urlscan.io logo urlscan.io
SecurityTrails logo

memz-trojan.tr.download.it Open in urlscan Pro
172.67.75.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://memz-trojan.tr.download.it/
Effective URL: https://memz-trojan.tr.download.it/
Submission: On April 23 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 63 HTTP transactions. The main IP is 172.67.75.124, located in United States and belongs to CLOUDFLARENET, US. The main domain is memz-trojan.tr.download.it.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 12th 2023. Valid for: a year.
This is the only time memz-trojan.tr.download.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 172.67.75.124 13335 (CLOUDFLAR...)
30 104.26.15.127 13335 (CLOUDFLAR...)
2 142.250.185.170 15169 (GOOGLE)
2 216.58.206.72 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
2 104.20.95.138 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 1 18.245.86.24 16509 (AMAZON-02)
8 3.160.150.40 16509 (AMAZON-02)
2 172.217.23.99 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
2 74.125.133.154 15169 (GOOGLE)
2 216.58.206.35 15169 (GOOGLE)
2 142.250.74.206 15169 (GOOGLE)
1 3.77.60.206 16509 (AMAZON-02)
1 142.250.185.196 15169 (GOOGLE)
63 15
6    172.67.75.124 (United States)

ASN13335 (CLOUDFLARENET, US)
memz-trojan.tr.download.it
download.it
30    104.26.15.127 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.download.it
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
2    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    18.245.86.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-24.fra60.r.cloudfront.net
cmp.quantcast.com
8    3.160.150.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-40.fra60.r.cloudfront.net
cmp.inmobi.com
2    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
fonts.gstatic.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
www.google.it
2    142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
1    3.77.60.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-60-206.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
36 download.it
memz-trojan.tr.download.it
cdn.download.it — Cisco Umbrella Rank: 546334
download.it — Cisco Umbrella Rank: 398633
229 KB
9 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4230
api.cmp.inmobi.com — Cisco Umbrella Rank: 15012
210 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
2 google.it
www.google.it — Cisco Umbrella Rank: 25505
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
404 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
www.google.com — Cisco Umbrella Rank: 2
325 B
2 gstatic.com
fonts.gstatic.com
46 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 18729
c.statcounter.com — Cisco Umbrella Rank: 11493
14 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
190 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
161 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
893 B
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 7121
590 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
63 13
Domain Requested by
30 cdn.download.it memz-trojan.tr.download.it
8 cmp.inmobi.com memz-trojan.tr.download.it
cmp.quantcast.com
cmp.inmobi.com
5 memz-trojan.tr.download.it 1 redirects memz-trojan.tr.download.it
static.cloudflareinsights.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.it memz-trojan.tr.download.it
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 pagead2.googlesyndication.com memz-trojan.tr.download.it
pagead2.googlesyndication.com
2 www.googletagmanager.com memz-trojan.tr.download.it
www.googletagmanager.com
2 fonts.googleapis.com memz-trojan.tr.download.it
1 www.google.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 download.it cmp.inmobi.com
1 region1.analytics.google.com www.googletagmanager.com
1 c.statcounter.com www.statcounter.com
1 cmp.quantcast.com 1 redirects
1 static.cloudflareinsights.com memz-trojan.tr.download.it
1 www.statcounter.com memz-trojan.tr.download.it
63 18
Subject Issuer Validity Valid
download.it
Cloudflare Inc ECC CA-3		 2023-09-12 -
2024-09-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
*.google.it
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://memz-trojan.tr.download.it/
Frame ID: AB2DDA67D093234D31F952309C002A06
Requests: 61 HTTP requests in this frame

Frame: https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: AFABFA82582470F92BDEC0D0A13A9CD3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Memz Trojan - Ücretsiz İndir

Page URL History Show full URLs

  1. http://memz-trojan.tr.download.it/ HTTP 307
    https://memz-trojan.tr.download.it/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

15
IPs

3
Countries

879 kB
Transfer

2786 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://memz-trojan.tr.download.it/ HTTP 307
    https://memz-trojan.tr.download.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Request Chain 41
  • https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
memz-trojan.tr.download.it/
Redirect Chain
  • http://memz-trojan.tr.download.it/
  • https://memz-trojan.tr.download.it/
58 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1c17fe1b04eb40f228ab02d619849c972ecb0bc1545e5b6be335afffb5aab8

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
878f329f29f70e91-MXP
content-encoding
br
content-language
tr-TR
content-type
text/html;charset=UTF-8
date
Tue, 23 Apr 2024 16:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFNWc8kkFRjVaIr4OYT0rjMxXala9Tyq74YjCiYYAPaZUk7M6D%2FDOOi8oJiYz%2BzFSz5XEA5TgQXbxVdAF9yAykGUyad6lFjiDZT%2BdqBErUHuqZSUHCEyrZf5s7BBFOqRKLQJ%2Bxqd%2Bgz38oyu"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://memz-trojan.tr.download.it/
Non-Authoritative-Reason
HttpsUpgrades
35117E_0_0.woff
cdn.download.it/dit/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/fonts/35117E_0_0.woff
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1826c77619422cbfc2d6c86317f35c583411abd2f75de81a7ee8bb309cd9135

