoNk6rPKfqH0i56dlBCaPcGDqcQZ1t1svH6dsgU8JFvHBOGAbbww5QeMzYVJ7%2Bu8Yu9MF8vkXFIGtkLK5Am%2FTkwqZFcN4OxSSemh3Lf6LAQMVQCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37154&sent=265&recv=118&lost=0&retrans=0&sent_bytes=272154&recv_bytes=35685&delivery_rate=21867&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=851&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: application/json;charset=ISO-8859-1
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Pragma, Upgrade-Insecure-Requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e4d706d5df9e526-TXL
access-control-allow-origin: https://fileplanet.com
server: cloudflare

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 20 KB
4 KB 42ms
41ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de3ad2ee90e0fa6f54045ef91d64c3c809c2fd9f359bbcceda7888f3ddca5bf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"572d4290d1e6c83b02df68f7df48df21"
age: 5113
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: wB5WqnuFQ16GeGDvC7DwsjhebyTO8NnOMridUufXoZpJxqbKy8NAVQ==
date: Tue, 19 Nov 2024 03:00:44 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 19 Nov 2024 03:00:42 GMT
cache-control: max-age=172800
access-control-allow-credentials: true
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cmp2ui-it.js Show response
cmp.inmobi.com/tcfv2/53/ 314 KB
80 KB 45ms
45ms Script
text/javascript 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-it.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f397b54bffc25b8d5a2eef044be7876be02cc6177ad3cc7be097c07f6001b6b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"47eff5964d6db40e2d9f5c27f05eb185"
age: 5456
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: kkeVyLejjBaVBQUkpqSpXVwuk3WzEx5tZRg2Xr1j4TAFmbgn-pSGzQ==
date: Tue, 19 Nov 2024 02:55:02 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 03 Jun 2024 09:45:42 GMT
cache-control: max-age=172800
cross-origin-resource-policy: cross-origin
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v2/ 360 KB
43 KB 47ms
47ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"e2bcee663677e0a88f6ed90c9cd0c496"
age: 43223
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: 30KZQqlZb5J3KwElN6ALwkbh8lUlnJbJEjzBP4Z7il_l23_3wYyOvQ==
date: Mon, 18 Nov 2024 16:25:34 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 14 Nov 2024 23:59:20 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 140 KB
33 KB 88ms
87ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"45f51a68f17a056971afffb18ca38d60"
age: 5130
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: OuzrnAyGsjUTgunij0pJx0bd9-fzt3ImueTlis0z0gCZVM54PTul7Q==
date: Tue, 19 Nov 2024 03:00:27 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 19 Nov 2024 03:00:24 GMT
cache-control: max-age=172800
access-control-allow-credentials: true
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 143ms
46ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FY7WC4S6RP&gtm=45je4be0v9125532747za200&_p=1731990355883&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102077855&ul=de-de&sr=1600x1200&cid=89469651.1731990356&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.fileplanet.com%2Fit%2Fmemz-trojan&dt=Memz%20Trojan%20-%20Download&sid=1731990356&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=998
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FY7WC4S6RP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.fileplanet.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 30E5 0
0 255ms
164ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=fileplanet-1&t_u=https%3A%2F%2Fwww.fileplanet.com%2Fit%2Fmemz-trojan&t_d=Memz%20Trojan%20-%20Download&t_t=Memz%20Trojan%20-%20Download&s_o=default

Requested by

Host: fileplanet-1.disqus.com
URL: https://fileplanet-1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fileplanet.com/it/memz-trojan
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2791
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 19 Nov 2024 04:25:56 GMT
ETag: W/"lounge:view:7282945423.07b04390c58c7788f7c76fd8a0406927.2"
Last-Modified: Thu, 14 Nov 2024 19:17:24 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 221ms
131ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=lounge.loading.view

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
x-content-type-options: nosniff
Content-Length: 43
x-xss-protection: 1; mode=block
Date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx

