urlscan.io logo urlscan.io
SecurityTrails logo

memz-trojan.de.softonic.com Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://memz-trojan.de.softonic.com/
Submission: On August 17 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 57 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is memz-trojan.de.softonic.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 14th 2021. Valid for: a year.
This is the only time memz-trojan.de.softonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com
memz-trojan.de.softonic.com
11    2a02:26f0:3500:89a::29cc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
13    151.101.65.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
3    2600:9000:214f:c000:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
2    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
8876029.fls.doubleclick.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com
www.aaxdetect.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.nl
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    139.45.240.92 (United Kingdom)

ASN9002 (RETN-AS, GB)
notix.io
Apex Domain
Subdomains		 Transfer
24 sftcdn.net
images.sftcdn.net — Cisco Umbrella Rank: 87484
sc.sftcdn.net — Cisco Umbrella Rank: 88345
193 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
8876029.fls.doubleclick.net — Cisco Umbrella Rank: 250734
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
165 KB
4 google.com
ampcid.google.com — Cisco Umbrella Rank: 1708
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
4 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2620
l3.aaxads.com — Cisco Umbrella Rank: 3912
163 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
202 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6827
165 KB
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
44 KB
1 notix.io
notix.io — Cisco Umbrella Rank: 11787
266 B
1 google.nl
ampcid.google.nl — Cisco Umbrella Rank: 91510
469 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 5473
342 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
16 KB
1 softonic.com
memz-trojan.de.softonic.com
50 KB
57 14
Domain Requested by
13 sc.sftcdn.net memz-trojan.de.softonic.com
sc.sftcdn.net
11 images.sftcdn.net memz-trojan.de.softonic.com
3 c.aaxads.com sc.sftcdn.net
memz-trojan.de.softonic.com
c.aaxads.com
3 securepubads.g.doubleclick.net memz-trojan.de.softonic.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com memz-trojan.de.softonic.com
www.googletagmanager.com
3 sdk.privacy-center.org memz-trojan.de.softonic.com
sdk.privacy-center.org
2 www.google.de memz-trojan.de.softonic.com
2 www.google.com memz-trojan.de.softonic.com
2 8876029.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
memz-trojan.de.softonic.com
2 c.amazon-adsystem.com memz-trojan.de.softonic.com
c.amazon-adsystem.com
1 notix.io
1 stats.g.doubleclick.net www.google-analytics.com
1 l3.aaxads.com memz-trojan.de.softonic.com
1 adservice.google.de adservice.google.com
1 ampcid.google.nl www.google-analytics.com
1 www.aaxdetect.com memz-trojan.de.softonic.com
1 adservice.google.com 8876029.fls.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 ampcid.google.com www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 memz-trojan.de.softonic.com
57 23

This site contains links to these domains. Also see Links.

Domain
de.softonic.com
www.softonic-ar.com
en.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
desktop-goose.de.softonic.com
hitman-3.de.softonic.com
bat-to-exe-converter-x64.de.softonic.com
github.com
www.facebook.com
twitter.com
api.whatsapp.com
docs.google.com
memz-trojan.softonic.cn
memz-trojan.softonic.com
memz-trojan.en.softonic.com
memz-trojan.softonic.kr
memz-trojan.softonic-id.com
memz-trojan.it.softonic.com
memz-trojan.softonic.vn
memz-trojan.softonic.nl
memz-trojan.softonic.pl
memz-trojan.softonic.ru
memz-trojan.softonic.jp
memz-trojan.softonic-th.com
memz-trojan.softonic.com.br
memz-trojan.fr.softonic.com
memz-trojan.softonic-ar.com
memz-trojan.softonic.com.tr
obs-studio.de.softonic.com
betterdiscord.de.softonic.com
path-of-building.de.softonic.com
pokemon-go-bot.de.softonic.com
java-runtime-environment-64.de.softonic.com
low-orbit-ion-cannon.de.softonic.com
pix2pix.de.softonic.com
waifu2x.de.softonic.com
discord-soundboard.de.softonic.com
java-runtime-environment.de.softonic.com
wix-toolset.de.softonic.com
free-cities-game.de.softonic.com
a4desk-flash-photo-gallery-builder.de.softonic.com
easy-xml-editor.de.softonic.com
civilization-6.de.softonic.com
microsoft-windows-sdk-for-windows-7-and-net-framework-4.de.softonic.com
dotnet-framework-1.de.softonic.com
koala-win.de.softonic.com
php-manager-for-iis-7.de.softonic.com
phpexcel.de.softonic.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.linkedin.com
www.flickr.com
fetchrss.com
Subject Issuer Validity Valid
softonic.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-14 -
2023-01-13		 a year crt.sh
s4-san.cloudinary.com
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.privacy-center.org
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.google.nl
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
notix.io
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://memz-trojan.de.softonic.com/
Frame ID: 993FE4CAFC9B047D5EB309C239AEB707
Requests: 54 HTTP requests in this frame