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48240
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
server
cloudflare
etag
"bc70-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kfci1HbG2BZU2nz9vG9WjCmM1Mzr6K%2BOk4xF1WaKan%2FkhN7ifxa4d5uFIr7f8Jl786JjMMebzhSI%2BIZZ4nNCvrNAqtMNlI8oIVEpcZjkJ6a5DfekW%2BRurwb1gypgYH6Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a129190d59-MXP
expires
Thu, 19 Feb 2026 13:30:33 GMT
dit-logos.woff2
cdn.download.it/fontello/font/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/fontello/font/dit-logos.woff2
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6117060a9640c268607f9f9f26889c1cba88aee1989e9cbb5f4bbb2b0b3c7dc6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Dec 2021 08:52:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dc0-5d225e95b2264"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRYGNXy2bb9aoL8cMOktvCOklyDz6SDlRmKx1rZwjleCMgdmgCcWckoyt2E%2FaXcjkQdBzEaJ7y56Csba5Kebo7LUTm3NXq3qZr0aa3vJp%2FpAy7btjK%2FsNGJCLiWrTelMpg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1291f0d59-MXP
alt-svc
h3=":443"; ma=86400
content-length
3520
expires
Mon, 15 Dec 2025 15:46:33 GMT
css
fonts.googleapis.com/ 		2 KB
893 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
57b4503e8b055d30920a67effa1d966cbea0b8cf74c01372831c372ae68ff6d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 16:11:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Apr 2024 16:23:23 GMT
css
fonts.googleapis.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
57b4503e8b055d30920a67effa1d966cbea0b8cf74c01372831c372ae68ff6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 16:11:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Apr 2024 16:23:23 GMT
jquery-3.4.1.min.js
cdn.download.it/dit/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/js/jquery-3.4.1.min.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15851-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CPX1BRJ61a9EfWZH%2BV1ItzQMgqTgyHOKsBi2CqV0hcNmgJrL9kRU%2BQz0EN83AitWCyc77%2F35K7CTQalBFiMwWuIRTHt2KOn1890%2BurFNK%2BRMYIJ4Sz6YB3oJK2K%2FLQ1Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a189b40d59-MXP
alt-svc
h3=":443"; ma=86400
expires
Sun, 27 Jul 2025 15:19:34 GMT
popper.min.js
cdn.download.it/dit/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/js/popper.min.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5309-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rl74vXGkJiSng2Uck9NuZLm5tiXLNBnGYvvPwZbe3qSNPPZXOdqVSN3S9vzb1k9EutkEtBe48IA38j0aSQWELF9p491ymcXVVQ4gfRBuyseFgUEyFjakHHGOg6f9B7wZZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a189ba0d59-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Dec 2025 05:02:48 GMT
bootstrap.min.js
cdn.download.it/dit/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/js/bootstrap.min.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ea6a-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgFsmArkRYktO5UioWaYHFozM7%2B8apFtAeF1GUvDIP51JjjmkTXRGdWm%2B2c%2BSYI3%2FZFEklqu2nqAYmeH4eG3T3p1WnRRQEi7gQveE8d%2Fo3aL7uPr8ApoukIIRgqxYDBRcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a189c00d59-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Dec 2025 05:02:48 GMT
search-header.js
cdn.download.it/dit/js/ 		416 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/js/search-header.js?v=1712821781618
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec47e6472651559ca723a66ef956e8b17527d80edc59644be04633abf4516786

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067485
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Aug 2020 13:04:58 GMT
server
cloudflare
etag
W/"1a0-5abf8c91e5280"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQFSn1vjylWXPlP3BN9bPfF0ow3Rt6sTSv1x1VD1nxln%2F%2F3YWZDawID8Bu%2Fq%2BU23oBpJtP2JtbrCGG7wDI279zyOGEfHd4o8qdO5tshzInIHRN3qnRNIiyi%2F3rAZZ%2BoBzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1ae880e42-MXP
expires
Sat, 11 Apr 2026 07:50:58 GMT
lazysizes.min.js
cdn.download.it/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/lazysizes.min.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4302002
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 17 Aug 2021 15:15:49 GMT
server
cloudflare
etag
W/"1ed1-5c9c2caf025fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKQHYF1%2BcVVIkPJPOhxczoCWZ2vhIYZK8pvFjFaCB29vJbQl0QJkmIl%2BAARICq5kWT4Q3J9zXwCyOVy30EGN%2BU8Cw6Vy7lDtSOuPkAg4i66GXXluin%2FHGWdljrg%2Bl4ipQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf0f0e42-MXP
expires
Wed, 29 Oct 2025 16:01:14 GMT
bootstrap.min.css
cdn.download.it/dit/css/ 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/css/bootstrap.min.css?v=2
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3400e3ea6c68192ead1f3ed3b73ed718742596e653370e25dcbf279dfa4e8ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 15:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1f280-5e3895eeba10a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNGwwX3k%2FQ33H3U92KP43apYE%2FVYnrATLxc4V251IiLsmu2q1FM4hwobvAqqST5Od73a9bLpRAv5sNrwCMZPDML216DoWLyKh8d%2FC1%2F2JiAPFKDQHyrVL3OLR6GdFGJ4bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a199ca0d59-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Dec 2025 05:02:48 GMT
main.css
cdn.download.it/dit/css/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/css/main.css?v=1712821781618s
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b008e409f5ed657cf5cda768693c6426305e129944aa6ff7e6347d02b0e90be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067485
cf-polished
origSize=13402
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 05 Jan 2024 16:23:29 GMT
server
cloudflare
etag
W/"345a-60e3544c37674"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7bPmWmEICtHeheT82fC4wGyxa9ckIr6%2BM8V7acntMNVSzbIN8fhnV64w5fqa4pnXcYPdgXLtjI%2B1XKiYXhkRU6Q8MmprLP8NWpnIamc6QEVMDaI3kLa6lI9IkjFHGXPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cedc0e42-MXP
expires
Sat, 11 Apr 2026 07:50:58 GMT
hover-min.css
cdn.download.it/dit/css/ 		93 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/css/hover-min.css
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e0bcee3ba93b5a2d0f5239bb2c55ebc5a648b0aab48a0d95c1cb5edccb093d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4306157
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
server
cloudflare
etag
W/"17432-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unhbqKgqnmoldAd%2FBi4BQYYvHzKSCjoK9EQZxLNh4zcRfU42vZrSOMaXK0SZu0OvShgFDeSVrHViVHhGUq5YEVlL73SP9fUYZoW7YBQfOWqk2K90O0p1MxEnPjEndV9wFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cee60e42-MXP
expires
Sat, 25 Oct 2025 15:44:19 GMT
dit-logos.css
cdn.download.it/fontello/css/ 		1 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/fontello/css/dit-logos.css?v=1712821781618
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d35615d83672e5ceb1bf88fb84a9da3a4c243148b10bea4b651f624bac3d674