GET
H2 200 disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg
c.disquscdn.com/next/embed/assets/img/ 1 KB
2 KB 137ms
38ms Image
image/svg+xml 2600:9000:26e8:e000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/disqus-social-icon-dark.a621bea3e02c9fa04fd3965a3d6f424d.svg

Requested by

Host: www.fileplanet.com
URL: https://www.fileplanet.com/it/memz-trojan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:e000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/

Response headers

surrogate-key: next
etag: "66f6bd2d-412"
age: 4297354
x-content-type-options: nosniff
expires: Tue, 30 Sep 2025 10:43:22 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: EcPUbob0hY2vTUnm14MMqMdXNHt2UKu6CLL8adT6ADp_w87OGGhL6Q==
date: Mon, 30 Sep 2024 10:43:22 GMT
content-type: image/svg+xml; charset=utf-8
last-modified: Fri, 27 Sep 2024 14:11:57 GMT
x-cache-hits: 0
x-served-by: static-web-1
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1042
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: nginx

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 132ms
38ms XHR
text/plain 3.68.171.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22af9H96ewMhx4A%22%2C%22domain%22%3A%22www.fileplanet.com%22%2C%22publisher%22%3A%22FilePlanet%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%223Tlb31T0nZuo1Myb7zKZXQ%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1731990356277%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-dhd0c2sjkcoj9xjdvuht%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-it.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.68.171.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-171-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-allow-origin: *
content-length: 2
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 42ms
42ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-it.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-expose-headers: *
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: p0YQ_mN6TpcUmmwpI6g_xbsZvNLhnQK3c0wvpllq74OwGv8AzctVjw==
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: application/json
x-amz-cf-pop: FRA53-C1
server: CloudFront

GET
H2 200 purposes-it.json Show response
cmp.inmobi.com/GVL-v2/ 32 KB
5 KB 41ms
41ms XHR
application/json 2600:9000:214f:2800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/purposes-it.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=fileplanet.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e95798788b1b364e08172ea8c5cc534d61f6b642fdddaf189d68076e2e2ef061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"eef14df4acafb97ef91adb449ad7234a"
age: 9422
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: OFxmx0i9aN_ePOVt4y2mv0myR6NxBnz_V_7rpmQqIVqscSMc3gD_zg==
date: Tue, 19 Nov 2024 01:49:13 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 14 Nov 2024 23:59:21 GMT
cache-control: max-age=86400
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 204 rum Show response
www.fileplanet.com/cdn-cgi/ 0
143 B 40ms
39ms XHR
text/plain 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fileplanet.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e4d70723e42e526-TXL
access-control-allow-origin: https://www.fileplanet.com
date: Tue, 19 Nov 2024 04:25:56 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 memz-trojan-favicon_i.ico
cdn.fileplanet.com/gen/ 1 KB
1 KB 95ms
95ms Other
image/vnd.microsoft.icon 104.27.203.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fileplanet.com/gen/memz-trojan-favicon_i.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.27.203.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d03c8879ad32d0756a965c85178ff2215aaca3ace158a83243d444835dc50bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"47e-623a80df409b9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ozvY2Df49HmUPJhcaqQpYAEWb7REtf18Paxz8FA8ysA5UHLnW3C%2FkHCJ68rlVUWosFqA8tdkJuU1%2BJhLQOdBz4%2BVhHSkiMsOLbsPGIAyNlx1aldjph8XzFi9khQKMYadedzIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 2026 04:25:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37981&sent=269&recv=124&lost=0&retrans=0&sent_bytes=273232&recv_bytes=39540&delivery_rate=3428&cwnd=91200&unsent_bytes=0&cid=530f9506aaf004cf&ts=1677&x=1", cfHdrFlush;dur=0
date: Tue, 19 Nov 2024 04:25:56 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 04 Oct 2024 15:09:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=63072000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4d70724e47e526-TXL
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 134ms
131ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=cmp.present

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
x-content-type-options: nosniff
Content-Length: 43
x-xss-protection: 1; mode=block
Date: Tue, 19 Nov 2024 04:25:57 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 201ms
126ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.fileplanet.com/it/memz-trojan