Frame: https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Frame ID: 15FA8D709A98E8006305DBAD266A8E20
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Frame ID: 615BAE4BF0E693A24AF6DDA98F789C15
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Frame ID: 4D7617E4AF3EF1FDEAC72E032F43E8F9
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=29%2C291%2C251%2C159%2C336%2C203%2C23%2C89%2C219%2C97%2C265%2C272%2C282%2C263%2C264%2C206%2C250%2C267%2C368%2C229%2C209%2C231%2C213%2C356%2C167%2C3004%2C195%2C241&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=0&gdprstring=CPd2dsAPd2dsAAHABBENCcCgAAAAAAAAAAiQAAAQ6gRgAVAAyABwAD4AJAAZAA0AB9AEQARQAmABQACkAGgAOYAfgBCACOAFKALcAXMAygDLgHcAd4A_QCBwEHAQgAiwBHQCngGBAVMAtABcAC8wIJgQ6AJJQAYAAgjwGgAwABBHgVABgACCPBSADAAEEeB0AGAAII8EIAMAAQR4CQAYAAgjwIgAwABBHgZABgACCPAA.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0
Frame ID: 153F2B7AFF5D930EB4534457C4F958B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Memz Trojan - Download

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

100 %
HTTPS

57 %
IPv6

14
Domains

23
Subdomains

22
IPs

4
Countries

1021 kB
Transfer

3782 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F HTTP 302
  • https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
memz-trojan.de.softonic.com/ 		349 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3104c1f4d6121d3d7e96f905e8de550d80b8c4d595bff625122da8ad4bf7b976
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache
content-encoding
br
content-language
de-DE
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 17 Aug 2022 00:01:22 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
103
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
baf33d15-7389-4375-8baf-98132bfc6979
x-served-by
server-859b7d7c47-lj4gr
x-version
1.5278.0
x-xss-protection
1
memz-trojan-logo.png
images.sftcdn.net/images/t_app-logo-xl,f_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-xl,f_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/memz-trojan-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
21b782be0f71f314f0215ef44ab6928aff2fb979d35301aa7b06bc80c0190116
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="2028187188.webp"
server-timing
akam;dur=6;start=2022-08-17T00:01:22.606Z;desc=hit-near,rtt;dur=5
vary
Accept,User-Agent
content-length
1408
last-modified
Mon, 16 Dec 2019 20:40:54 GMT
server
Cloudinary
etag
"d7f2229ae36cf1299117472b7d098541"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
61467-43374.woff2
sc.sftcdn.net/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/61467-43374.woff2
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a9d519fc5cd448a8ca42b786d99129fd4796f5c72a1dbd03efc0d6e270c32a1c

Request headers

Referer
https://memz-trojan.de.softonic.com/
Origin
https://memz-trojan.de.softonic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
2561
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21317
x-served-by
cache-ams21076-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Tue, 16 Aug 2022 07:25:47 GMT
server
istio-envoy
x-timer
S1660694483.588783,VS0,VE0
etag
W/"62fb467b-5354"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Tue, 23 Aug 2022 23:18:41 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
2, 19
loader.js
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=de.softonic.com
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b2dd319671e7ac00eaa19b2a71474f69f9007faae2c13b14aeb6b9bd023b0f0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 22:07:21 GMT
content-encoding
gzip
x-didomi-remote-config-source
Dynamo
server
CloudFront
age
6946
etag
"98f3144478f65667ab87423cb0f6a292"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
x-amz-cf-pop
FRA53-C1
content-length
18170
x-amz-cf-id
ZLiHzMWTrRd44h_YBJhiaFlZNO0OKNND1_v13xy5LpXgpXCFJvSC6g==
gtm.js
www.googletagmanager.com/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1eda6753eca0caeb0637e913b498e5f0645daee17fd2316c7fb51ecdac179bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86960
x-xss-protection
0
expires
Wed, 17 Aug 2022 00:01:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
09cf1f41cfdd6d08262d86cacda2ae6151b7e5c7c939dd60cddf768047120625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28636
x-xss-protection
0
server
sffe
etag
"1306 / 124 of 1000 / last-modified: 1660687744"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 Aug 2022 00:01:22 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12732f613fb119cb17f69b43179af3c0d93f5d92cfc77059a87852efd05d8685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45512
x-xss-protection
0
expires
Wed, 17 Aug 2022 00:01:22 GMT
ca125-64113.js
sc.sftcdn.net/scripts/ 		276 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/ca125-64113.js
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
dc7e090d16e959cc4cc963d204765293de765afbbbfd232e261d24a39272fc6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
480088
x-cache
HIT, HIT
x-envoy-upstream-service-time
29
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
76793
x-served-by
cache-ams12782-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 15:48:20 GMT
server
istio-envoy
x-timer
S1660694483.602745,VS0,VE0
etag
W/"62f3d344-44e18"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Thu, 18 Aug 2022 10:39:55 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 2779
apstag.js
c.amazon-adsystem.com/aax2/ 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 16 Aug 2022 23:40:01 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Mon, 15 Aug 2022 16:12:01 GMT
server
AmazonS3
age
1282
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
Kw0uZZYWsYCKX3hKEPbIHsRCsev_112042D3dClDlUJRqCSCp84MTA==
72c3f-d122d.mjs
sc.sftcdn.net/scripts/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-d122d.mjs
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5704d89068a6d0c3f8a52319d7205f71969e76c415b3c5e989802a530e9d3870