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067485
cf-polished
origSize=2306
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Jul 2023 12:03:26 GMT
server
cloudflare
etag
W/"902-6018ade44a5f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lg0HNSJE3xZtEAiLOQcUZgqVgRit%2Ft6OSy245ZVme4NfHJxF2UaNRYfxgD1s%2FFbgCBfaBc2J8A0NUwiT4LG1Y4ZeZjfE014NtK5jOqmb9kCmKx%2Fp4O2hYXGyj6bjtBdr7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cee90e42-MXP
expires
Sat, 11 Apr 2026 07:50:58 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30374496-1
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9a2775e8c5360cdb18577bc1f08563f842f07abb00bb54263b61fdc35d7148fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73183
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 15:09:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Apr 2024 16:23:23 GMT
dit-supplement.js
cdn.download.it/js/ 		175 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/dit-supplement.js?v=1712821781618
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18351534209a91b2f82b9d729cd40ec03df685421e7f918abf4da735dc5237c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067485
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 11:23:20 GMT
server
cloudflare
etag
W/"af-5eec272cb4186"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmaQOVuGUrRTSDKBwNcmAoYqbfJd650PPwTLts5PTrGHMxfnwYLIL%2F7n0l4Mk%2BckSjBP6DBzVLAaC9LEHHolf7x8NbCD2Z8DsC2HbFcq3VrAXi0ugUK4aGhzM4zfMiGsHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf120e42-MXP
expires
Sat, 11 Apr 2026 07:50:59 GMT
jquery.md5.js
cdn.download.it/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/jquery.md5.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4306157
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 01 Sep 2014 14:38:01 GMT
server
cloudflare
etag
W/"f18-50201f3240440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BU%2BenF7r%2FRCLTLN3Y9zyozJ0IRjNQpWOnCFtEc8pmZAnouz9rvoFZNj%2BUsO7xoqQFG7olhPG1GdXmJlIs1Hrpj1%2Bwkl9ub6Y6bdyr3EYZSp4TY1%2BPEaVos%2BU3%2FBROstXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf180e42-MXP
expires
Mon, 27 Oct 2025 13:15:47 GMT
ouibounce.js
cdn.download.it/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/ouibounce.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332a4f3e0e1cc73b6dc796594340d2c5bdd5a6af61f559740e33aae5300c23d3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2921425
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 19 Dec 2014 13:44:54 GMT
server
cloudflare
etag
W/"6bc-50a91e9e22180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwEPC4Pl7Y34Xxr2ghdQuSr5Eu%2BBSoT9dlEECl7P1EgKLQSCGfVMqmqfdLBaD2i2SUFLmn4EIVYBgWXoDLX6HrPwEuSR83kB%2FOUKAqIK0eexiRqIm0rwnRPV43Yb%2BAOsVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf1d0e42-MXP
expires
Thu, 30 Oct 2025 02:13:49 GMT
ajget-download.js
cdn.download.it/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/ajget-download.js?t=1712821781618
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a838a8cab2b7d95c437c8ee698ecefbd5745e7c9709146d473547f5e88ddab59

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067482
cf-polished
origSize=1466
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 08:13:09 GMT
server
cloudflare
etag
W/"5ba-600be7c47fe84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bj7l2tXCoXxgH4lYdKavd9AuHnSTrEO94V8ObFGVLi1ch84AopeSd0T%2B%2BC5fyzqYQX51RISsZD8H9c5j39gSJt1kL2Aslp9VS2aveU8FoXxDexe6Sfh4A%2BkK7tFmD9b9Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1ceee0e42-MXP
expires
Sat, 11 Apr 2026 07:50:59 GMT
raty.woff
cdn.download.it/dit/raty/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/raty/fonts/raty.woff
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"704-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TkJrU1ov%2Fm2GpFViTs%2BaVzeZ%2FGsdZpgVgGLZzt%2FSx6a%2FY%2FVXZEUsW1wI3PYPvrBy2Iez5UPQcyEH9WrfVakvysS3LkKS8CpfkPoKIMCHe3O4SyezZ%2FZeCMVJBSNj6ZtGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1291c0d59-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Dec 2025 05:02:48 GMT
jquery.raty.js
cdn.download.it/dit/raty/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/raty/jquery.raty.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5112588a752ef36a064ece2242fe849bfbb90c333608d4515c4d34bbb81a60