Response headers

Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
x-content-type-options: nosniff
Content-Length: 43
x-xss-protection: 1; mode=block
Date: Tue, 19 Nov 2024 04:25:57 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fileplanet.com/fileplanet	1969-12-31 23:59:59	Name: JSESSIONID Value: 8DDBFBD436C3B393087131BA660B4388
.fileplanet.com/	1970-01-21 01:07:56	Name: utmsr Value:
.fileplanet.com/	1970-01-21 01:07:56	Name: gclid Value:
.fileplanet.com/	1970-01-21 01:07:56	Name: msclkid Value:
.fileplanet.com/	1970-01-21 01:07:56	Name: tprov Value: other
.fileplanet.com/	1970-01-21 10:42:30	Name: sc_is_visitor_unique Value: rx11927885.1731990356.985ED48766B147B291A5C907B883AEB7.1.1.1.1.1.1.1.1.1
.fileplanet.com/	1970-01-21 10:42:30	Name: _ga Value: GA1.2.89469651.1731990356
.fileplanet.com/	1970-01-21 01:07:56	Name: _gid Value: GA1.2.249496065.1731990356
.fileplanet.com/	1970-01-21 01:06:30	Name: _gat Value: 1
.statcounter.com/	1970-01-21 10:42:30	Name: is_unique Value: sc11927885.1731990355.0
.statcounter.com/	1970-01-21 10:42:30	Name: is_visitor_unique Value: 1731990355357845527
.fileplanet.com/	1970-01-21 09:52:06	Name: cf_clearance Value: L7Ow2F2JgLzU4wjr6GhTUzMkT.2azV8dWOtzTHDJSok-1731990356-1.2.1.1-uZYp1PIF2EFAzahCMIeMglGpMaxFyDSgG2IxRSB.8JMjxIOIHqf1TLqg_zwqW6tSbGeqCj2dlXBfdoXZotgRXxc3BvKCfksvKoRKxzuRyHnhmnWrx7t6yHQhbKqUSXD.042fwb6N1P5lVi7qO09XMAXg_Rj.OKfVsDIGopQEiyAmN.MCeZcsMw_c.N_4K3KZAqSTcBKthdyzBxZ_tbID_NdjEoHxynL4ulsYviCLtguxumcmpJ0MYDQKhArJzdaaGvQ7maaZ8J7zyh0dMH9CqqcBnDm4s6iIecgXrOsDrhec7wmL_RpBi2Qk3iDvLobu9HAzQ0yaOZ9MzGsiXibWkwSYaLNX8e8XUnGklzsvNS3SDz6_lr52IAG529.mGjDd
.fileplanet.com/	1969-12-31 23:59:59	Name: tabt Value: 1
.www.fileplanet.com/	1970-01-21 10:28:06	Name: usprivacy Value: 1N--
.fileplanet.com/	1970-01-21 10:42:30	Name: _ga_FY7WC4S6RP Value: GS1.2.1731990356.1.0.1731990356.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cmp.inmobi.com
c.disquscdn.com
c.statcounter.com
cdn.fileplanet.com
cmp.inmobi.com
disqus.com
fileplanet-1.disqus.com
fonts.gstatic.com
referrer.disqus.com
region1.google-analytics.com
static.cloudflareinsights.com
www.fileplanet.com
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
104.20.94.138
104.27.203.89
104.27.204.89
151.101.0.134
172.217.18.3
199.232.192.134
199.232.196.134
2001:4860:4802:34::36
2600:9000:214f:2800:1b:cadc:ef40:93a1
2600:9000:26e8:e000:6:8656:f5c0:93a1
2606:4700::6810:5049
2a00:1450:4001:800::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:829::200a
3.68.171.69
02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427
105d8a94088b7f40c88b945e7f85aebe8a2008afcbae1949fc436e10151cfc89
115e1fe194e82212af1478162b2eba354eab9a5037844c423a9322a711d75b7f
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
26246283db21e773e30ae14fbbbbba518a066d54c6b81cb06c340db6b7e64afd
2c4fa5e79d640cd3340e2fadd342215c1bf2e6a02eb96977e30f1df57449f891
30bf68115317bda74b72821479f0f328ad11df8555a0c570404c689eda85f7ec
30cb07b1afaac52f76aa320c5a3c89716ad1ecb75e4b36a72a846c5c7986d1ac
3b3b088dff19b89c42a5b2585322c350b8dca894326d51fcf3030b77a488fc55