Request headers

Referer
https://memz-trojan.de.softonic.com/
Origin
https://memz-trojan.de.softonic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
404077
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16213
x-served-by
cache-ams12734-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 11:56:09 GMT
server
istio-envoy
x-timer
S1660694483.589049,VS0,VE0
etag
W/"62f4ee59-eb0c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Fri, 19 Aug 2022 07:46:45 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 8388
23986-98c87.mjs
sc.sftcdn.net/scripts/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-98c87.mjs
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
65364ad4670f0dcdac31912b854b52d486e118dd01e1f49d7c44b4ad5663d40c

Request headers

Referer
https://memz-trojan.de.softonic.com/
Origin
https://memz-trojan.de.softonic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
485201
x-cache
HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15735
x-served-by
cache-ams21029-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Wed, 10 Aug 2022 15:48:20 GMT
server
istio-envoy
x-timer
S1660694483.589068,VS0,VE0
etag
W/"62f3d344-10acd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Thu, 18 Aug 2022 09:14:40 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 9782
e1d66-077e1.css
sc.sftcdn.net/styles/ 		188 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-077e1.css
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a621ebd8f0e4706300212fd6262e86b4f56b8a68c076303e927d6c33e5145031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
403348
x-cache
HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21187
x-served-by
cache-ams21036-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 11:30:00 GMT
server
istio-envoy
x-timer
S1660694483.602727,VS0,VE0
etag
W/"62f4e838-2ee1a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Fri, 19 Aug 2022 07:58:55 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 8341
40150-0f94f.css
sc.sftcdn.net/styles/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-0f94f.css
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
59e05f86f9940243c1e178f728a2b9c2d922dedd665cf068ae26c07fc5f275c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
595381
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2064
x-served-by
cache-ams12768-AMS, cache-hhn4049-HHN
access-control-allow-origin
*
last-modified
Mon, 08 Aug 2022 12:56:11 GMT
server
istio-envoy
x-timer
S1660694483.602707,VS0,VE0
etag
W/"62f107eb-3284"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Wed, 17 Aug 2022 02:38:21 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 11476
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
sdk.b73f94352516442d541aebb3337b8387b0379646.js
sdk.privacy-center.org/ 		406 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.b73f94352516442d541aebb3337b8387b0379646.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=de.softonic.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5536d476a8790386424135cd1ad458e8f401f00d9c80f18e3c9a32fa4be152df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 15 Aug 2022 14:05:19 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 14:00:54 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1660571801/ctime:1660571801/gid:0/gname:root/md5:707ec823bda972f3358cc4cc61b9b56f/mode:33188/mtime:1660571801/uid:0/uname:root
age
122164
etag
W/"707ec823bda972f3358cc4cc61b9b56f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
1vdWQp3yNHhab0vQlApWLDdB4ptdSPYyX-X8HTmM-TCzvZkvj3H5LA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 23:41:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
1221
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
7LeQ7ZsSbX0emDvRlQFnzgmjZpmzJrrgBL_uP7cMQiDOmu0XQaSN7g==
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15380
x-xss-protection
0
server
cafe
etag
14955335288317425560
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:01:22 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5e300d836c5ec95b675663a57e0331e20f1acd98c9ee446405dcf3d8439cc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73271
x-xss-protection
0
expires
Wed, 17 Aug 2022 00:01:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3325
date
Tue, 16 Aug 2022 23:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 17 Aug 2022 01:05:57 GMT
pubads_impl_2022081101.js
securepubads.g.doubleclick.net/gpt/ 		388 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js?cb=31068970
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 19:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135472
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 08:35:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Aug 2023 19:23:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		742 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=memz-trojan.de.softonic.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
fa14ff502e078694523e5a572d56acde14b247223721a6e473abfe9fe3597163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
expires
Wed, 17 Aug 2022 00:01:22 GMT
aax.js
c.aaxads.com/ 		619 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=memz-trojan.de.softonic.com&ver=1.2
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/72c3f-d122d.mjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d30633f99157ef46e1104246c315adcc08cc63f4a7463e53b775a86d4f212f96