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4302002
cf-polished
origSize=19307
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
server
cloudflare
etag
W/"4b6b-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zGLIA03L9gPh%2BZELAGDsxwB0BxPD9VH63MhaHSNiRQZCH1eaBseqJzxwNNKrJ5SbRddO32YPEC75XnAEvENt7JRQpnHh%2B%2BnYAHmtsB%2BsCNtEnbcsZ6il8rCGy3V8zHnkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cef50e42-MXP
expires
Mon, 27 Oct 2025 13:16:26 GMT
raty-bridge.js
cdn.download.it/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/js/raty-bridge.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
147bfa7f085b8fc56ba18f988db65946c89bb63a9e3ad4ac0eaf0693c345b61d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4301999
cf-polished
origSize=2064
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Aug 2020 13:36:22 GMT
server
cloudflare
etag
W/"810-5abf93969e180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJNtbd1NKFm8Yo0USBETBo1%2BhVwociznFBxaQTMSFLHafAEpEJBWHrmk23taA04HlC9L4QSDxH2%2Fk9lXuqO2%2FUPq%2FjKbB7PtbFRotjfmLcmRnpsidSyPIfe%2BqrJdhI%2BWBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cefa0e42-MXP
expires
Mon, 27 Oct 2025 13:16:24 GMT
raty-votable-main.js
cdn.download.it/dit/js/ 		451 B
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/js/raty-votable-main.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b79f935e90b63658f207544145a77b0f1eda307bcfc65980d7c9f916965c2ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4296197
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Dec 2021 09:15:43 GMT
server
cloudflare
etag
W/"1c3-5d2263c2caf8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do0pGljYjO4nBeSxEHNN%2Fn9iuHw2kYOPHQzdfNzG4E%2FHRT8viwvgeNtequDqNmNSDVNOTFSeephsWK%2F8CAyvTi7%2BdIz6ifzTnpyy5xTvoSoPGiX7AgReuDXI5B%2BNlmDjFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf000e42-MXP
expires
Mon, 27 Oct 2025 13:14:52 GMT
maglass-blue.svg
cdn.download.it/dit/images/ 		258 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/dit/images/maglass-blue.svg
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307238fd564ccf483e9503989f781d89c45525f80dec2bb3e80a9ad70fb37ba2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4312323
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
server
cloudflare
etag
W/"102-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyU0JJFaQbSyITLEdbhPhZVPbhu60Hj7Um4tFMykDvmdeQe5pVR1Ub4ojT7pEjDpxpSLhD3srAeo%2B9b4z8WDd4aqHpuG9BOneybjSfnJmNJF7Z1bmDVtCarFGgq2rIYKWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf040e42-MXP
expires
Thu, 06 Nov 2025 12:37:00 GMT
maglass-white.svg
cdn.download.it/dit/images/ 		276 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/dit/images/maglass-white.svg
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38afa88926f69f684e93ac9023338100a57b9424cedf63f7ee73b1202c98eead

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4306157
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jul 2020 16:02:49 GMT
server
cloudflare
etag
W/"114-5ab82921c9c40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h78wjsnV%2BuVd0pAW15hXckEnc4Mfd8lA8pTLTuxyorgWCdfFlVrqHBuNiUnXv%2BXujhu2g%2BwOin8hdBnh8jDYLdz2siEnB49S9yU%2F9WH9jts1v4WXT33Js5MldHXDaZDtBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1ceb20e42-MXP
expires
Wed, 29 Oct 2025 16:01:14 GMT
burger-32.png
cdn.download.it/dit/images/ 		214 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/dit/images/burger-32.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874a64c76ae3d1fb76c4e9c9b97a4e1d655fd13dc582efb01c80e59222dd542d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4312331
cf-polished
origFmt=png, origSize=499
content-disposition
inline; filename="burger-32.webp"
alt-svc
h3=":443"; ma=86400
content-length
214
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 13:45:45 GMT
server
cloudflare
etag
"1f3-601782e523257"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6PJ0D5QcclC3iUWuu77sCDw5Ku8c3w41y%2BJJPq1wssvoNrsKed5LGs291%2FbElIekHX3EM8oDmcwamr5hbIDjCfoqaIo6FfNuZjQt1HkuLdAsdfmAop4YaYZ1MYjWCytzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1cebc0e42-MXP
expires
Mon, 05 Jan 2026 02:07:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3326569891674161
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
197e74d27e5992ca15346cc8c9b59c457f40e38206c0f5c2f6028e0ba86a33e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51127
x-xss-protection
0
server
cafe
etag
5606883106607967032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Apr 2024 16:23:23 GMT
memz-trojan-100x100.png
cdn.download.it/gen/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/gen/memz-trojan-100x100.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bff134d4cc72f0a5a4a627e00e3db0700329f173100f990678e072d8e165a03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
474337
cf-polished
origFmt=png, origSize=9248
content-disposition
inline; filename="memz-trojan-100x100.webp"
alt-svc
h3=":443"; ma=86400
content-length
4712
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 23:31:54 GMT
server
cloudflare
etag
"2420-60066bccae94c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzcWlUDvU6CiQJnZUtY9s6lUezgdTM0er53okDbNAkgXaIE5D0ELHCXCYs%2BkuMNTqQqJFN%2Fga4dJpiApiy4NLPCd2tS%2FEO3LnX7FJ6UxDe49%2BZv5WU62CKEwUbLR85TbZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1ceca0e42-MXP
expires
Mon, 15 Dec 2025 02:26:28 GMT
counter.js
www.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 14:50:52 GMT
server
cloudflare
age
3820
etag
W/"6626794c-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
878f32a1da2c4be5-MXP
expires
Wed, 24 Apr 2024 03:19:43 GMT
need-for-speed-underground-100x100.png
cdn.download.it/gen/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/gen/need-for-speed-underground-100x100.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
585f0875f5dffa83184a81a28a3df13c78571429abdabc04e676bb995302798c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4306885
cf-polished
origFmt=png, origSize=22208
content-disposition
inline; filename="need-for-speed-underground-100x100.webp"
alt-svc
h3=":443"; ma=86400
content-length
17202
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 23:46:28 GMT
server
cloudflare
etag
"56c0-60066f0e4d29b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCUGvT7%2F3njOqOkEGhspWhNpKM%2FQgbZeZzwbWJmliD9ldcXo%2BNSu62zOBDz1V%2FaNZ090D8XG8ELPNTcm3hWyE4lJYC9RbgIxFhy9gQD%2Bg5wq7KvzqNfQz4JLAWH9q%2FM3WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1ced30e42-MXP
expires
Thu, 11 Dec 2025 12:13:13 GMT
java-development-kit-64-100x100.png
cdn.download.it/gen/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/gen/java-development-kit-64-100x100.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d62875c1116ad7663f2ecbdffb2aa6124775498aa633191b539ec66d7312246

