memz-trojan.en.softonic.com Open in urlscan Pro
35.227.231.218  Public Scan

82 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F HTTP 302
• https://8876029.fls.doubleclick.net/activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F

Request Chain 54

• https://sb.scorecardresearch.com/b?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9=

Request Chain 69

• https://c.liadm.com/i?e=pv&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&page=Memz%20Trojan%20-%20Download&refr=&aid=a-00k5&sid=6826d9b6-5bb7-41da-b001-0f1756ee9676&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&p=web&tna=liveIntentPublisherTracker&tv=pub-2.1.0& HTTP 302
• https://c.liadm.com/i?e=pv&&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https://memz-trojan.en.softonic.com/&refr=&aid=a-00k5&tna=liveIntentPublisherTracker&page=Memz+Trojan+-+Download&tv=pub-2.1.0&n3pc=true&p=web&sid=6826d9b6-5bb7-41da-b001-0f1756ee9676

Request Chain 86

• https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j72&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&gjid=1210779782&_gid=575725644.1544034207&_u=aCjAgAADQAQC~&z=1302382658 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658&slf_rd=1&random=1692913104

Request Chain 87

• https://www.google-analytics.com/r/collect?v=1&_v=j72&a=306863668&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&ul=en-us&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=App&ea=WithoutImageGallery&el=memz-trojan_d07da58b-811e-422e-bc78-46efcd5a52b9&_u=aCnAAAADQAQC~&jid=1020021673&gjid=1216554669&cid=465438770.1544034206&tid=UA-152357-1&_gid=575725644.1544034207&_r=1&gtm=2wgbc05LWWHP&cd1=%2Fprogram_page&cd4=development&cd5=development-kits&cd6=undefined&cd21=d07da58b-811e-422e-bc78-46efcd5a52b9&cd72=&cd79=Memz%20Trojan&cd89=n%2Fa&cd94=3944fa5d-944b-4396-8cc3-76fd37988481&z=75941213 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_gid=575725644.1544034207&gjid=1216554669&_v=j72&z=75941213 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213&slf_rd=1&random=4256827010

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response memz-trojan.en.softonic.com/	235 KB 57 KB	155ms 114ms	Document text/html	35.227.231.218 Google LLC
General Check archive.org Show headers Download Go to Full URL https://memz-trojan.en.softonic.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.227.231.218 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 218.231.227.35.bc.googleusercontent.com Software nginx/1.15.3 / Resource Hash e5020ed5500b9f5acc047ce0d5b2c23d87c92adf2a1c17f901fc1e5e8b4a707c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority memz-trojan.en.softonic.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 server nginx/1.15.3 date Wed, 05 Dec 2018 18:23:25 GMT content-type text/html; charset=utf-8 x-request-id cbbb9844-eee6-43f4-841a-4def978c384b vary user-agent content-language en-US x-rendered-as desktop x-detected-as desktop x-page-id app x-is-bot false x-served-by server-8569dc9d45-r689h,kube-eu-west x-version 1.1587.0 content-security-policy upgrade-insecure-requests strict-transport-security max-age=63072000; includeSubDomains; preload set-cookie glt_3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT softSession=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT _swo_pos=483; Max-Age=1296000; Expires=Thu, 20 Dec 2018 18:23:25 GMT; Domain=en.softonic.com; Path=/ cache-control no-cache content-encoding gzip via 1.1 google alt-svc clear
GET S	200	2a9b9-34879.css sc.sftcdn.net/styles/	44 KB 8 KB	51ms 7ms	Stylesheet text/css	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/styles/2a9b9-34879.css Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 404ab5c3e8b5ed5562fd23fea3f4867dfe6e16c3995415e92bc3de65e9c54f93 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1587.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "2aad585c08c0d586325bf26879a7356a4b306507" age 7706 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 7808 x-detected-as desktop x-request-id 3bf71c4a-8ad6-4884-b10a-85f87da7241a x-served-by server-8569dc9d45-4fb4s, cache-ams21031-AMS, cache-fra19138-FRA last-modified Wed, 05 Dec 2018 15:37:14 GMT x-timer S1544034206.785650,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type text/css; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 700
GET S	200	6da0f-05fbf.woff2 sc.sftcdn.net/fonts/	21 KB 21 KB	51ms 9ms	Font application/font-woff2	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/fonts/6da0f-05fbf.woff2 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 8f49f785c24f5cbbbb956ce51665ccb636129c1f3f31dd06f21b5063cd6506f0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers x-version 1.727.0 date Wed, 05 Dec 2018 18:23:25 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 15912933 x-cache MISS, HIT status 200 content-encoding gzip content-length 21264 x-detected-as mobile x-request-id 123e38d5-b5c1-44a9-823b-604cb29b5814 x-served-by server-5dbcbccb6f-rp7gh, cache-ams4141-AMS, cache-fra19137-FRA last-modified Mon, 04 Jun 2018 13:37:18 GMT x-timer S1544034206.785297,VS0,VE0 etag "cb1b320ec09d02560090126209e7e1a794c0371f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/font-woff2 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 0, 3608
GET S	200	optanon.css cdn.cookielaw.org/skins/default_flat_bottom_two_button_black/v2/css/	29 KB 7 KB	54ms 8ms	Stylesheet text/css	152.195.132.202 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/skins/default_flat_bottom_two_button_black/v2/css/optanon.css Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.195.132.202 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8F27) / Resource Hash 6d24940e4504235ee243e335762d699656d3be3106ed45c9b84a127a6fd0952a Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip content-md5 Ot4foKUaXBCpkhffBlMBNA== x-cache HIT status 200 content-length 6832 x-ms-lease-status unlocked last-modified Wed, 28 Nov 2018 22:03:02 GMT server ECAcc (frc/8F27) etag 0x8D6557D446E1F42 vary Accept-Encoding content-type text/css x-ms-request-id fa9ce533-801e-00e6-60be-89c916000000 cache-control public, max-age=2592000 x-ms-version 2009-09-19 accept-ranges bytes
GET S	200	gpt.js Show response www.googletagservices.com/tag/js/	28 KB 10 KB	40ms 38ms	Script text/javascript	2a00:1450:4001:815::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 22f77169ee271ab63a11c48ee1e05e15fa959c657322484c4da2b5189bde5875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "11 / 816 of 1000 / last-modified: 1543946494" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 9608 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:25 GMT
GET S	200	17ecc-0f078.js Show response sc.sftcdn.net/scripts/	311 KB 91 KB	39ms 9ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/17ecc-0f078.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 43bf5df0eca44cc6b9c512072cbb5d26c2a3a957acc3110735b6be1ec70a7abf Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "e2676f37bad367d878d6ca73272292152c7824cf" age 101258 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 93204 x-detected-as mobile x-request-id ecb6acac-1a65-450e-b606-a1b8717b0c45 x-served-by server-7d95fc5d65-2jw8l, cache-ams21035-AMS, cache-fra19137-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.785314,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 4741
GET S	200	memz-trojan-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/	876 B 1 KB	71ms 8ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/memz-trojan-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:25 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 256232699500255791220723424305978375543 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 17:26:57 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=31008829 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Fri, 29 Nov 2019 15:57:14 GMT
GET H/1.1	200 OK	apstag.js Show response c.amazon-adsystem.com/aax2/	64 KB 19 KB	89ms 27ms	Script application/javascript	143.204.212.210 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.212.210 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-212-210.fra53.r.cloudfront.net Software Server / Resource Hash e9ce46e8ee41d0f52c72c6e33af7b559667a79e1c77725e1a796066c92014671 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 04 Dec 2018 16:37:14 GMT Content-Encoding gzip Server Server Age 6369 ETag c54a6aa3815631c393c0f3372010e2c1 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id 2W73YCBIrf7dSK9rdxdjP2TsNsPfHMtAth69DCAcnXgVBgY7rGEMgw==
GET S	200	gtm.js Show response www.googletagmanager.com/	191 KB 46 KB	17ms 17ms	Script application/javascript	2a00:1450:4001:81f::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash d20144dafa66a76c3688c3ce9687e3ecf9ce8d436389b37634fc72aebc54f3e5 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 47240 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:25 GMT
GET S	200	css fonts.googleapis.com/	5 KB 760 B	31ms 31ms	Stylesheet text/css	2a00:1450:4001:81f::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee Security Headers Name Value Strict-Transport-Security max-age=604800 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip last-modified Wed, 05 Dec 2018 18:23:25 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Wed, 05 Dec 2018 18:23:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:25 GMT
GET S	200	aa0ee-bd194.png sc.sftcdn.net/images/	9 KB 9 KB	17ms 7ms	Image image/png	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/aa0ee-bd194.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash aebcf88ae7a7ef8d27d900b9352762913869c91be1d58ce2f989048f20f4fdb0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1500.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "353a6068106d29b3c78833c7c82fc4e319173c61" age 1836316 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 9132 x-detected-as desktop x-request-id bbf98da9-0e29-44e6-b960-51562b3ff545 x-served-by server-6d7bbc8646-m5dbj, cache-ams4124-AMS, cache-fra19138-FRA last-modified Wed, 14 Nov 2018 12:05:17 GMT x-timer S1544034206.785664,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/png access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 2, 42532