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 17 Aug 2022 00:01:22 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 17 Aug 2022 00:31:22 GMT
b94b1-07e8f.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-07e8f.css
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
59459
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1281
x-served-by
cache-ams21068-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Tue, 16 Aug 2022 07:25:48 GMT
server
istio-envoy
x-timer
S1660694483.815741,VS0,VE0
etag
W/"62fb467c-17a0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Tue, 23 Aug 2022 07:30:24 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 1409
activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fme...
8876029.fls.doubleclick.net/ Frame 15FA
Redirect Chain
  • https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2F...
  • https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=...
530 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
03c300aaf308c1d293910bf70d6a5dc04a06535dc0b6c4ea1dbc425fe6527ee0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
419
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 00:01:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 00:01:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ui-gdpr-en.b73f94352516442d541aebb3337b8387b0379646.js
sdk.privacy-center.org/ 		272 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.b73f94352516442d541aebb3337b8387b0379646.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.b73f94352516442d541aebb3337b8387b0379646.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b9274c0d46e34125619b3d49b39c6224a2730142965bd7bac1eecc293733b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 15 Aug 2022 14:05:20 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 14:01:00 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1660571801/ctime:1660571801/gid:0/gname:root/md5:8d1299c3a5b43863f8854816d759b297/mode:33188/mtime:1660571801/uid:0/uname:root
age
122163
etag
W/"8d1299c3a5b43863f8854816d759b297"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
s_pghRXtccMM_5W4tvcQHMB5MAzsH4h_zjDzPJCI7SmduNBcdx7eEg==
chunk8-8fffb6.mjs
sc.sftcdn.net/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk8-8fffb6.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e15d820e080cb003c70bcf5fe9705a5219d30508682f34651b71627bbac7ab10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
85017
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1858
x-served-by
cache-ams12740-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 14:35:42 GMT
server
istio-envoy
x-timer
S1660694483.936533,VS0,VE0
etag
W/"62f513be-158b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Tue, 23 Aug 2022 00:24:26 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 1821
chunk1-aee24b.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-aee24b.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2d52d38d66442da99ca2d0aa8c5cbf1242b9d1e450cee9e98665fb70e5361f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
404077
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7820
x-served-by
cache-ams12778-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 11:56:09 GMT
server
istio-envoy
x-timer
S1660694483.948836,VS0,VE0
etag
W/"62f4ee59-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Fri, 19 Aug 2022 07:46:45 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 7638
chunk0-ea56c5.mjs
sc.sftcdn.net/scripts/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-ea56c5.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8fa6b33edfb720d530a452d3b6c2e5eedf4adc72526c157c4f6b3ff207e6eced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
404077
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5492
x-served-by
cache-ams12729-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 11:56:09 GMT
server
istio-envoy
x-timer
S1660694483.949017,VS0,VE0
etag
W/"62f4ee59-5208"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Fri, 19 Aug 2022 07:46:45 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 7623
chunk2-6d0d88.mjs
sc.sftcdn.net/scripts/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk2-6d0d88.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b2ba5c864de3d0a5a301a62a94c3660436e0f1381b32fdfd2e4f2e9ec1213ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
76632
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4300
x-served-by
cache-ams21054-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 14:35:42 GMT
server
istio-envoy
x-timer
S1660694483.949278,VS0,VE0
etag
W/"62f513be-4aec"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Tue, 23 Aug 2022 02:44:11 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 1640
chunk7-73463d.mjs
sc.sftcdn.net/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-73463d.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d87cc1dbd3dfde8a054b6248cc6c331e3c8484014e265da3a4b4bf6a3724bd10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
88635
x-cache
MISS, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1736
x-served-by
cache-ams12730-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 14:35:42 GMT
server
istio-envoy
x-timer
S1660694483.949244,VS0,VE0
etag
W/"62f513be-1603"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Mon, 22 Aug 2022 23:24:07 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