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4259332
cf-polished
origFmt=png, origSize=6967
content-disposition
inline; filename="java-development-kit-64-100x100.webp"
alt-svc
h3=":443"; ma=86400
content-length
4684
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 23:11:48 GMT
server
cloudflare
etag
"1b37-6006674eb58b5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsuwUf58S7kcATY3u4ojMzTzpTgL8Y%2Bfmn%2Fw0wivyhQhNHC0A40EzVUFYBaolU%2B2hVMt2mk8IKStmYRi5cv9WN6HXFcc8buU0InhEvebLqvOVm%2B03ZsvZLlxO4r%2BX4XFwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1ced50e42-MXP
expires
Fri, 26 Dec 2025 03:28:05 GMT
java-development-kit-jdk-100x100.png
cdn.download.it/gen/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/gen/java-development-kit-jdk-100x100.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d0b2144c7db1a942fdba022683a7816bbf92e48abd469fa6d0112da2b4fad4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4305387
cf-polished
origFmt=png, origSize=7229
content-disposition
inline; filename="java-development-kit-jdk-100x100.webp"
alt-svc
h3=":443"; ma=86400
content-length
5186
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jul 2023 23:11:50 GMT
server
cloudflare
etag
"1c3d-6006675033617"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BnsWsYOzdw5%2BKbhdfCBIIyJCjrUbRpFEnB11PYUcqTfdakLk5q6Fo7wjgu4302dfRJKHlLvtEjMKAyL%2BlyojFXQjTVmGmKKkwkkqWro58WLTOvApynRgI7wVRKe82MHOZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1ce8f0e42-MXP
expires
Mon, 15 Dec 2025 07:28:33 GMT
trojan-remover-100x100.png
cdn.download.it/gen/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.download.it/gen/trojan-remover-100x100.png
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ea17a8872f5ed6577f67b3756553d415c518699ec3386b7f182c366bf64ce9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1839558
cf-polished
origFmt=png, origSize=16375
content-disposition
inline; filename="trojan-remover-100x100.webp"
alt-svc
h3=":443"; ma=86400
content-length
13184
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jul 2023 01:03:24 GMT
server
cloudflare
etag
"3ff7-60068040c148f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0ecJnBPyFnmj2OsUEbCHsWTBknoIyTK8qe0HuAY%2FvZKa6K5NgPyEgLtN3dC4aWcJ7Wo2%2BZwCWMSC1G7fc1ly66c5j6VabqT57AfLBhWd1O77TNCPyWvQqGxv5bg3DaN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=63072000
accept-ranges
bytes
cf-ray
878f32a1cea80e42-MXP
expires
Tue, 20 Jan 2026 17:19:17 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
878f32a1da070e5d-MXP
choice.js
cmp.inmobi.com/choice/NckurUNbznaCm/download.it/
Redirect Chain
  • https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1df66b05aafcd0e2b38aa9fc1aff97173ea53582cc35d38c28ee1269690d5d12