GET S	200	146e8-d2d32.svg sc.sftcdn.net/images/	2 KB 1 KB	17ms 7ms	Image image/svg+xml	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/146e8-d2d32.svg Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash f5ea1183a616da9842b7a4b6790d6bc88d7b691109456b9ee6d1536d33bb489a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1500.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "5f04ea724ad0581705b69732ff93f15611a779c6" age 1836317 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 1055 x-detected-as desktop x-request-id 8493f851-deab-49d3-ae5d-d9983201461e x-served-by server-6d7bbc8646-7tnpj, cache-ams4140-AMS, cache-fra19138-FRA last-modified Wed, 14 Nov 2018 12:05:17 GMT x-timer S1544034206.785630,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/svg+xml access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 42495
GET S	200	ce270-90bf3.svg sc.sftcdn.net/images/	3 KB 2 KB	22ms 12ms	Image image/svg+xml	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/ce270-90bf3.svg Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 9adfdbb59f8e4483de237359e7e66dcf4cf71d315661d0d5d16b1e1e3599e959 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1500.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "5b7d2f3d5f42925cc43a3f6bf93e33b4395bc92a" age 1836316 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 1354 x-detected-as desktop x-request-id a88de070-00cd-42bd-9e1b-5e50bfe3a5fc x-served-by server-6d7bbc8646-qnbg2, cache-ams4140-AMS, cache-fra19138-FRA last-modified Wed, 14 Nov 2018 12:05:17 GMT x-timer S1544034206.785702,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/svg+xml access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 3, 42380
GET S	200	d707b-5690a.svg sc.sftcdn.net/images/	1 KB 1 KB	10ms 8ms	Image image/svg+xml	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/d707b-5690a.svg Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 5e2b6da4766fa8158748726865a3a31565601c0efa154994b868d1a50e851f3f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1500.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "b87e2f17efa26a17530ea42391b52db511daa623" age 1836316 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 713 x-detected-as desktop x-request-id ea098b4a-03c3-42c1-a35f-6b1f3bee0ecd x-served-by server-6d7bbc8646-df7k5, cache-ams4148-AMS, cache-fra19138-FRA last-modified Wed, 14 Nov 2018 12:05:17 GMT x-timer S1544034206.795693,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/svg+xml access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 42498
GET S	200	6c2e9-1b71b.png sc.sftcdn.net/images/	24 KB 24 KB	7ms 6ms	Image image/png	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/6c2e9-1b71b.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash ed4cb8c030209bc484da8014d396ad8ec76b5f834c0adf0a9a0c06d3440cd7e7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1587.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "977d9bed4b898862f348526ef42aa4290f5c165c" age 7695 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 24249 x-detected-as desktop x-request-id 55e1502a-5e0b-4b21-8d6b-9f8b441cdbcb x-served-by server-8569dc9d45-mctlk, cache-ams21024-AMS, cache-fra19138-FRA last-modified Wed, 05 Dec 2018 15:37:12 GMT x-timer S1544034206.795660,VS0,VE0 date Wed, 05 Dec 2018 18:23:25 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/png access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 359
GET S	200	3051940f-fed8-41ba-897a-fc23889a150a.js Show response cdn.cookielaw.org/consent/	46 KB 12 KB	37ms 12ms	Script application/x-javascript	152.195.132.202 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/3051940f-fed8-41ba-897a-fc23889a150a.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.195.132.202 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8FDB) / Resource Hash dabc313ba4e37fd17cda0185fd3599faff5f7f6442e06a5a53f09f95af16a313 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip content-md5 ax7xnc7VT9AxDZnOFQgy2w== x-cache HIT status 200 content-length 12551 x-ms-lease-status unlocked last-modified Wed, 10 Oct 2018 10:06:28 GMT server ECAcc (frc/8FDB) etag 0x8D62E980B5C6B64 vary Accept-Encoding content-type application/x-javascript x-ms-request-id 95269e68-301e-0011-42ae-8ceffd000000 cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	am.js Show response www.anrdoezrs.net/am/7074958/include/allCj/impressions/page/	221 KB 74 KB	126ms 38ms	Script text/javascript	63.215.202.80 Conversant
General Check archive.org Show headers Download Go to Full URL https://www.anrdoezrs.net/am/7074958/include/allCj/impressions/page/am.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, 3DES_EDE_CBC Server 63.215.202.80 Amsterdam, Netherlands, ASN25751 (VALUECLICK - Conversant, Inc., US), Reverse DNS tracking-ams5.cj.com Software Resin/3.1.14 / Resource Hash 56e43179c4ca460d0629a3c5251af09a8e1cd1bf9ebb23fe11ea960f66a127ca Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:25 GMT Content-Encoding gzip Server Resin/3.1.14 Transfer-Encoding chunked Content-Type text/javascript Cache-control max-age=86400 Connection close Expires Thu, 06 Dec 2018 18:23:25 GMT
GET S	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	2a00:1450:4001:80b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=memz-trojan.en.softonic.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	22ms 21ms	Script application/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=memz-trojan.en.softonic.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	pubads_impl_276.js Show response securepubads.g.doubleclick.net/gpt/	183 KB 63 KB	75ms 40ms	Script text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software sffe / Resource Hash c293be00e574e59d67752b3a36f7b86e76d96eb826eaa4182814cb646902f365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Nov 2018 16:29:10 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 63710 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:25 GMT
GET S	200	d6532-45ec3.woff2 sc.sftcdn.net/fonts/	21 KB 21 KB	6ms 6ms	Font application/font-woff2	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/fonts/d6532-45ec3.woff2 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash b39fe2c90e86fddaa1a5e0c5de32f90ef181d0dbe6730a7a649763440d351b63 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://sc.sftcdn.net/styles/2a9b9-34879.css Origin https://memz-trojan.en.softonic.com Response headers x-version 1.723.0 date Wed, 05 Dec 2018 18:23:25 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 15932284 x-cache HIT, HIT status 200 content-encoding gzip content-length 21412 x-detected-as desktop x-request-id 15049c76-7539-40a7-af94-b452d7f1737a x-served-by server-958f986c6-22xg8, cache-ams4120-AMS, cache-fra19137-FRA last-modified Fri, 01 Jun 2018 13:41:58 GMT x-timer S1544034206.867577,VS0,VE0 etag "884af3253bcfef0f642193f6f3c9161edeaca6ba" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/font-woff2 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 4508, 3488
GET S	200	61467-43374.woff2 sc.sftcdn.net/fonts/	21 KB 21 KB	6ms 6ms	Font application/font-woff2	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/fonts/61467-43374.woff2 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash a9d519fc5cd448a8ca42b786d99129fd4796f5c72a1dbd03efc0d6e270c32a1c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://sc.sftcdn.net/styles/2a9b9-34879.css Origin https://memz-trojan.en.softonic.com Response headers x-version 1.723.0 date Wed, 05 Dec 2018 18:23:25 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 15932287 x-cache HIT, HIT status 200 content-encoding gzip content-length 21360 x-detected-as mobile x-request-id 26a8071f-e866-45f0-bbbe-fbf4e7b3da00 x-served-by server-958f986c6-6t5kz, cache-ams4134-AMS, cache-fra19137-FRA last-modified Fri, 01 Jun 2018 13:41:58 GMT x-timer S1544034206.868996,VS0,VE0 etag "c4ccc08ccbad0f9cae9e64f0a0c479c0937d458d" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/font-woff2 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 4688, 3430
GET S	200	5b009-fb4d3.woff2 sc.sftcdn.net/fonts/	21 KB 21 KB	7ms 7ms	Font application/font-woff2	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/fonts/5b009-fb4d3.woff2 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash b1c21123e38ddd50081d30fea749900c29e1d3d9ac0f44c1aa923ee8eb7e7e51 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://sc.sftcdn.net/styles/2a9b9-34879.css Origin https://memz-trojan.en.softonic.com Response headers x-version 1.723.0 date Wed, 05 Dec 2018 18:23:25 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 15932280 x-cache HIT, HIT status 200 content-encoding gzip content-length 21408 x-detected-as desktop x-request-id 1eedebd9-70f5-403e-9ac1-9b8c23511eb9 x-served-by server-958f986c6-gzztt, cache-ams4138-AMS, cache-fra19137-FRA last-modified Fri, 01 Jun 2018 13:41:58 GMT x-timer S1544034206.871003,VS0,VE0 etag "87eb244620b8d2777b548927ea01bbc25972ce73" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/font-woff2 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 4384, 3508
GET H/1.1	200 OK	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	150ms 112ms	XHR application/javascript	143.204.212.210 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.212.210 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-212-210.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers Date Wed, 05 Dec 2018 18:23:27 GMT Content-Encoding gzip Last-Modified Fri, 24 Aug 2018 07:13:51 GMT Server AmazonS3 Vary Accept-Encoding,Origin Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 3000 Cache-Control public, max-age=86400 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive X-Amz-Cf-Id C8jKZcNAOG5ZJSl8fX0U09c-QvNFytqXM6Mo3d4GT5waUU9HvImuQw== Via 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
GET H2	200	download.js Show response en.softonic.com/widget/memz-trojan/windows/ Frame 7E48	7 KB 7 KB	576ms 555ms	Script application/javascript	35.227.231.218 Google LLC