3d03c8879ad32d0756a965c85178ff2215aaca3ace158a83243d444835dc50bd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a
4fd5c6dc5fa8656dc82046f9e0c5f3f52826c7bdcd10b4824319dd69637d008d
561667687be39c87e8c9c720e93055ec71e669b4d8b4996b2e8024b4cd90b149
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fc211c80d0437e05f8c003fcb010ce35f1db1e421b800352f419158e995a8ba
5fe9ae23cdd21b0d3ea57b65a0853616e60823a8506f215d7645ded18a3f3b78
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0
79e25c0f41d40227b3de134c7866c6e99659daab3fbf27d16090687eed2de0d2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84dafd5d737bbc74cd077a40846e049e373df4e53b8e397d2dc69fc51cba86cd
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b62a9afb651cd6792ad8feb28d9a0e0d8a6afe859fc5f0aa0ca757aed07e0a1
91481c4d4b9084069b7688ea98d71015895d1902734348a6406ab5119ed0bf30
9bcb96a97b126c94fb42996010ea96c585c2b466deb68b5a2627c60a1412dbb9
a3334017214910e5709cc4d0dd8d5caf9b3d6164c7c123b5c137dd55d02a6fab
a3970e6ea352fd40113620ba000357fa9d815bee48f16523af14a65120b9aa5d
ac6afa206710c281b3e0e61166e3456e529d2ec392700b966d0b4370a7980f3e
ad3d0ca410aa64d933c2853e39ef8b605c4815f9826bc0e721e3d3d93860bf64
b0d9548ceafb70534815653ccede7640d4607770133381a45b98158d6e6b87a9
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
b70d8e3aab7e047277c26e96f2cf545678db291fc1008afb0889dca93d571b87
b70f280c2332acbecef3ec314f31a699e9bdd8908f2654d18e59b50e1dbf158e
b77282e409558e7ba342a344b7239a1d7967eb792a3fb9dc5d236d8f6b9db368
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
cac72dd074536deacd092081c23a81f816cb001d72337b8cdc7c3d8d2377542e
ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0173946f5e21428a5f0e376de4f523013af1301e27a19a732626f0fbb16f60a
d32046f4786556cf6855e410799eef948c20ab1137d96e35369c432ccc6049cd
d76747fb5c07f2b83c5a4101fa431b0c52903d36596c71072b14413332937ffb
d99e5d6219177532dc28057fa8923279a0681297e8b569b5b595a694bf45c0fd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3ad2ee90e0fa6f54045ef91d64c3c809c2fd9f359bbcceda7888f3ddca5bf6
e30893d037dffb69529112557b87bce30f6f897241d07f26f4ec37f9310db451
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95798788b1b364e08172ea8c5cc534d61f6b642fdddaf189d68076e2e2ef061
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f397b54bffc25b8d5a2eef044be7876be02cc6177ad3cc7be097c07f6001b6b0
f558f71c4902ba08c370abb0311ad58569b3ca941403cd4dce38fcb6496016ca
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
ff3c48e15e940542dbf810dc4ab12e2cec831e74035af566ae3ee1b59bae1990
ffc1902c74fe6cb8e5db0e5785a34886a8c24dcaa3b6ddf96effa34508ce8524

www.fileplanet.com Open in urlscan Pro 104.27.203.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

47 %IPv6

10 Domains

16 Subdomains

15 IPs

3 Countries

751 kBTransfer

2291 kBSize

15 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fileplanet.com Open in urlscan Pro
104.27.203.89 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

47 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

751 kB
Transfer

2291 kB
Size

15
Cookies

62 HTTP transactions
0 data transactions