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://memz-trojan.tr.download.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 19:39:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
3
x-amz-server-side-encryption
AES256
etag
W/"464ffcbb048635062361aca539e0219a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
CuyGZw-PNGmpcCRYNkT7VkiNBp3ovR_eAza-7bLNc1lpZdepf-m1Sg==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
date
Tue, 23 Apr 2024 16:23:07 GMT
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
17
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:39:53 GMT
server
AmazonS3
etag
"05ca91ae9788ef03354671b196c01ba9"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
eBA3_e9599l3bmVSrywWWrowG7RpQBMooxrBLPV9ZtKuzUWhHDJDGw==
ouibounce.css
cdn.download.it/dit/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/css/ouibounce.css
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e08b5b325fbbd6fbcbaa1deb294125ee425297b994d722bcce1d329d60de2b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4312323
cf-polished
origSize=2615
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 18 Aug 2020 16:15:50 GMT
server
cloudflare
etag
W/"a37-5ad2933549980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPNWgdeXRVt3uU3UiM8Fh4NSOpnWV0G8iusi53zbihYKbePLXMiPEe865CcnaKlMMReMBZxJoAOYNO0c9xy2%2Bi%2BDsLN3ApGTYYU8irrcYgLBCM1245oTZd3TQzI3yDhk8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf090e42-MXP
expires
Sun, 27 Jul 2025 15:08:43 GMT
jquery.raty.css
cdn.download.it/dit/raty/ 		832 B
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/dit/raty/jquery.raty.css?v=2
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d31a13cd5e137294047a76fb9f244a98ba7df979f22c492997f7f4916dd3fc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4306157
cf-polished
origSize=995
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 13 Aug 2021 09:16:44 GMT
server
cloudflare
etag
W/"3e3-5c96d4f6495a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKqEkFz9HBeFfMo6V8zaoEeSCD%2Fpxtm5%2FY2YjNg7vSge2IbP2A34rMLgZ6HeN5hAxo1169bl8zxinpznZrz%2FwE1apm6HD98Kfc0k5UpOcFL4%2FP671StwOhAy2s%2BXQLuopg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a1cf0d0e42-MXP
expires
Sat, 25 Oct 2025 15:43:34 GMT
HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v32/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzloC_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:22:19 GMT
x-content-type-options
nosniff
age
324064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30208
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:45:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:22:19 GMT
HhyaU5sn9vOmLzlmC_W6EQ.woff2
fonts.gstatic.com/s/dosis/v32/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzlmC_W6EQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
d45de4e5b1fe6692a8e5391bc29458c9576488cd7f0e790e9aeae366ef394c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://memz-trojan.tr.download.it
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 13:02:36 GMT
x-content-type-options
nosniff
age
271247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15872
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:54:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 13:02:36 GMT
t.php
c.statcounter.com/ 		192 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11948341&u1=23AE396A893A4F28A67B92F3AA46EA6A&java=1&security=0cb53214&sc_snum=1&sess=21e3ea&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//memz-trojan.tr.download.it/&t=Memz%20Trojan%20-%20%C3%9Ccretsiz%20%C4%B0ndir&invisible=1&sc_rum_e_s=523&sc_rum_e_e=542&sc_rum_f_s=0&sc_rum_f_e=516&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://memz-trojan.tr.download.it
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
878f32a26af54be5-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30374496-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2bff38bef7b1b52ca156ac7c8582c6ec6539f630528826f1fd243a6b94463de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91399
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Apr 2024 16:23:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404170101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3326569891674161&plah=memz-trojan.tr.download.it&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3326569891674161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d827d1ce5cd62eb679b4ae0c1ba548ad3bd3bee84ae675aae0776c8d13e7a895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142956
x-xss-protection
0
server
cafe
etag
15838042799005894732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Apr 2024 16:23:23 GMT
main.js
memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame AFAB
Redirect Chain
  • https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H3
Server
172.67.75.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06743cfd66f748617dd5e931499598ae2ad4fd3498a87c4147ccea356b6f2730
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0EWiWC9B%2B781PkMrT22tQdhZBgSCe%2BIFnJU0D7tDNNCHX0MeW9DwobzrokRq0EmUSTJ8xjxyx3bzSt2YW8LBmJzJXEobsMl4fh4Jn7VC7KTlscD77NYJTyDyRYIembFAoAnpKmceD102vqvu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
878f32a2f9230e91-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 23 Apr 2024 16:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZ1ZI3Z8ho5Q1ryoDEvbulm1QrLHk11Noz3u%2FtzhS4kN95Mqd7o2BS2NRhHOH394PFBbLpuOKXOHEQrf%2BFtEO5e%2BEZQjH3cpSYtkK5EvUwlZltwRa9SRHILOOUnYQzLa8nc6idkQkoOFIsFn"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
878f32a2d8cb0e91-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
cmp2.js
cmp.inmobi.com/tcfv2/ 		164 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14500e8b64bc5036694b52c8fe9cc51116cbd00534efd56a448911618510a6a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 15:35:42 GMT
content-encoding
gzip
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
2861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 08 Apr 2024 05:55:44 GMT
server
AmazonS3
etag
W/"0c68dd584ff370af61aaded5d3f2be99"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
84mWDzfNrINfKev5sEZ5JHBRXJ1wum4CZ5mV2Ema71rltsHaEbDYYg==
collect
region1.analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XYHRS06G1C&_ng=1&gtm=45je44h0v9126950198za200&_p=1713889403118&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=2130224754.1713889403&ul=it-it&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713889403&sct=1&seg=0&dl=https%3A%2F%2Fmemz-trojan.tr.download.it%2F&dt=Memz%20Trojan%20-%20%C3%9Ccretsiz%20%C4%B0ndir&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=697
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memz-trojan.tr.download.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-XYHRS06G1C&cid=2130224754.1713889403&gtm=45je44h0v9126950198za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memz-trojan.tr.download.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-XYHRS06G1C&cid=2130224754.1713889403&gtm=45je44h0v9126950198za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1590970237
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
878f329f29f70e91
memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AFAB 		0
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/h/b/jsd/r/878f329f29f70e91
Requested by
Host: memz-trojan.tr.download.it
URL: https://memz-trojan.tr.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1HKG4x1Cz97IHvdzU6UeiTxKJPa6jx%2FctxoU6eI0DrX42nIuNYemx%2BstZXRHGSrLRKO0SrmssCP7ZwiEnRJwGXdT3%2FOnlpxq13yY9%2FMJrwM7%2B1r2LCPUlfwXg43cLtKxP3Yx3%2B%2Fs72RkRf6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
878f32a39a220e91-MXP
alt-svc
h3=":443"; ma=86400
content-length
0
consent
download.it/api/ 		2 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://download.it/api/consent
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPnHyhiyCYqsqwOZh3FhTth4Vik0cpD6IYneUa%2FrmFVecem1LzdG7Xdtzh1Hk5KJiDrn1wUu%2FHcoadoSQidtfLzRRoavGF%2BSkvomxaR6KvfgJ5LjaSo0ie12pVtX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://memz-trojan.tr.download.it
content-type
application/json;charset=ISO-8859-1
access-control-allow-credentials
true
cf-ray
878f32a3ca6d0e91-MXP
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Pragma, Upgrade-Insecure-Requests
alt-svc
h3=":443"; ma=86400
rum
memz-trojan.tr.download.it/cdn-cgi/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://memz-trojan.tr.download.it/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://memz-trojan.tr.download.it
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
878f32a45b750e91-MXP
memz-trojan-favicon_i.ico
cdn.download.it/gen/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.download.it/gen/memz-trojan-favicon_i.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e01ff0df9eaec50a4ccb9af8f185d839762df6770d48116c5240e63ff81079

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453001
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 16 Jul 2023 00:36:21 GMT
server
cloudflare
etag
W/"47e-6008fdefbd664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nnpl3mCzrn%2B1rKFIW62WdeXju6KOr%2BCRTTehhzfKeIqQ2Y0caM%2B%2BqRXtb4zUP%2FN%2BTXdPNCxqu0FheHA%2Fq15ePW6uCJL976NCdBpnSfmWEaG%2FripuipQ0usjUkxbKCoFJhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=63072000
cf-ray
878f32a45b4b0e42-MXP
expires
Thu, 11 Dec 2025 12:48:39 GMT
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd2772ab2c32a11c098ae85ba22acdb4597af34b1b33b325ed466f4e3734688