General Check archive.org Show headers Download Go to Full URL https://en.softonic.com/widget/memz-trojan/windows/download.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.227.231.218 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 218.231.227.35.bc.googleusercontent.com Software nginx/1.15.3 / Resource Hash 084e5f17240a419b80943e39deb9538a23507fb6f3336e9bce3c4af76f1e35c4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /widget/memz-trojan/windows/download.js pragma no-cache cookie _swo_pos=483 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority en.softonic.com referer https://memz-trojan.en.softonic.com/ :scheme https :method GET Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1587.0 date Wed, 05 Dec 2018 18:23:26 GMT via 1.1 google status 200 alt-svc clear content-length 7128 x-detected-as desktop x-request-id 02abeac6-563a-45fa-8559-a123fba05579 x-served-by server-8569dc9d45-9wvrt,kube-eu-west server nginx/1.15.3 x-rendered-as desktop strict-transport-security max-age=63072000; includeSubDomains; preload content-language en-US cache-control no-cache x-is-bot false content-security-policy upgrade-insecure-requests set-cookie glt_3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT softSession=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT accept-ranges bytes content-type application/javascript; charset=utf-8 x-page-id widget
GET H2	200	opinion.js Show response en.softonic.com/widget/memz-trojan/windows/ Frame 40E5	5 KB 6 KB	287ms 268ms	Script application/javascript	35.227.231.218 Google LLC
General Check archive.org Show headers Download Go to Full URL https://en.softonic.com/widget/memz-trojan/windows/opinion.js Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.227.231.218 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 218.231.227.35.bc.googleusercontent.com Software nginx/1.15.3 / Resource Hash 7d9af820e8f55a902f06f16d0106a731fa97d380ae0a194de587031bf9097843 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /widget/memz-trojan/windows/opinion.js pragma no-cache cookie _swo_pos=483 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority en.softonic.com referer https://memz-trojan.en.softonic.com/ :scheme https :method GET Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1587.0 date Wed, 05 Dec 2018 18:23:26 GMT via 1.1 google status 200 alt-svc clear content-length 5626 x-detected-as desktop x-request-id d4e82575-bacb-477a-ac6f-8052c4a90fbf x-served-by server-8569dc9d45-lrvjz,kube-eu-west server nginx/1.15.3 x-rendered-as desktop strict-transport-security max-age=63072000; includeSubDomains; preload content-language en-US cache-control no-cache x-is-bot false content-security-policy upgrade-insecure-requests set-cookie glt_3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT softSession=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT accept-ranges bytes content-type application/javascript; charset=utf-8 x-page-id widget
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	24 B 974 B	136ms 95ms	XHR application/json	2.18.234.21 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=249693&v=7.2&r=%7B%22id%22%3A%221845033412ee3a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222fcf457ab2e4bf%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22249693%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%22325e5c0adbc8d4%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22249693%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2241276c613a0d8b%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22249693%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%22570862af802307%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22249693%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmemz-trojan.en.softonic.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BOYUOwsOYUOwsAcABBENAZ-AAAAFuAEAAUACAAGgAWw%22%7D%7D%7D&ac=j&sd=1& Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6862254c063aa367cc4b93b66df5b210d896cdd548af47d4c4832bc63a5cd10c Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 44 Expires Wed, 05 Dec 2018 18:23:26 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	21 B 727 B	61ms 14ms	XHR application/json	185.33.223.208 AppNexus
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.208 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS Software nginx/1.13.4 / Resource Hash aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:28 GMT X-Proxy-Origin 148.251.45.254; 148.251.45.254; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.237:80 AN-X-Request-Uuid 6d1a03a8-ec3a-498a-ad6c-3625d5c5bf56 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 21 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	204 No Content	cdb Show response bidder.criteo.com/	0 201 B	97ms 21ms	XHR text/plain	178.250.2.89 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=11&wv=1.25.0&cb=5642071642 Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 178.250.2.89 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Date Wed, 05 Dec 2018 18:23:25 GMT Access-Control-Allow-Credentials true Server Finatra Vary Origin
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	592 B 5 KB	156ms 54ms	XHR application/json	213.19.162.31 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10496&site_id=44166&zone_id=191534%3B191534%3B193298%3B193298&size_id=2%3B15%3B15%3B2&alt_size_ids=55%2C57%3B10%3B10%3B55%2C57&p_pos=unknown&gdpr=1&gdpr_consent=BOYUOwsOYUOwsAcABBENAZ-AAAAFuAEAAUACAAGgAWw&rf=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&tk_flint=pbjs_lite_v1.25.0&x_source.tid=ec9909b6-d2df-4656-a181-96e6b292b339%3Bc517047f-ebba-4be2-b69a-c0cac9e46827%3B50225845-1866-48e9-9d58-5c10316c87a4%3B3ad5e625-f9c8-4b9f-8d37-bc8b82252f94&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=4&rand=0.3238491860633028 Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash 314a935cd746cf94360a4ac7eec052a427437a659d2993f5e70613462a1bc794 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection Keep-Alive Content-Type application/json Keep-Alive timeout=0, max=8 Content-Length 592 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	bid Show response aax.amazon-adsystem.com/e/dtb/	47 B 356 B	163ms 63ms	XHR text/javascript	52.94.218.7 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&pid=1901383473631544034205917&cb=2129479562261544034206072&ws=1600x1200&v=7.20.00&t=2000&slots=%5B%7B%22sd%22%3A%22top-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Second%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_first%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdpre=1&gdprc=BOYUOwsOYUOwsAcABBENAZ-AAAAFuAEAAUACAAGgAWw&gdprl=%7B%22status%22%3A%22success%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Server / Resource Hash f1cf7bc4d1755015d7b58fcf6bf5796c7d22a4b1717aef5d483b90fe586008ff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Server Server Vary User-Agent Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin * Content-Length 47
GET S	200	ads.min.js Show response sc.sftcdn.net/statics/	0 521 B	6ms 6ms	Fetch application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/statics/ads.min.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers x-version 1.1469.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish etag "da39a3ee5e6b4b0d3255bfef95601890afd80709" age 2824 x-cache HIT, HIT, HIT, HIT status 200 content-length 0 x-request-id 5372b60c-ae9b-4baf-87ec-ceaeec8dd4a2 x-served-by server-5f45d958c4-w9h4p, cache-ams4134-AMS, cache-fra19130-FRA, cache-ams21048-AMS, cache-fra19137-FRA last-modified Tue, 23 Oct 2018 08:03:39 GMT x-timer S1544034206.075474,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, must-revalidate accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 1, 1, 427
GET S	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 05 Nov 2018 21:10:09 GMT server Golfe2 age 3980 date Wed, 05 Dec 2018 17:17:06 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 17404 expires Wed, 05 Dec 2018 19:17:06 GMT
GET S	200	chunk1-601cd.js Show response sc.sftcdn.net/scripts/	41 KB 7 KB	8ms 8ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk1-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 15986a843aefaf33b94bb65ed482d8f14d8aaa5181f0cb77bcba89ea6ec5ceee Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "9567b5b728bd5487b7a0d95e4608504c35481cef" age 101247 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 6864 x-detected-as mobile x-request-id defa96ae-3fa6-40ce-a944-695d4895a224 x-served-by server-7d95fc5d65-v426n, cache-ams21047-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.089589,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 8153
GET S	200	chunk4-601cd.js Show response sc.sftcdn.net/scripts/	18 KB 6 KB	6ms 6ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk4-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash ac6c7e693c6d03ed55c4f780a8d217869f7ee0dcafc7eaae9f88cd758e3f4ae1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "295520f4d380c2c275e048dff77d6389f92e9821" age 101215 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 5809 x-detected-as desktop x-request-id f379d4bc-03de-4b41-b082-72b788853837 x-served-by server-7d95fc5d65-x4kgw, cache-ams21033-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.089618,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 2, 6294
GET S	200	chunk18-601cd.js Show response sc.sftcdn.net/scripts/	14 KB 4 KB	7ms 7ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk18-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 10c6a9495bdf75d8d0271c87d807863a0502d86d49ae554a30fb55025cac692d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "acd47abc0b59428d4f733caac386b98a65003dbe" age 101257 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 4139 x-detected-as desktop x-request-id 290f5feb-5c74-46c4-b43d-99ec702121c1 x-served-by server-7d95fc5d65-x4mmt, cache-ams21025-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.089619,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 6228
GET S	200	chunk2-601cd.js Show response sc.sftcdn.net/scripts/	19 KB 5 KB	8ms 7ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk2-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 68c7456e5bb687bafe2aeb725a0a97070b1c837ff5fbd26474677dd09b78409f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "5fa6428f32ab0acf27590d3fdc1eeb021a00ce5b" age 101257 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 5304 x-detected-as desktop x-request-id 42a96a41-c264-460d-a4e5-e383c6e9cb41 x-served-by server-newrelic-pro-b9d8b7bcb-sw48q, cache-ams21020-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.090341,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 4714