0, 1504
publisher:getClientId
ampcid.google.com/v1/ 		74 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://memz-trojan.de.softonic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://memz-trojan.de.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1660694482956&cv=9&fst=1660694482956&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&tiba=Memz%20Trojan%20-%20Download&auid=2142352081.1660694483&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed121e28027b6a36f7bfe71c1a2458e1684c20b679223a78171c24e8b0ea431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk19-517d1e.mjs
sc.sftcdn.net/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk19-517d1e.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-98c87.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e5e73784ae04dc833310b45346bb9f9238fa2e867e9de94934e7166cf4f9e820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
x-device-type
common
age
83936
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1131
x-served-by
cache-ams21020-AMS, cache-hhn4058-HHN
access-control-allow-origin
*
last-modified
Thu, 11 Aug 2022 14:35:42 GMT
server
istio-envoy
x-timer
S1660694483.962694,VS0,VE0
etag
W/"62f513be-907"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
via
1.1 google, 1.1 varnish, 1.1 varnish
expires
Tue, 23 Aug 2022 00:42:26 GMT
cache-control
max-age=604800,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1, 1824
collect
region1.google-analytics.com/g/ 		0
355 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=2oe8f0&_p=1491416729&cid=1642372264.1660694483&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660694482&sct=1&seg=0&dl=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&dt=Memz%20Trojan%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memz-trojan.de.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan....
adservice.google.com/ddm/fls/i/ Frame 615B 		529 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Requested by
Host: 8876029.fls.doubleclick.net
URL: https://8876029.fls.doubleclick.net/activityi;dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ed4d06445be622d6475b2ee5c52de382980051b02e554c818b26a490e0d14e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8876029.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
418
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 00:01:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pxusr.gif
c.aaxads.com/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Wed, 17 Aug 2022 00:01:23 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=763186
accept-ranges
bytes
content-length
43
expires
Thu, 25 Aug 2022 20:01:09 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 17 Aug 2022 00:01:23 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=386675
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 21 Aug 2022 11:25:58 GMT
publisher:getClientId
ampcid.google.nl/v1/ 		3 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.nl/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://memz-trojan.de.softonic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://memz-trojan.de.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
desktop-goose-613108143.jpg
images.sftcdn.net/images/t_app-logo-l,f_auto/p/2e5ebfa7-13b5-4af1-8dc4-87234c6466b7/613108143/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-l,f_auto/p/2e5ebfa7-13b5-4af1-8dc4-87234c6466b7/613108143/desktop-goose-613108143.jpg
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1cd7feca53de2478ee4b924cb49230ee474c3d94ae9209fdeebe99fc2cb58ab5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="613108143.webp"
server-timing
akam;dur=3;start=2022-08-17T00:01:23.229Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
1032
last-modified
Tue, 14 Sep 2021 06:51:06 GMT
server
Cloudinary
etag
"5274d3d51cea9369f92dfb7a8b10a518"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
hitman-3-hitman%203%20logo.png
images.sftcdn.net/images/t_app-logo-l,f_auto/p/dbd6aaa8-ca06-488d-9f20-7ae558c6f959/4206248421/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-l,f_auto/p/dbd6aaa8-ca06-488d-9f20-7ae558c6f959/4206248421/hitman-3-hitman%203%20logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
073f6335748ef0d17cf215d7fcb07da083d138c96b0d5531eb8dec3357345b65
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="4206248421.webp"
server-timing
akam;dur=10;start=2022-08-17T00:01:23.233Z;desc=hit-near,rtt;dur=5
vary
Accept,User-Agent
content-length
1060
last-modified
Tue, 01 Sep 2020 19:20:02 GMT
server
Cloudinary
etag
"25d6a2971414a7f58c9fec5da56b2556"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bat-to-exe-converter-x64-logo.png
images.sftcdn.net/images/t_app-logo-l,f_auto/p/c0ab8636-9b53-11e6-a14a-00163ec9f5fa/1124353339/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-l,f_auto/p/c0ab8636-9b53-11e6-a14a-00163ec9f5fa/1124353339/bat-to-exe-converter-x64-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e952ced8b6c7a98acdcf5f604abfedd0243eece935ca0e822061e3490dbd8f5d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="1124353339.webp"
server-timing
akam;dur=7;start=2022-08-17T00:01:23.235Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
2312
last-modified
Mon, 16 Dec 2019 13:25:12 GMT
server
Cloudinary
etag