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:00:44 GMT
content-encoding
br
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
48160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Apr 2024 03:00:42 GMT
server
AmazonS3
etag
W/"9405c4e9a76571d9c55b00b877224cf0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
n-Q_JjhFTVxHwd_Obfg3sByX_8SJtJJmUcV1zPj1rOlDkHETAjAxMg==
cmp2ui-tr.js
cmp.inmobi.com/tcfv2/52/ 		296 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/52/cmp2ui-tr.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
064dd58ba1439f24fa21ace7b4612edd0ac721f7e6af1214a2bc0a290ee3db9f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 04:24:55 GMT
content-encoding
gzip
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
43130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Mon, 08 Apr 2024 05:55:41 GMT
server
AmazonS3
etag
W/"3a8c7843e0ad8d8933fba0dcc805c327"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
Ap9SCslJxEPAb_yv7IUKSXyR_GEIwxgZDOJguYWhOG9UzSbIcazJGA==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30374496-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Apr 2024 15:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2115
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Apr 2024 17:48:08 GMT
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v2/ 		360 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:59:27 GMT
content-encoding
br
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
44637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 18 Apr 2024 23:59:19 GMT
server
AmazonS3
etag
W/"e2bcee663677e0a88f6ed90c9cd0c496"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
CKDX8lFBHxz0xzweTC25-XKoOx9sa7TlFIdwF5PSjoMjcsY_qkgLrA==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aecab903463c6162ed340584e91746736c1e2ecaeaf78a5864e3e0a419e0a181

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:00:27 GMT
content-encoding
br
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
48177
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Apr 2024 03:00:25 GMT
server
AmazonS3
etag
W/"85d9d870b67b583c07d95394af52785d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
y1r02cAs2ed46lc3chUB96b3yF5aqFWy3q_Mu2yWbizz6zxRZb3XVQ==
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22NckurUNbznaCm%22%2C%22domain%22%3A%22memz-trojan.tr.download.it%22%2C%22publisher%22%3A%22Download.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.52%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22mpNzk59O4GkBZglX4azgGQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1713889403727%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-usiq796gusueq2us3m0r%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-tr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.77.60.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-60-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 23 Apr 2024 16:23:23 GMT
content-length
2
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		46 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-tr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
ae1b1fc8c6dbc198933f5d670a9c629128f7c633545dfc05f49d5ed4feac6ab6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 16:23:23 GMT
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P7
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
46
x-amz-cf-id
_rgrz8_YUCo8cAMYl3MklTihojHR6JltKuUEfh1PSuRlPqx4n4T-Dw==
purposes-tr.json
cmp.inmobi.com/GVL-v2/ 		40 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/purposes-tr.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=download.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13475e9796982d95dad76a422a6468dd987dab6e3e4b49f3469efa574aca2ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 05:54:53 GMT
content-encoding
br
via
1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
37711
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 18 Apr 2024 23:59:21 GMT
server
AmazonS3
etag
W/"d9300746f91edadb598295d4462a8309"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
ZJtY6hzoRtpMIpqmT8u0Vbp_o3EXulHhvFJBhU12Vek5V6C3H18j8g==
collect
www.google-analytics.com/j/ 		2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=322541179&t=pageview&_s=1&dl=https%3A%2F%2Fmemz-trojan.tr.download.it%2F&ul=it-it&de=UTF-8&dt=Memz%20Trojan%20-%20%C3%9Ccretsiz%20%C4%B0ndir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=958390901&gjid=329029491&cid=2130224754.1713889403&tid=UA-30374496-1&_gid=440231697.1713889404&_r=1&gtm=457e44h0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&jsscut=1&npa=1&z=1544097806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memz-trojan.tr.download.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30374496-1&cid=2130224754.1713889403&jid=958390901&gjid=329029491&_gid=440231697.1713889404&npa=1&_u=YADAAUAAAAAAACAAI~&z=1326612427
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://memz-trojan.tr.download.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30374496-1&cid=2130224754.1713889403&jid=958390901&npa=1&_u=YADAAUAAAAAAACAAI~&z=1007213505
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30374496-1&cid=2130224754.1713889403&jid=958390901&npa=1&_u=YADAAUAAAAAAACAAI~&z=1007213505
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memz-trojan.tr.download.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 16:23:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| __tcfapi function| __uspapi function| gtag object| dataLayer number| ePopupCookieExpire string| ePopupCookieDomain object| adsbygoogle number| sc_project number| sc_invisible string| sc_security number| sc_https number| sc_remove_link function| $ function| jQuery function| Popper object| bootstrap function| _statcounter object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| lazySizes function| ouibounce object| __cfBeacon object| gaGlobal object| regeneratorRuntime function| __tcfapiui function| google_sa_impl string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

15 Cookies

Domain/Path Name / Value
memz-trojan.tr.download.it/forumer Name: JSESSIONID
Value: 6DED526718EBF7B0002651DBCA770E34
.download.it/ Name: raabval
Value: a
.tr.download.it/ Name: utmsr
Value:
.tr.download.it/ Name: gclid
Value:
.tr.download.it/ Name: msclkid
Value:
.tr.download.it/ Name: tprov
Value: other
.memz-trojan.tr.download.it/ Name: sc_is_visitor_unique
Value: rx11948341.1713889403.23AE396A893A4F28A67B92F3AA46EA6A.1.1.1.1.1.1.1.1.1
.download.it/ Name: _ga_XYHRS06G1C
Value: GS1.1.1713889403.1.0.1713889403.60.0.0
.statcounter.com/ Name: is_unique
Value: sc11948341.1713889403.0
.statcounter.com/ Name: is_visitor_unique
Value: 1713889403421210221
.memz-trojan.tr.download.it/ Name: usprivacy
Value: 1Y--
.download.it/ Name: cf_clearance
Value: LMK8LGK5ciqi778dwNW2SGpTAOHn2VvbgDn_qOwEExQ-1713889403-1.0.1.1-7z.Xc8SqYFEQh6rme3nxKZG4FEIPuSrwx8gZ2oGz3JPp3o5_DDvnxNR2Cfpa5UI4wJpDdjQPW.9W.UyINYYx3A
.download.it/ Name: _ga
Value: GA1.2.2130224754.1713889403
.download.it/ Name: _gid
Value: GA1.2.440231697.1713889404
.download.it/ Name: _gat_gtag_UA_30374496_1
Value: 1