GET S	200	chunk5-601cd.js Show response sc.sftcdn.net/scripts/	18 KB 5 KB	8ms 7ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk5-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 3b7adc5b8ed021e15ef2c0f861924045e18c40e4dc672ed4fc6a063ebb19dae2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "d72742f482d346bdc45172da9b063fdf97e98e61" age 101257 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 4818 x-detected-as desktop x-request-id a1340cd1-ef47-4fc8-b70d-0d6cf1ec53ed x-served-by server-7d95fc5d65-svg5z, cache-ams21041-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.090758,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 5482
GET S	200	chunk26-601cd.js Show response sc.sftcdn.net/scripts/	16 KB 6 KB	8ms 8ms	Script application/javascript	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://sc.sftcdn.net/scripts/chunk26-601cd.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash ff75370d481a9b80204ba1409a6b3cfee989db3c064196b93a74181439a80c8d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.1576.0 content-security-policy upgrade-insecure-requests via 1.1 google, 1.1 varnish, 1.1 varnish etag "eaa4e6394de9ef2d74672bb1a13a30250c29b635" age 101237 x-cache HIT, HIT status 200 strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip content-length 5599 x-detected-as desktop x-request-id 1f61b4b6-1ee7-4d48-94ea-800f2f98d5e5 x-served-by server-7d95fc5d65-2n4tr, cache-ams21027-AMS, cache-fra19138-FRA last-modified Tue, 04 Dec 2018 12:26:48 GMT x-timer S1544034206.091238,VS0,VE0 date Wed, 05 Dec 2018 18:23:26 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type application/javascript; charset=utf-8 access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 1, 4711
GET S	200	api.min.js Show response a.optnmstr.com/app/js/	173 KB 49 KB	71ms 12ms	Script application/javascript	23.111.11.83 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://a.optnmstr.com/app/js/api.min.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.83 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 42d81ae70afa99cd9e45ba3b2e83a2152651f6af42ff3a43b866751a6121e542 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip last-modified Tue, 04 Dec 2018 21:10:56 GMT server NetDNA-cache/2.2 x-amz-request-id 90EE0417339245B7 etag W/"abc4693106822a53e14868d390b63461" x-cache HIT content-type application/javascript status 200 cache-control max-age=2592000 x-amz-id-2 6gQN4HFCIHxwzxQwBEQmAe/gxUdqd1Dx0X8xp3bpNfYLTFXerDu8d8BD0R3vTJS57ThKY4LAUkk= expires Fri, 04 Jan 2019 18:23:26 GMT
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	46ms 10ms	Script application/javascript	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/consent/3051940f-fed8-41ba-897a-fc23889a150a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Content-Encoding gzip Last-Modified Sat, 20 Jan 2018 17:26:44 GMT Server nginx ETag W/"5a637bd4-1538f" Vary Accept-Encoding X-HW 1544034206.dop037.fr8.shc,1544034206.dop037.fr8.t,1544034206.cds057.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30288
GET S	200	optanon.css cdn.cookielaw.org/skins/3.6.26/default_flat_bottom_two_button_black/v2/css/	22 KB 5 KB	7ms 6ms	Stylesheet text/css	152.195.132.202 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/skins/3.6.26/default_flat_bottom_two_button_black/v2/css/optanon.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/consent/3051940f-fed8-41ba-897a-fc23889a150a.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 152.195.132.202 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8FA0) / Resource Hash 6bfa4509d494551b243bc60aac2f69de39300be3f3aab74cb93f940b3d5c362f Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip content-md5 mv7ssg830JS5NGP8WIocyg== x-cache HIT status 200 content-length 5316 x-ms-lease-status unlocked last-modified Wed, 28 Nov 2018 22:02:45 GMT server ECAcc (frc/8FA0) etag 0x8D6557D3A45CBAA vary Accept-Encoding content-type text/css x-ms-request-id 140054fd-d01e-001b-5ddb-8af674000000 cache-control public, max-age=2592000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	28ms 27ms	Script application/x-javascript	2.18.162.235 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.162.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-162-235.deploy.static.akamaitechnologies.com Software / Resource Hash d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 901 Expires Thu, 06 Dec 2018 18:23:26 GMT
GET S	200	vglnk.js Show response cdn.viglink.com/api/	81 KB 28 KB	53ms 13ms	Script text/javascript	2606:4700::6810:a10d Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.viglink.com/api/vglnk.js Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0d6ef22477d5d3556565037762cb4ddfeead0db4f41624889239157236e4d731 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id 207769A754224AA9 status 200 content-length 28414 x-amz-id-2 F7AGcskSHKFODBQdFYhzJS5u0Hrou3XcLHEw5MPIxm45RUIkUEM1xfzo51NSr4B/9dOCzSh7Dxc= last-modified Tue, 04 Dec 2018 20:02:46 GMT server cloudflare etag "e2abf64ba35e2c61911fcd4134a2ccfe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=1800 accept-ranges bytes cf-ray 48488b3d3af09750-FRA expires Wed, 05 Dec 2018 18:53:26 GMT
GET H/1.1	200 OK	gigya.js Show response cdns.gigya.com/JS/	216 KB 75 KB	46ms 6ms	Script text/javascript	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/chunk4-601cd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash 9e99881e54df705a802b41279fc74814f585d318b8756d134450edc8d5b3f577 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Content-Encoding gzip Content-Type text/javascript; charset=utf-8 X-Soa true, Gator Vary Accept-Encoding P3P CP="IDC COR PSA DEV ADM OUR IND ONL" Access-Control-Allow-Origin * X-CallID 85146fd7ad2f4fcaa3411fdd70b6ea8f Cache-Control private, max-age=900 X-Server us1d-nomad-g6 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 76595 Expires Wed, 05 Dec 2018 18:38:26 GMT
POST S	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 252 B	15ms 14ms	XHR application/json	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip x-content-type-options nosniff alt-svc quic=":443"; ma=2592000; v="44,43,39,35" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://memz-trojan.en.softonic.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 1; mode=block
OPTIONS H/1.1	200 OK	pageImpression Show response www.anrdoezrs.net/	0 343 B	87ms 12ms	XHR text/plain	63.215.202.80 Conversant
General Check archive.org Show headers Download Go to Full URL https://www.anrdoezrs.net/pageImpression Requested by Host: www.anrdoezrs.net URL: https://www.anrdoezrs.net/am/7074958/include/allCj/impressions/page/am.js Protocol HTTP/1.1 Security TLS 1.2, RSA, 3DES_EDE_CBC Server 63.215.202.80 Amsterdam, Netherlands, ASN25751 (VALUECLICK - Conversant, Inc., US), Reverse DNS tracking-ams5.cj.com Software Resin/3.1.14 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Wed, 05 Dec 2018 18:23:25 GMT Server Resin/3.1.14 Access-Control-Allow-Methods POST Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Access-Control-Allow-Credentials true Connection close Access-Control-Allow-Headers content-type Content-Length 0
GET S	200	ads Show response securepubads.g.doubleclick.net/gampad/	45 KB 10 KB	379ms 378ms	XHR text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3873943213616859&correlator=3120538443101098&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060638%2C21062842%2C21062576%2C21062819&vrg=276&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=5302%2CDesktop%2CDesktop-Web-EN%2CApps%2CProgrampage%2CATF_Notificationbar%2CATF_leaderboard_first%2CATF_MPU_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=320x50%2C970x250%7C970x90%7C728x90%2C300x600%7C300x250&fluid=height%2C0%2C0&prev_scp=type%3Dnotificationbar%26pos%3Dtop%26oldBrowser%3Dno%26locale%3Den-US%26devicePlatformId%3Dmac%26ad_group%3Dad_opt%26ad_h%3D18%26adBlock%3Dfalse%7Ctype%3Dtop_leaderboard%26pos%3Dtop%26ad_group%3Dad_opt%26ad_h%3D18%26adBlock%3Dfalse%26amznbid%3D2%26amznp%3D2%7Ctype%3Dtop_medium_rectangle%26pos%3Dtop%26ad_group%3Dad_opt%26ad_h%3D18%26adBlock%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=devel%3D0%26compliant%3D1%26author%3DGitHub%26file%3Dd07da58b-811e-422e-bc78-46efcd5a52b9%26pos%3Dintegrated%26country%3DDE%26recat%3Ddevelopment%252Cdevelopment-kits%26platformId%3Dwindows%26license%3Dfree%26addedOn%3D1710%26updatedOn%3D1710%26userRatingAverage%3D8%26languages%3Den-GB%26personalized%3D0%26dfp_user%3D3944fa5d-944b-4396-8cc3-76fd37988481%26gaid%3D%26content%3Dmid&cookie_enabled=1&bc=15&abxe=1&lmt=1544034206&dt=1544034206363&dlt=1544034205738&idt=361&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C308%2C1109&adys=15%2C54%2C322&adks=1907182323%2C2433553200%2C1427433336&ucis=1%7C2%7C3&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&dssz=53&icsg=2323644416&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x15%7C970x250%7C300x600&msz=1585x15%7C970x250%7C300x600&ga_vid=465438770.1544034206&ga_sid=1544034206&ga_hid=306863668&fws=0%2C0%2C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash 6d977f7381e40023df29cabbca44a76458ff4b922d946761c8b3a4a101d6544a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 10272 x-xss-protection 1; mode=block google-lineitem-id 4803449478,4878911009,4878911009 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138244637222,138252758313,138252758310 content-type text/javascript; charset=UTF-8 access-control-allow-origin https://memz-trojan.en.softonic.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	pubads_impl_rendering_276.js Show response securepubads.g.doubleclick.net/gpt/	62 KB 24 KB	54ms 54ms	Script text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software sffe / Resource Hash 3037d1c04fc78db31cdd1db8ad74bdfcaccee38380540216aa157945c0d7b932 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Nov 2018 16:29:10 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 24072 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:26 GMT
GET S	200	container.html tpc.googlesyndication.com/safeframe/1-0-31/html/	0 0	6ms 6ms	Other text/html	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Purpose prefetch Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers
GET S	200	ads Show response securepubads.g.doubleclick.net/gampad/	871 B 930 B	59ms 58ms	XHR text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3873943213616859&correlator=3568277676979001&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21060638%2C21062842%2C21062576%2C21062819&vrg=276&npa=1&guci=1.2.0.0.2.1.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=5302%2CDesktop%2CDesktop-Web-EN%2CApps%2CProgrampage%2CATF_OOP_Interstitial%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6&prev_iu_szs=1x1%2C1x1&ists=3&prev_scp=type%3Dinterstitial%26ad_group%3Dad_opt%26ad_h%3D18%26adBlock%3Dfalse%7Ctype%3Dwallpaper_background%26pos%3Dtop%26ad_group%3Dad_opt%26ad_h%3D18%26adBlock%3Dfalse&eri=1&cust_params=devel%3D0%26compliant%3D1%26author%3DGitHub%26file%3Dd07da58b-811e-422e-bc78-46efcd5a52b9%26pos%3Dintegrated%26country%3DDE%26recat%3Ddevelopment%252Cdevelopment-kits%26platformId%3Dwindows%26license%3Dfree%26addedOn%3D1710%26updatedOn%3D1710%26userRatingAverage%3D8%26languages%3Den-GB%26personalized%3D0%26dfp_user%3D3944fa5d-944b-4396-8cc3-76fd37988481%26gaid%3D%26content%3Dmid&cookie_enabled=1&bc=15&abxe=1&lmt=1544034206&dt=1544034206423&dlt=1544034205738&idt=361&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0&adys=3956%2C3971&adks=3695214188%2C3286106680&ucis=7%7C8&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&dssz=54&icsg=8798416666624&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x15%7C1585x3972&msz=1585x15%7C1585x15&ga_vid=465438770.1544034206&ga_sid=1544034206&ga_hid=306863668&fws=0%2C0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash 226d2efa39a3c0d6016fa6b875d1fb6616aba9359dd4615d3c6ef4c8414024c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 400 x-xss-protection 1; mode=block google-lineitem-id -2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2 content-type text/javascript; charset=UTF-8 access-control-allow-origin https://memz-trojan.en.softonic.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	a-00k5.min.js Show response b-code.liadm.com/	23 KB 8 KB	64ms 8ms	Script application/javascript	2a02:26f0:6c00:190::63cc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://b-code.liadm.com/a-00k5.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:190::63cc , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash e940edd7b1a30adf7bb7ac2574c47d7a56a1945683166186a47886155d409364 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip last-modified Mon, 03 Sep 2018 12:41:31 GMT etag "1705c505c05dfc2ce41cef4db41a44f0" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=1682 accept-ranges bytes content-length 8098
POST S	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 373 B	68ms 22ms	XHR application/json	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip x-content-type-options nosniff alt-svc quic=":443"; ma=2592000; v="44,43,39,35" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://memz-trojan.en.softonic.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 1; mode=block
POST H/1.1	200 OK	pageImpression Show response www.anrdoezrs.net/	2 B 351 B	305ms 230ms	XHR application/json	63.215.202.80 Conversant
General Check archive.org Show headers Download Go to Full URL https://www.anrdoezrs.net/pageImpression Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, 3DES_EDE_CBC Server 63.215.202.80 Amsterdam, Netherlands, ASN25751 (VALUECLICK - Conversant, Inc., US), Reverse DNS tracking-ams5.cj.com Software Resin/3.1.14 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/json Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Server Resin/3.1.14 Access-Control-Allow-Methods POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Access-Control-Allow-Credentials true Connection close Access-Control-Allow-Headers content-type Content-Length 2
GET H2	200	activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmem... 8876029.fls.doubleclick.net/ Frame 51D0 Redirect Chain https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fm... https://8876029.fls.doubleclick.net/activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=M...	0 0	56ms 55ms	Document text/html	172.217.23.166 Google LLC
General Check archive.org Show headers Download Go to Full URL https://8876029.fls.doubleclick.net/activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.217.23.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f166.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority 8876029.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://memz-trojan.en.softonic.com/ accept-encoding gzip, deflate cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Wed, 05 Dec 2018 18:23:26 GMT expires Wed, 05 Dec 2018 18:23:26 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 360 x-xss-protection 1; mode=block set-cookie IDE=AHWqTUkmzw-ENrzNno3dcUamh3KPdZ9KCC9tWLafcGlA2_Zvpm-9q5RnOjsHw-Ki; expires=Fri, 04-Dec-2020 18:23:26 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT alt-svc quic=":443"; ma=2592000; v="44,43,39,35" Redirect headers status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Wed, 05 Dec 2018 18:23:26 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://8876029.fls.doubleclick.net/activityi;dc_pre=CJqKmtOnid8CFQkL4AodZFgC0w;src=8876029;type=invmedia;cat=progr0;ord=1738041348930;gtm=2wgbc0;auiddc=650544400.1544034206;u2=%2Fprogram_page;u3=Memz%20Trojan;~oref=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 1; mode=block set-cookie test_cookie=CheckForPermission; expires=Wed, 05-Dec-2018 18:38:26 GMT; path=/; domain=.doubleclick.net alt-svc quic=":443"; ma=2592000; v="44,43,39,35"
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9= https://sb.scorecardresearch.com/b2?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9=	0 248 B	24ms 24ms	Image text/plain	2.18.162.235 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9= Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.162.235 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-162-235.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=15548145&cs_ucfr=1&ns__t=1544034206479&ns_c=UTF-8&cv=3.1&c8=Memz%20Trojan%20-%20Download&c7=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&c9= Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET S	200	memz-trojan-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/ Frame 40E5	876 B 0	71ms 8ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/memz-trojan-logo.png Requested by Host: en.softonic.com URL: https://en.softonic.com/widget/memz-trojan/windows/opinion.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Response headers date Wed, 05 Dec 2018 18:23:25 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 256232699500255791220723424305978375543 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 17:26:57 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=31008829 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Fri, 29 Nov 2019 15:57:14 GMT
GET H/1.1	200 OK	publishertag.prebid.js Show response static.criteo.net/js/ld/	35 KB 12 KB	46ms 13ms	Script text/javascript	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash f8a3399e4886015e3fa0fe1be7adda872ea163f264618713c4d117737dd58a85 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:26 GMT Content-Encoding gzip Last-Modified Wed, 19 Sep 2007 08:50:25 GMT Server nginx ETag W/"5bd8782b-8dfc" Transfer-Encoding chunked Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, public Connection keep-alive Timing-Allow-Origin * Expires Thu, 06 Dec 2018 18:23:26 GMT
GET S	200	pixel.gif cdn.viglink.com/images/	43 B 102 B	17ms 17ms	Image image/gif	2606:4700::6810:a10d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.viglink.com/images/pixel.gif?ch=1&rn=4.193209647253613 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT cf-cache-status HIT last-modified Tue, 10 Feb 2015 03:29:39 GMT server cloudflare x-amz-request-id 2A5C08D9588AD552 etag "221d8352905f2c38b3cb2bd191d630b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=15, must-revalidate accept-ranges bytes cf-ray 48488b3ecc269750-FRA content-length 43 x-amz-id-2 WrcnQ5sqPLb/ePeP4HDLtc8vng+4lBk+3G6+VQrM5DcjG8cPa8IMTxJ1Y19ea6L8XqmVQUVcGeI=
GET S	200	pixel.gif cdn.viglink.com/images/	43 B 261 B	14ms 13ms	Image image/gif	2606:4700::6810:a10d Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.viglink.com/images/pixel.gif?ch=2&rn=4.193209647253613 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT cf-cache-status HIT last-modified Tue, 10 Feb 2015 03:29:39 GMT server cloudflare x-amz-request-id 2A5C08D9588AD552 etag "221d8352905f2c38b3cb2bd191d630b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=15, must-revalidate accept-ranges bytes cf-ray 48488b3ecc279750-FRA content-length 43 x-amz-id-2 WrcnQ5sqPLb/ePeP4HDLtc8vng+4lBk+3G6+VQrM5DcjG8cPa8IMTxJ1Y19ea6L8XqmVQUVcGeI=
GET S	200	590082 Show response api.optmnstr.com/v1/optin/9844/	2 B 301 B	324ms 98ms	XHR application/json	50.17.52.222 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.optmnstr.com/v1/optin/9844/590082 Requested by Host: a.optnmstr.com URL: https://a.optnmstr.com/app/js/api.min.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.17.52.222 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-50-17-52-222.compute-1.amazonaws.com Software Pagely Gateway/1.5.1 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com Response headers x-optinmonster-campaign vdgkwytmd3kgzmizdjqo x-user-agent standard x-cache-config 0 0 server Pagely Gateway/1.5.1 status 200 date Wed, 05 Dec 2018 18:23:26 GMT x-cache-status HIT vary Accept-Encoding, User-Agent content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-OptinMonster-Campaign access-control-allow-headers X-CSRF-Token content-length 2
GET S	200	js Show response www.google-analytics.com/gtm/	54 KB 21 KB	21ms 20ms	Script application/javascript	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-W7FSC8T&cid=465438770.1544034206 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash aa77b864bf2dcb55679d5623983f7b71f2c60f209fa110d2ceb630e29cf88d5a Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 21597 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:26 GMT
GET S	200	trojan-remover-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/c64c2b98-96d2-11e6-a6b7-00163ed833e7/2408035941/	2 KB 2 KB	20ms 20ms	Image image/jpeg	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/c64c2b98-96d2-11e6-a6b7-00163ed833e7/2408035941/trojan-remover-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 67f7e0e16f48607483a3377d831855bb12fb90ccd6f729bb8efb9e4deb24aee5 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-length 1683 surrogate-key 224661686358277872298364447163337152608 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Thu, 26 Apr 2018 13:29:17 GMT server cloudinary etag "b19d1b3beae64bfc08c9610d8ea08335" vary DPR content-type image/jpeg access-control-allow-origin * cache-control public, private, max-age=30862001 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Wed, 27 Nov 2019 23:10:07 GMT