"e1f09dceaf92302204cea4b3480cccd7"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
obs-studio-icon.png
images.sftcdn.net/images/t_app-logo-m,f_auto/p/89760830-f50f-4215-bbef-a6934fd3f3f6/1610590122/ 		574 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-m,f_auto/p/89760830-f50f-4215-bbef-a6934fd3f3f6/1610590122/obs-studio-icon.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ae0bd4b0b70a2e0fd5d434ff665107ad197d9cab76cc48caca18b49e0fec3bb9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="1610590122.webp"
server-timing
akam;dur=2;start=2022-08-17T00:01:23.239Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
574
last-modified
Tue, 26 Jan 2021 20:53:13 GMT
server
Cloudinary
etag
"2fb370e6fe42b05c9a5235972d9cf406"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
betterdiscord-icon.jpg
images.sftcdn.net/images/t_app-logo-m,f_auto/p/2cda2332-bb51-4e0f-9ed1-9f8aaa8522ad/1802486173/ 		366 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-m,f_auto/p/2cda2332-bb51-4e0f-9ed1-9f8aaa8522ad/1802486173/betterdiscord-icon.jpg
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
47f92109c14cd7c2bd6c6a783031186ff4633d514f510b6bbee21b6ac0c4ec7a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="1802486173.webp"
server-timing
akam;dur=3;start=2022-08-17T00:01:23.243Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
366
last-modified
Fri, 26 Feb 2021 12:35:52 GMT
server
Cloudinary
etag
"87444dec4859aefc97c9fb7ecb8d985b"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
path-of-building-logo.png
images.sftcdn.net/images/t_app-logo-m,f_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/ 		644 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-m,f_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/path-of-building-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4a48650ba7df39aa01f7e81739507468d1e9cac7c9f8426e3e96be13330297cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="2028187188.webp"
server-timing
akam;dur=2;start=2022-08-17T00:01:23.247Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
644
last-modified
Thu, 28 May 2020 12:57:28 GMT
server
Cloudinary
etag
"04e4e21c34e74015ba2edb15a8ff1b09"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
pokemon-go-bot-logo.png
images.sftcdn.net/images/t_app-logo-m,f_auto/p/910eda25-f86d-41fd-a979-fc821abc3dc7/2028187188/ 		644 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-m,f_auto/p/910eda25-f86d-41fd-a979-fc821abc3dc7/2028187188/pokemon-go-bot-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4a48650ba7df39aa01f7e81739507468d1e9cac7c9f8426e3e96be13330297cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="2028187188.webp"
server-timing
akam;dur=2;start=2022-08-17T00:01:23.250Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
644
last-modified
Tue, 01 Dec 2020 11:33:30 GMT
server
Cloudinary
etag
"04e4e21c34e74015ba2edb15a8ff1b09"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
java-runtime-environment-64-download%20(1).png
images.sftcdn.net/images/t_app-logo-m,f_auto/p/5e3f2660-96d0-11e6-b6ce-00163ec9f5fa/1911214401/ 		578 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-m,f_auto/p/5e3f2660-96d0-11e6-b6ce-00163ec9f5fa/1911214401/java-runtime-environment-64-download%20(1).png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d17833aaf0a275f43f5dfe525274362ac6718beab77f7694b095370ffc8d9531
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="1911214401.webp"
server-timing
akam;dur=3;start=2022-08-17T00:01:23.253Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
578
last-modified
Mon, 04 Oct 2021 06:16:18 GMT
server
Cloudinary
etag
"eebc5dff9a39fd3fe5bf5c61ebd5ef65"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
path-of-building-logo.png
images.sftcdn.net/images/t_app-logo-l,f_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-l,f_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/path-of-building-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="2028187188.webp"
server-timing
akam;dur=7;start=2022-08-17T00:01:23.257Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
876
last-modified
Mon, 16 Dec 2019 13:23:25 GMT
server
Cloudinary
etag
"bc417d7d6582c802a3099cad4f975ed5"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
low-orbit-ion-cannon-logo.png
images.sftcdn.net/images/t_app-logo-l,f_auto/p/de0fb7a5-7127-430b-808c-202f6645b9a8/2028187188/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-logo-l,f_auto/p/de0fb7a5-7127-430b-808c-202f6645b9a8/2028187188/low-orbit-ion-cannon-logo.png
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::29cc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="2028187188.webp"
server-timing
akam;dur=4;start=2022-08-17T00:01:23.261Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
876
last-modified
Mon, 16 Dec 2019 13:27:35 GMT
server
Cloudinary
etag
"bc417d7d6582c802a3099cad4f975ed5"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1660694482956&cv=9&fst=1660694400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&tiba=Memz%20Trojan%20-%20Download&async=1&fmt=3&is_vtc=1&random=1090835702&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/631321069/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/631321069/?random=1660694482956&cv=9&fst=1660694400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&tiba=Memz%20Trojan%20-%20Download&async=1&fmt=3&is_vtc=1&random=1090835702&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan....