3 Console Messages

Source Level URL
Text
other warning URL: https://memz-trojan.tr.download.it/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://memz-trojan.tr.download.it/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://memz-trojan.tr.download.it/
Message:
The resource https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cmp.inmobi.com
c.statcounter.com
cdn.download.it
cmp.inmobi.com
cmp.quantcast.com
download.it
fonts.googleapis.com
fonts.gstatic.com
memz-trojan.tr.download.it
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.statcounter.com
104.16.80.73
104.20.95.138
104.26.15.127
142.250.185.130
142.250.185.170
142.250.185.196
142.250.74.206
172.217.23.99
172.67.75.124
18.245.86.24
216.239.32.36
216.58.206.35
216.58.206.72
3.160.150.40
3.77.60.206
74.125.133.154
064dd58ba1439f24fa21ace7b4612edd0ac721f7e6af1214a2bc0a290ee3db9f
06743cfd66f748617dd5e931499598ae2ad4fd3498a87c4147ccea356b6f2730
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d62875c1116ad7663f2ecbdffb2aa6124775498aa633191b539ec66d7312246
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
14500e8b64bc5036694b52c8fe9cc51116cbd00534efd56a448911618510a6a5
147bfa7f085b8fc56ba18f988db65946c89bb63a9e3ad4ac0eaf0693c345b61d
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
18351534209a91b2f82b9d729cd40ec03df685421e7f918abf4da735dc5237c7
197e74d27e5992ca15346cc8c9b59c457f40e38206c0f5c2f6028e0ba86a33e2
1df66b05aafcd0e2b38aa9fc1aff97173ea53582cc35d38c28ee1269690d5d12
2bff38bef7b1b52ca156ac7c8582c6ec6539f630528826f1fd243a6b94463de9
2e08b5b325fbbd6fbcbaa1deb294125ee425297b994d722bcce1d329d60de2b7
307238fd564ccf483e9503989f781d89c45525f80dec2bb3e80a9ad70fb37ba2
332a4f3e0e1cc73b6dc796594340d2c5bdd5a6af61f559740e33aae5300c23d3
33e01ff0df9eaec50a4ccb9af8f185d839762df6770d48116c5240e63ff81079
38afa88926f69f684e93ac9023338100a57b9424cedf63f7ee73b1202c98eead
38d0b2144c7db1a942fdba022683a7816bbf92e48abd469fa6d0112da2b4fad4
3b008e409f5ed657cf5cda768693c6426305e129944aa6ff7e6347d02b0e90be
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b4503e8b055d30920a67effa1d966cbea0b8cf74c01372831c372ae68ff6d5
585f0875f5dffa83184a81a28a3df13c78571429abdabc04e676bb995302798c
58ea17a8872f5ed6577f67b3756553d415c518699ec3386b7f182c366bf64ce9
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b79f935e90b63658f207544145a77b0f1eda307bcfc65980d7c9f916965c2ce
6117060a9640c268607f9f9f26889c1cba88aee1989e9cbb5f4bbb2b0b3c7dc6
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
73e0bcee3ba93b5a2d0f5239bb2c55ebc5a648b0aab48a0d95c1cb5edccb093d
83d31a13cd5e137294047a76fb9f244a98ba7df979f22c492997f7f4916dd3fc
874a64c76ae3d1fb76c4e9c9b97a4e1d655fd13dc582efb01c80e59222dd542d
9a2775e8c5360cdb18577bc1f08563f842f07abb00bb54263b61fdc35d7148fe
9bff134d4cc72f0a5a4a627e00e3db0700329f173100f990678e072d8e165a03
9d35615d83672e5ceb1bf88fb84a9da3a4c243148b10bea4b651f624bac3d674
a838a8cab2b7d95c437c8ee698ecefbd5745e7c9709146d473547f5e88ddab59
ae1b1fc8c6dbc198933f5d670a9c629128f7c633545dfc05f49d5ed4feac6ab6
aecab903463c6162ed340584e91746736c1e2ecaeaf78a5864e3e0a419e0a181
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
c1826c77619422cbfc2d6c86317f35c583411abd2f75de81a7ee8bb309cd9135
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5
d45de4e5b1fe6692a8e5391bc29458c9576488cd7f0e790e9aeae366ef394c80
d827d1ce5cd62eb679b4ae0c1ba548ad3bd3bee84ae675aae0776c8d13e7a895
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3400e3ea6c68192ead1f3ed3b73ed718742596e653370e25dcbf279dfa4e8ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1c17fe1b04eb40f228ab02d619849c972ecb0bc1545e5b6be335afffb5aab8
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ebd2772ab2c32a11c098ae85ba22acdb4597af34b1b33b325ed466f4e3734688
ec47e6472651559ca723a66ef956e8b17527d80edc59644be04633abf4516786
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13475e9796982d95dad76a422a6468dd987dab6e3e4b49f3469efa574aca2ee
fb5112588a752ef36a064ece2242fe849bfbb90c333608d4515c4d34bbb81a60