GET S	200	trojan-killer-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/5cacfefe-96d9-11e6-a7df-00163ed833e7/3090515942/	874 B 1 KB	21ms 21ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/5cacfefe-96d9-11e6-a7df-00163ed833e7/3090515942/trojan-killer-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1a085d0cfd10e5b5dc3a66f0936d86f7202e9e06bbf065083428efba5f0d75e3 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="3090515942.webp" content-length 874 surrogate-key 262762247901488143098680934526242970349 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Thu, 26 Apr 2018 12:33:34 GMT server cloudinary etag "5fc1813f10a32f7f220390285fc22e97" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=30854652 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Wed, 27 Nov 2019 21:07:38 GMT
GET S	200	java-development-kit-jdk-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/1385060a-96d3-11e6-9bb5-00163ed833e7/2171486799/	4 KB 4 KB	20ms 20ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/1385060a-96d3-11e6-9bb5-00163ed833e7/2171486799/java-development-kit-jdk-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash b5c932f4b6cf4cb81812062457527e52753b1761439eb9ec1cf9130046c6a6e1 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2171486799.webp" content-length 3736 surrogate-key 225537798038125250629164056160669724809 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Thu, 26 Apr 2018 12:16:28 GMT server cloudinary etag "29fdf58090560455a063d05ba4e63118" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=29162200 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Fri, 08 Nov 2019 07:00:06 GMT
GET S	200	java-development-kit-64-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/4dd9406e-96d3-11e6-aa77-00163ec9f5fa/2117812770/	4 KB 4 KB	21ms 20ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/4dd9406e-96d3-11e6-aa77-00163ec9f5fa/2117812770/java-development-kit-64-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash b5c932f4b6cf4cb81812062457527e52753b1761439eb9ec1cf9130046c6a6e1 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2117812770.webp" content-length 3736 surrogate-key 221584535429430616213956335313842412355 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Thu, 26 Apr 2018 12:29:52 GMT server cloudinary etag "29fdf58090560455a063d05ba4e63118" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=29123622 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Thu, 07 Nov 2019 20:17:08 GMT
GET S	200	scptoolkit-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/efef0773-a1fe-4969-a9d3-1b3d676b44c3/2028187188/	876 B 1 KB	23ms 22ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/efef0773-a1fe-4969-a9d3-1b3d676b44c3/2028187188/scptoolkit-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 498679087192702668951020047149190765328 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 15:59:21 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=29727127 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Thu, 14 Nov 2019 19:55:33 GMT
GET S	200	path-of-building-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/	876 B 1 KB	28ms 27ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/31e24716-8dd4-4de2-bd4a-8f888bc42d01/2028187188/path-of-building-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 398312064173476886901258070294800075315 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 16:23:05 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=29194182 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Fri, 08 Nov 2019 15:53:08 GMT
GET S	200	low-orbit-ion-cannon-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/de0fb7a5-7127-430b-808c-202f6645b9a8/2028187188/	876 B 1 KB	40ms 39ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/de0fb7a5-7127-430b-808c-202f6645b9a8/2028187188/low-orbit-ion-cannon-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 177958024004984467823841499193492396318 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 16:11:46 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=31552041 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Thu, 05 Dec 2019 22:50:47 GMT
GET S	200	tor-browser-download-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/3890d9ca-e6a3-4a94-b57e-4d43ce5eefe5/2028187188/	876 B 1 KB	30ms 29ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/3890d9ca-e6a3-4a94-b57e-4d43ce5eefe5/2028187188/tor-browser-download-logo.png Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:26 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 443619094525097258506004245161173122195 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 16:42:52 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=30088385 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Tue, 19 Nov 2019 00:16:31 GMT
GET S	200	i c.liadm.com/ Redirect Chain https://c.liadm.com/i?e=pv&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&page=Memz%20Trojan%20-%20Download&refr=&aid=a-00k5&sid=6826d9b6-5bb7-41da-b001-0... https://c.liadm.com/i?e=pv&&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https://memz-trojan.en.softonic.com/&refr=&aid=a-00k5&tna=liveIntentPublis...	43 B 332 B	99ms 98ms	Image image/gif	34.204.138.94 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://c.liadm.com/i?e=pv&&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https://memz-trojan.en.softonic.com/&refr=&aid=a-00k5&tna=liveIntentPublisherTracker&page=Memz+Trojan+-+Download&tv=pub-2.1.0&n3pc=true&p=web&sid=6826d9b6-5bb7-41da-b001-0f1756ee9676 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.204.138.94 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-204-138-94.compute-1.amazonaws.com Software akka-http/10.0.9 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:23:27 GMT server akka-http/10.0.9 status 200 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-origin * access-control-allow-credentials true content-type image/gif content-length 43 Redirect headers date Wed, 05 Dec 2018 18:23:26 GMT server akka-http/10.0.9 status 302 location https://c.liadm.com/i?e=pv&&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&eid=ba71e454-73bf-41be-80a2-f91910116b80&url=https://memz-trojan.en.softonic.com/&refr=&aid=a-00k5&tna=liveIntentPublisherTracker&page=Memz+Trojan+-+Download&tv=pub-2.1.0&n3pc=true&p=web&sid=6826d9b6-5bb7-41da-b001-0f1756ee9676 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-origin * access-control-allow-credentials true content-length 0
GET H/1.1	200 OK	Api.aspx cdns.eu1.gigya.com/gs/webSdk/ Frame D95C	0 0	65ms 7ms	Document text/html	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://cdns.eu1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&version=latest Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Host cdns.eu1.gigya.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Content-Length 27455 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Access-Control-Allow-Origin * P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-Soa true, Gator X-Server us1d-nomad-g11 X-CallID 61276d6a7ed343c8a6f3cf0a1ef387eb X-Gigya-HA-cfg-ver 5 X-Robots-Tag none Cache-Control private, max-age=86400 Date Wed, 05 Dec 2018 18:23:26 GMT Connection keep-alive
GET S	200	memz-trojan-logo.png images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/ Frame 7E48	876 B 0	71ms 8ms	Image image/webp	2a02:26f0:6c00:180::49f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images.sftcdn.net/images/t_app-logo-l,f_auto,dpr_auto/p/d07da58b-811e-422e-bc78-46efcd5a52b9/2028187188/memz-trojan-logo.png Requested by Host: en.softonic.com URL: https://en.softonic.com/widget/memz-trojan/windows/download.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:180::49f , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software cloudinary / Resource Hash 1b8a5b0623925bbde675de568ca8b3adc9a7b17f6d3f9643e46c24c5db55c523 Request headers Response headers date Wed, 05 Dec 2018 18:23:25 GMT status 200 content-disposition inline; filename="2028187188.webp" content-length 876 surrogate-key 256232699500255791220723424305978375543 273926659459008727040368337182985941803 d2ee023d7ab9cfdb7419378b955332b7 last-modified Wed, 24 Oct 2018 17:26:57 GMT server cloudinary etag "bc417d7d6582c802a3099cad4f975ed5" vary DPR content-type image/webp access-control-allow-origin * cache-control public, private, max-age=31008829 content-dpr 1 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With expires Fri, 29 Nov 2019 15:57:14 GMT
GET S	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/011811091519050/	19 KB 8 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 9a25c86a17b9608113ce87e156ffe2637e87ac72ec352807708ad11b92bc63c1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1814100 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 7680 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 18:28:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7870f8f5bb5e1dfb" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 18:28:26 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 590B	0 0	8ms 7ms	Document text/html	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-31/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://memz-trojan.en.softonic.com/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 1737 date Wed, 14 Nov 2018 20:34:04 GMT expires Thu, 14 Nov 2019 20:34:04 GMT last-modified Thu, 01 Nov 2018 14:23:58 GMT x-content-type-options nosniff server sffe x-xss-protection 1; mode=block cache-control public, immutable, max-age=31536000 age 1806562 alt-svc quic=":443"; ma=2592000; v="44,43,39,35"
GET S	200	osd.js Show response pagead2.googlesyndication.com/pagead/	72 KB 26 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash efe748833adef923a733ffb19e158bba4079c6b6406a22f68dcbff39ba113895 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 05 Dec 2018 18:10:57 GMT content-encoding gzip x-content-type-options nosniff age 749 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 26729 x-xss-protection 1; mode=block server cafe etag 17768588699998725842 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Wed, 05 Dec 2018 19:10:57 GMT