adservice.google.de/ddm/fls/i/ Frame 4D76 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNnU7YXJzPkCFaz-1QodXJcHAg;src=8876029;type=invmedia;cat=progr0;ord=2303120198535;gtm=2wg8f0;auiddc=2142352081.1660694483;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 00:01:23 GMT
expires
Wed, 17 Aug 2022 00:01:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=177&dgw=desktop&flg=AAXXX4L07&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=memz-trojan.de.softonic.com&vhuyqdph=ssp-serving-b56c95f45-fc4n9&vyu=081112_422_081112_382_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001660694483109023283072005256&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=-1&dgeg=0&qsd=0&jgsu=1&fvvwu=CPd2dsAPd2dsAAHABBENCcCgAAAAAAAAAAiQAAAQ6gRgAVAAyABwAD4AJAAZAA0AB9AEQARQAmABQACkAGgAOYAfgBCACOAFKALcAXMAygDLgHcAd4A_QCBwEHAQgAiwBHQCngGBAVMAtABcAC8wIJgQ6AJJQAYAAgjwGgAwABBHgVABgACCPBSADAAEEeB0AGAAII8EIAMAAQR4CQAYAAgjwIgAwABBHgZABgACCPAA.YAAAAAAAAAAA&wfi_fps=7&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=175&fhqg=53&hqg=163&gvwduw=54&fvwduw=53&vwduw=54&uhtxuo=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&nzui=
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 17 Aug 2022 00:01:23 GMT
aacxs.php
c.aaxads.com/ Frame 153F 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxs.php?flg=AAXXX4L07&fv=1&fy=37&ke=1&suylg=29%2C291%2C251%2C159%2C336%2C203%2C23%2C89%2C219%2C97%2C265%2C272%2C282%2C263%2C264%2C206%2C250%2C267%2C368%2C229%2C209%2C231%2C213%2C356%2C167%2C3004%2C195%2C241&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=0&gdprstring=CPd2dsAPd2dsAAHABBENCcCgAAAAAAAAAAiQAAAQ6gRgAVAAyABwAD4AJAAZAA0AB9AEQARQAmABQACkAGgAOYAfgBCACOAFKALcAXMAygDLgHcAd4A_QCBwEHAQgAiwBHQCngGBAVMAtABcAC8wIJgQ6AJJQAYAAgjwGgAwABBHgVABgACCPBSADAAEEeB0AGAAII8EIAMAAQR4CQAYAAgjwIgAwABBHgZABgACCPAA.YAAAAAAAAAAA&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXXX4L07&hst=memz-trojan.de.softonic.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79e7421018d907eb398023f6ff9ff86c759f97bbcc42dea98049aaf51a88e5c5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://memz-trojan.de.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7233
content-type
text/html; charset=UTF-8
date
Wed, 17 Aug 2022 00:01:23 GMT
expires
Fri, 19 Aug 2022 00:01:23 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20034679-1&cid=1642372264.1660694483&jid=1842157532&gjid=1133211508&_gid=343943287.1660694483&_u=YCHAgEABAAQCAE~&z=18416479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://memz-trojan.de.softonic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 17 Aug 2022 00:01:23 GMT
content-type
text/plain
access-control-allow-origin
https://memz-trojan.de.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1491416729&t=pageview&_s=1&dl=https%3A%2F%2Fmemz-trojan.de.softonic.com%2F&ul=en-us&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAgEABAAQC~&jid=1842157532&gjid=1133211508&cid=1642372264.1660694483&tid=UA-20034679-1&_gid=343943287.1660694483&gtm=2wg8f05LWWHP&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd1=%2Fprogram_page&cd2=1&cd3=windows&cd4=development&cd5=development-kits&cd6=no&cd7=no&cd10=no&cd11=no&cd12=DE&cd14=free&cd15=2020-02-20&cd18=no&cd19=7.640350877192976&cd21=d07da58b-811e-422e-bc78-46efcd5a52b9&cd52=%2Fprogram_page&cd72=&cd79=Memz%20Trojan&cd85=2021-05-05&cd94=d91cd180-dd24-4b82-93da-a1c04077f69a&cd97=&cd110=&cd111=legacy&cd112=textbroker-postedition&z=124149960
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 01:06:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82512
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20034679-1&cid=1642372264.1660694483&jid=1842157532&_u=YCHAgEABAAQCAE~&z=1543110706
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20034679-1&cid=1642372264.1660694483&jid=1842157532&_u=YCHAgEABAAQCAE~&z=1543110706
Requested by
Host: memz-trojan.de.softonic.com
URL: https://memz-trojan.de.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 00:01:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtg.gif
notix.io/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notix.io/rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://memz-trojan.de.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 00:01:22 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| gdprAppliesGlobally object| didomiConfig function| __tcfapi object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag function| gtag_report_conversion object| sam object| pbjs object| _pbjsGlobals object| apstag object| eventTracker object| webpackJsonp object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| pbjsChunk boolean| apstagLOADED object| google_tag_manager object| google_tag_data function| postscribe object| google_tag_manager_external object| didomiEventListeners object| didomiOnReady object| googletag object| ggeac object| google_js_reporting_queue object| aax function| onYouTubeIframeAPIReady object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| DidomiSanitizing object| didomiState object| gaplugins function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaGlobal undefined| google_measure_js_timing object| regeneratorRuntime function| Waypoint object| gaData object| categoryConfig string| category string| imgPath string| imgSrc

15 Cookies

Domain/Path Name / Value
.de.softonic.com/ Name: _swo_pos
Value: 909
.softonic.com/ Name: _gcl_au
Value: 1.1.2142352081.1660694483
.softonic.com/ Name: persistent.fpmUserId
Value: d91cd180-dd24-4b82-93da-a1c04077f69a
.softonic.com/ Name: session.fpmSessionId
Value: 79445397-1f55-442c-a9e9-2ae19ab4ec82
.softonic.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTgyYTkxYWMtZjczNS02NmNkLWE1MzUtYmNjMTgyYTUxYjc2IiwiY3JlYXRlZCI6IjIwMjItMDgtMTdUMDA6MDE6MjIuODU1WiIsInVwZGF0ZWQiOiIyMDIyLTA4LTE3VDAwOjAxOjIyLjg1NVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.softonic.com/ Name: _ga_R5K71YRXMV
Value: GS1.1.1660694482.1.0.1660694482.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkJKfvVEmAOHDdeVfkcpwl9zJ7zsNJFbTOq160hducr-Bt1CjLoZk7yqAhB
memz-trojan.de.softonic.com/ Name: __aaxsc
Value: 2
memz-trojan.de.softonic.com/ Name: aasd
Value: 2%7C1660694483109
.softonic.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.com/ Name: _ga
Value: GA1.2.1642372264.1660694483
.softonic.com/ Name: _gid
Value: GA1.2.343943287.1660694483
.memz-trojan.de.softonic.com/ Name: _ga
Value: GA1.4.1642372264.1660694483
.memz-trojan.de.softonic.com/ Name: _gid
Value: GA1.4.343943287.1660694483
.softonic.com/ Name: _dc_gtm_UA-20034679-1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8876029.fls.doubleclick.net
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.nl
c.aaxads.com
c.amazon-adsystem.com
googleads.g.doubleclick.net
images.sftcdn.net
l3.aaxads.com
memz-trojan.de.softonic.com
notix.io
region1.google-analytics.com
sc.sftcdn.net
sdk.privacy-center.org
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
139.45.240.92
142.250.184.194
142.250.184.230
142.250.186.98
151.101.65.91
2001:4860:4802:34::36
23.205.239.15
23.205.241.117
2600:9000:214f:c000:5:b7cc:d3c0:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9a
2a02:26f0:3500:89a::29cc
35.227.233.104
65.9.71.118
03c300aaf308c1d293910bf70d6a5dc04a06535dc0b6c4ea1dbc425fe6527ee0
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073f6335748ef0d17cf215d7fcb07da083d138c96b0d5531eb8dec3357345b65
09cf1f41cfdd6d08262d86cacda2ae6151b7e5c7c939dd60cddf768047120625
12732f613fb119cb17f69b43179af3c0d93f5d92cfc77059a87852efd05d8685
1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523
1cd7feca53de2478ee4b924cb49230ee474c3d94ae9209fdeebe99fc2cb58ab5
21b782be0f71f314f0215ef44ab6928aff2fb979d35301aa7b06bc80c0190116
2d52d38d66442da99ca2d0aa8c5cbf1242b9d1e450cee9e98665fb70e5361f59
3104c1f4d6121d3d7e96f905e8de550d80b8c4d595bff625122da8ad4bf7b976
3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2
47f92109c14cd7c2bd6c6a783031186ff4633d514f510b6bbee21b6ac0c4ec7a
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
4a48650ba7df39aa01f7e81739507468d1e9cac7c9f8426e3e96be13330297cb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5536d476a8790386424135cd1ad458e8f401f00d9c80f18e3c9a32fa4be152df
5704d89068a6d0c3f8a52319d7205f71969e76c415b3c5e989802a530e9d3870
59e05f86f9940243c1e178f728a2b9c2d922dedd665cf068ae26c07fc5f275c8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65364ad4670f0dcdac31912b854b52d486e118dd01e1f49d7c44b4ad5663d40c
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e7421018d907eb398023f6ff9ff86c759f97bbcc42dea98049aaf51a88e5c5
7b9274c0d46e34125619b3d49b39c6224a2730142965bd7bac1eecc293733b86
7ed4d06445be622d6475b2ee5c52de382980051b02e554c818b26a490e0d14e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8fa6b33edfb720d530a452d3b6c2e5eedf4adc72526c157c4f6b3ff207e6eced
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a621ebd8f0e4706300212fd6262e86b4f56b8a68c076303e927d6c33e5145031
a9d519fc5cd448a8ca42b786d99129fd4796f5c72a1dbd03efc0d6e270c32a1c
ae0bd4b0b70a2e0fd5d434ff665107ad197d9cab76cc48caca18b49e0fec3bb9
b2ba5c864de3d0a5a301a62a94c3660436e0f1381b32fdfd2e4f2e9ec1213ee7
b2dd319671e7ac00eaa19b2a71474f69f9007faae2c13b14aeb6b9bd023b0f0a
c1eda6753eca0caeb0637e913b498e5f0645daee17fd2316c7fb51ecdac179bb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d17833aaf0a275f43f5dfe525274362ac6718beab77f7694b095370ffc8d9531
d30633f99157ef46e1104246c315adcc08cc63f4a7463e53b775a86d4f212f96
d5e300d836c5ec95b675663a57e0331e20f1acd98c9ee446405dcf3d8439cc9c
d87cc1dbd3dfde8a054b6248cc6c331e3c8484014e265da3a4b4bf6a3724bd10
dc7e090d16e959cc4cc963d204765293de765afbbbfd232e261d24a39272fc6c
e15d820e080cb003c70bcf5fe9705a5219d30508682f34651b71627bbac7ab10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e73784ae04dc833310b45346bb9f9238fa2e867e9de94934e7166cf4f9e820
e952ced8b6c7a98acdcf5f604abfedd0243eece935ca0e822061e3490dbd8f5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa14ff502e078694523e5a572d56acde14b247223721a6e473abfe9fe3597163
fed121e28027b6a36f7bfe71c1a2458e1684c20b679223a78171c24e8b0ea431
ffb169c682184887e61fbb92375424273436b8638ffb1b98779b24842a72cdbf