GET S	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/011811091519050/ Frame 93D1	266 KB 85 KB	11ms 3ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash cde45bf39d2c742ada11e643e17633f131b30692be952fed8ba8656fcb2a8f5e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1806249 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 86483 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 20:39:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aab7bd24599cd6a4" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 20:39:17 GMT
GET S	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/011811091519050/v0/ Frame 93D1	127 KB 40 KB	21ms 13ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 3a199617a5ff071b94b8b41c86337766b1aabee24b3e17784fb463e493b361f1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1806321 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 40871 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 20:38:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "817479b66f4f95f8" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 20:38:05 GMT
GET DATA	200 OK	truncated / Frame 93D1	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a0d3a6a23bf16652942d80aedb20c7236bb84bf1c9e5e39ea440aeb0e3f5136 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET S	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/011811091519050/ Frame 6901	266 KB 85 KB	34ms 26ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash cde45bf39d2c742ada11e643e17633f131b30692be952fed8ba8656fcb2a8f5e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1806249 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 86483 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 20:39:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aab7bd24599cd6a4" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 20:39:17 GMT
GET S	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/011811091519050/v0/ Frame 6901	127 KB 40 KB	29ms 21ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_276.js?21062842 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 3a199617a5ff071b94b8b41c86337766b1aabee24b3e17784fb463e493b361f1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1806321 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 40871 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 20:38:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "817479b66f4f95f8" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 20:38:05 GMT
GET DATA	200 OK	truncated / Frame 6901	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0dcd9f62888e974f572161c30f81bb3b8a356dce1093a5fbd0b62ba1379ffeca Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET S	200	18069436827291023364 tpc.googlesyndication.com/simgad/ Frame 93D1	72 KB 72 KB	16ms 9ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/18069436827291023364 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 30e7838742f45b2c6e6cc87bc039a14e4fb89e58737dfaec62837ddee85f55ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 04 Dec 2018 18:02:15 GMT x-content-type-options nosniff age 87671 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 73639 x-xss-protection 1; mode=block last-modified Thu, 08 Nov 2018 08:36:53 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Dec 2019 18:02:15 GMT
GET S	200	view securepubads.g.doubleclick.net/pcs/ Frame 93D1	0 135 B	30ms 23ms	Image image/gif	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu88e-il0IL1psfiUQ4dikxlqkBoASX5ZcIABH_pMx03571S67xYXIyx-UVTsnyCtuwGyYfOSRWPuQ42a5f6nvMTuxaRDowTqQQ7ycE_0iuwsZEo_3-jnCcIYb8qUobHrvxwC7zW2IhhkB3WHCo43RwywDnqWuTMPV22GNGvudXeB_-9v2jfnDDTTvhXqrzLkuFcrgU90LDb8SJsJ6PsEujtdF7XkpkmegEpgD5Ei9hdOB251fIKRnto09vNDo6xue9ROPLH3z5ZOZG16q_4cSzfbLD-mI2_z7jDpbGLkLRndC_BfqY3IeZmxXfq8DFe-Bx19ANLG44knRvyWS4---D3UvznEGIPya1FQ&sai=AMfl-YTgOdrO6nOtj9EMgOVrJdwHF-Rfx-vFMF7tRhT0Xz97006rvGyFqp1x-93llxpxh2R_volF2Y9uXYdv3mIEgrK7KGBVtJxHj-E48bJA&sig=Cg0ArKJSzGX60L__UuYXEAE&adurl= Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Wed, 05 Dec 2018 18:23:26 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:26 GMT
GET S	200	17180328179407074045 tpc.googlesyndication.com/simgad/ Frame 6901	53 KB 53 KB	18ms 12ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17180328179407074045 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 185bd39f27e675c9d1cc3e7f3974d208f4b60d929ea0fbdc31c5923a8b5eba0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 27 Nov 2018 16:18:20 GMT x-content-type-options nosniff age 698706 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 54215 x-xss-protection 1; mode=block last-modified Thu, 08 Nov 2018 08:36:48 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Nov 2019 16:18:20 GMT
GET S	200	view securepubads.g.doubleclick.net/pcs/ Frame 6901	0 119 B	30ms 24ms	Image image/gif	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJwqOGYUL_lBt5F6_aYvAnK1KYdoYedSD8oiPZs4BC20Gs9nTBV7O32w2EydxzbtaA8yoOhrBIBrWqoUI8B349LO3Tx2iEU-WJqeldIt1a2V6Z5nJ_bh19EA0IX4BCIuEIImExIgTKnsLPQaCfX8yR2TF1tuYGk9c0trKXvOmT4y3hi4e4M9lH2FPNAbagfjm-1fpEuWEg2Q4EMuS9oxxGt7uGHSiq-mlyfmZwg6ey3yAytMcyLwwG1Ezhro7vMDKPuZEcUJuI7T6HEP7Vye0_L4Enp5QlMPy7jtYtESowTL1Lmj-2zBR7dXrWXtu7oVRZ5k_-IWnuM40vu7VQLSJwpu4&sai=AMfl-YQjl0n1dQuXKdRjkbACWK7uTmTDue2QJV6zKQITNn1COm-or1pA1yUooDG-l0hl9X0lmkXy6IO28R_OC8C21bUIisO7F5PyqVFfiAXS&sig=Cg0ArKJSzG3sJ4N4ThvKEAE&adurl= Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Wed, 05 Dec 2018 18:23:26 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Wed, 05 Dec 2018 18:23:26 GMT
GET S	200	collect www.google-analytics.com/	35 B 109 B	6ms 6ms	Image image/gif	2a00:1450:4001:81f::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j72&a=306863668&t=pageview&_s=1&dl=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&ul=en-us&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgAADQAQC~&jid=1781244685&gjid=1210779782&cid=465438770.1544034206&tid=UA-152357-1&_gid=575725644.1544034207&gtm=2wgbc05LWWHP&cd1=%2Fprogram_page&cd4=development&cd5=development-kits&cd6=undefined&cd8=&cd9=preview&cd12=0&cd14=free&cd15=26&cd16=10&cd17=2017&cd18=yes&cd19=8.170731707317072&cd21=d07da58b-811e-422e-bc78-46efcd5a52b9&cd43=no&cd52=%2Fprogram_page&cd72=&cd79=Memz%20Trojan&cd82=yes&cd85=26&cd86=10&cd87=2017&cd89=n%2Fa&cd94=3944fa5d-944b-4396-8cc3-76fd37988481&cd110=&cd111=content-selection&cd112=null&z=967304569 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Tue, 27 Nov 2018 19:07:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 688568 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET S	200	ga-audiences www.google.de/ads/ Redirect Chain https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j72&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&gjid=1210779782&_gid=575725644.1544034207&_u=aCjAgAADQAQC~&z=1302382658 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658&slf_rd=1&random=1692913104	42 B 109 B	19ms 19ms	Image image/gif	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658&slf_rd=1&random=1692913104 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 05 Dec 2018 18:23:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 05 Dec 2018 18:23:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1781244685&_v=j72&z=1302382658&slf_rd=1&random=1692913104 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j72&a=306863668&t=event&ni=1&_s=1&dl=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&ul=en-us&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=16... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_gid=575725644.1544034207&gjid=1216554669&_v=j72&z=75941213 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213&slf_rd=1&random=4256827010	42 B 109 B	17ms 17ms	Image image/gif	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213&slf_rd=1&random=4256827010 Requested by Host: memz-trojan.en.softonic.com URL: https://memz-trojan.en.softonic.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 05 Dec 2018 18:23:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 05 Dec 2018 18:23:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-152357-1&cid=465438770.1544034206&jid=1020021673&_v=j72&z=75941213&slf_rd=1&random=4256827010 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	ping Show response api.viglink.com/api/	287 B 981 B	147ms 40ms	XHR text/javascript	34.255.224.65 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/ping Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-255-224-65.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 7ccd790f7302eff66023203b07c2b0e246bb0585b12dce01c744e5d28abe96ca Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 287 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	Cookie set accounts.webSdkBootstrap Show response login.softonic.com/	203 B 1 KB	253ms 118ms	Script text/javascript	34.240.167.2 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://login.softonic.com/accounts.webSdkBootstrap?apiKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&pageURL=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&format=jsonp&callback=gigya.callback&context=R2779748383 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.167.2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-240-167-2.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 975f9d1c4487475ca7e778af861070820aa7e7e5ecebe5fd5aa3e92a5ca3b59c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host login.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://memz-trojan.en.softonic.com/ Cookie persistent.fpmUserId=3944fa5d-944b-4396-8cc3-76fd37988481; session.fpmSessionId=d5f8e27f-92a7-47e9-9b51-055ff0f2ea2a; persistent.softonic_mobile.page_views.counter=1; session.softonic_mobile.page_views.counter=1; OptanonConsent=landingPath=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&datestamp=Wed+Dec+05+2018+18%3A23%3A26+GMT%2B0000+(Coordinated+Universal+Time)&version=3.6.26; _gcl_au=1.1.650544400.1544034206; AMP_TOKEN=%24NOT_FOUND; __gads=ID=7b39bf0f92f865df:T=1544034206:S=ALNI_MY68LmNQf_VVtUwzDL-Wb5YeYuLGQ Connection keep-alive Cache-Control no-cache Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Version 1 Date Wed, 05 Dec 2018 18:23:27 GMT Content-Encoding gzip P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC COR PSA DEV ADM OUR IND ONL" Connection keep-alive Content-Length 179 Server nginx Vary Accept-Encoding Content-Type text/javascript; charset=utf-8; authoritative=true; X-LegacyProxy true Cache-Control private X-Server eu1b-web704 Set-Cookie hasGmid=ver2; domain=.login.softonic.com; expires=Wed, 05-Jun-2019 17:23:27 GMT; path=/; secure gmid=uXkf9ennq/AjpAwiT1wD5hiOKAfmU+0I6u2cLp+WH5o=; domain=.login.softonic.com; expires=Thu, 05-Dec-2019 18:23:27 GMT; path=/; secure; HttpOnly ucid=yIilpcTFZYWz0KYJytziUw==; domain=.login.softonic.com; expires=Thu, 05-Dec-2019 18:23:27 GMT; path=/ X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Expires Wed, 05 Dec 2018 18:22:27 GMT
GET H/1.1	200 OK	Cookie set a-00k5 i.liadm.com/s/c/ Frame DFD3	0 0	414ms 103ms	Document text/html	54.152.5.187 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://i.liadm.com/s/c/a-00k5?s=&cim=&ps=true&ls=false&duid=a-00k5--adef24aa-e561-48d8-b05d-4dfae1abbdea&domainSessionId=6826d9b6-5bb7-41da-b001-0f1756ee9676&ppid=0&euns=0&ci=0&version=sc-2.2.0&nosync=false& Requested by Host: b-code.liadm.com URL: https://b-code.liadm.com/a-00k5.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.152.5.187 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-152-5-187.compute-1.amazonaws.com Software / Resource Hash Request headers Host i.liadm.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Cookie lidid=a0a98864-eda7-4b21-9006-ccaec92c2c86 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Cache-Control private, no-cache, max-age=0 Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 05 Dec 2018 18:23:27 GMT ETag 1.61803398874 Set-Cookie _li_ss=MgUIBhC8CDIFCAkQvAgyBQgKELwIMgUICxC8CDIFCA0QrggyBQh5ELsIMgUIehC7CA; Max-Age=2592000; Expires=Fri, 04 Jan 2019 18:23:27 GMT; Path=/s Vary Accept-Encoding Content-Length 677 Connection keep-alive
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	76 B 535 B	32ms 32ms	XHR text/javascript	34.255.224.65 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-255-224-65.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 0f50bf74007852a660f9128827849d714ed82d97509ffe3e6386f45f4e1652b4 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:26 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 76 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	sso.htm cdns.eu1.gigya.com/gs/ Frame 77B0	0 0	8ms 7ms	Document text/html	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_L9tKcr_U0jIkc8uIG9sVMK2HdTEAm99_yglWxy6o8DQ-SiSJuUuURkAhPM9wt69w&ssoSegment=&version=latest&build=2142 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Host cdns.eu1.gigya.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Content-Length 22461 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Access-Control-Allow-Origin * P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-Soa true, Gator X-Server us1d-nomad-g7 X-CallID 28228b4deb094bfaa99d3d85dff3d2ef X-Gigya-HA-cfg-ver 5 X-Robots-Tag none Cache-Control private, max-age=86400 Date Wed, 05 Dec 2018 18:23:27 GMT Connection keep-alive
GET H/1.1	200 OK	sso.htm cdns.eu1.gigya.com/gs/ Frame DDD8	0 0	8ms 8ms	Document text/html	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://cdns.eu1.gigya.com/gs/sso.htm?APIKey=3_L9tKcr_U0jIkc8uIG9sVMK2HdTEAm99_yglWxy6o8DQ-SiSJuUuURkAhPM9wt69w&ssoSegment=&version=latest&build=2142 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Host cdns.eu1.gigya.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Content-Length 22461 Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Access-Control-Allow-Origin * P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-Soa true, Gator X-Server us1d-nomad-g7 X-CallID 28228b4deb094bfaa99d3d85dff3d2ef X-Gigya-HA-cfg-ver 5 X-Robots-Tag none Cache-Control private, max-age=86400 Date Wed, 05 Dec 2018 18:23:27 GMT Connection keep-alive
POST S	200	r Show response amp-error-reporting.appspot.com/ Frame 93D1	2 B 155 B	126ms 113ms	XHR text/plain	2a00:1450:4001:825::2014 Google LLC
General Check archive.org Show headers Download Go to Full URL https://amp-error-reporting.appspot.com/r Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 05 Dec 2018 18:23:28 GMT via 1.1 google x-powered-by Express status 200 content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 2
GET S	200	activeview pagead2.googlesyndication.com/pcs/ Frame 93D1	42 B 122 B	28ms 27ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwKhu2-Zeaz2QQZIFJtDXm7wuam6Z-mp85U3TQBDC9r9oFRsNfi2UzHy9sfIdfcbHASeYI83C7e5j6oNr-wmJX0BmGgWFTHMvm438&sig=Cg0ArKJSzF2AXnanKQioEAE&id=ampim&o=308,84&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=89&tls=1091&g=100&h=100&pt=124&tt=1092&rpt=124&rst=1544034206346&r=v&adk=2433553200&avms=ampa Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 05 Dec 2018 18:23:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	activeview pagead2.googlesyndication.com/pcs/ Frame 6901	42 B 122 B	29ms 28ms	Image image/gif	2a00:1450:4001:816::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhZonxK_CN_dcOuLOtMwRsHcXPEtgXYi5RckeSv6wrW-EyRv6j5sr-P5_3dQCxzfrYBVaQcFOWaANjw1XYwL4u60k2xlHuazNbZGc&sig=Cg0ArKJSzCJTDvNw0sYNEAE&id=ampim&o=1109,367&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=53&tls=1060&g=100&h=100&pt=121&tt=1060&rpt=121&rst=1544034206350&r=v&adk=1427433336&avms=ampa Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 05 Dec 2018 18:23:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	r Show response amp-error-reporting.appspot.com/ Frame 6901	2 B 64 B	113ms 113ms	XHR text/plain	2a00:1450:4001:825::2014 Google LLC
General Check archive.org Show headers Download Go to Full URL https://amp-error-reporting.appspot.com/r Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 05 Dec 2018 18:23:28 GMT via 1.1 google x-powered-by Express status 200 content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 2
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	42 B 735 B	32ms 32ms	XHR text/javascript	34.255.224.65 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-255-224-65.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 84c4ec821abe9e7e0d612a26121e6cffde27b4fd914a110bcfb6f07c999dfff3 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:27 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame B437	0 0	89ms 26ms	Document text/html	151.101.121.108 Fastly
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Wed, 05 Dec 2018 18:23:31 GMT Age 10485697 Connection keep-alive X-Served-By cache-jfk8146-JFK, cache-cdg20720-CDG X-Cache HIT, HIT X-Cache-Hits 4857776, 9472384 X-Timer S1544034211.406037,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame CE8C	0 0	45ms 8ms	Document text/html	104.111.230.142 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BOYUOwsOYUOwsAcABBENAZ-AAAAFuAEAAUACAAGgAWw Requested by Host: sc.sftcdn.net URL: https://sc.sftcdn.net/scripts/17ecc-0f078.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://memz-trojan.en.softonic.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://memz-trojan.en.softonic.com/ Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Wed, 05 Dec 2018 16:53:52 GMT Content-Encoding gzip Content-Length 7381 Content-Type text/html; charset=UTF-8 Cache-Control max-age=82454 Expires Thu, 06 Dec 2018 17:17:45 GMT Date Wed, 05 Dec 2018 18:23:31 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	gscounters.sendReport Show response login.softonic.com/	171 B 540 B	37ms 37ms	Script application/ecmascript	34.240.167.2 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://login.softonic.com/gscounters.sendReport?reports=%5B%7B%22name%22%3A%22loadc%22%2C%22time%22%3A%221544034206775%22%2C%22reportData%22%3A%7B%22sref%22%3A%22%22%7D%7D%5D&APIKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&sdk=js_latest&pageURL=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&format=jsonp&callback=gigya.callback&context=R3745037505 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.167.2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-240-167-2.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 5a5f9b1e01da0db9bf7b86926a8029e495a1d95c7e918ae67c9f6775ab34443f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host login.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://memz-trojan.en.softonic.com/ Cookie hasGmid=ver2; gmid=uXkf9ennq/AjpAwiT1wD5hiOKAfmU+0I6u2cLp+WH5o=; ucid=yIilpcTFZYWz0KYJytziUw==; gig_hasGmid=login; OptanonConsent=groups=2%3A1%2C4%3A1%2C1%3A1&datestamp=Wed+Dec+05+2018+18%3A23%3A28+GMT%2B0000+(Coordinated+Universal+Time)&version=3.6.26 Connection keep-alive Cache-Control no-cache Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:31 GMT Content-Type application/ecmascript; charset=utf-8 Server nginx P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-LegacyProxy true Cache-Control no-cache X-Server eu1b-web704 X-Version 1 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 171 Expires -1
GET H/1.1	200 OK	gigya.services.plugins.base.min.js Show response cdns.gigya.com/js/	284 KB 83 KB	8ms 8ms	Script text/javascript	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://cdns.gigya.com/js/gigya.services.plugins.base.min.js?services=gigya.services.accounts.plugins.screenSet&lang=en&version=latest Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash 6762dadc300c3e124a099c672418fb96fc39591144e49334cb9efd9d1e3595da Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:32 GMT Content-Encoding gzip Content-Type text/javascript; charset=utf-8 X-Soa true, Gator Vary Accept-Encoding P3P CP="IDC COR PSA DEV ADM OUR IND ONL" Access-Control-Allow-Origin * X-CallID 3358dddbebdf46a5a11ddb7056bd39af Cache-Control private, max-age=900 X-Server us1d-nomad-g11 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 84445 Expires Wed, 05 Dec 2018 18:38:32 GMT
GET H/1.1	200 OK	accounts.getScreenSets Show response login.softonic.com/	68 KB 18 KB	71ms 71ms	Script text/javascript	34.240.167.2 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://login.softonic.com/accounts.getScreenSets?screenSetIDs=Noodle-LiteRegistration&include=html%2Ccss%2Cjavascript%2Ctranslations%2C&lang=en&APIKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&format=jsonp&callback=gigya.callback&context=R3453458197 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.167.2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-240-167-2.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 31376b8d60cf98ebfeaa5faa9466d51f70f496f0621a8a636e69ffa314c6c943 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host login.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://memz-trojan.en.softonic.com/ Cookie hasGmid=ver2; gmid=uXkf9ennq/AjpAwiT1wD5hiOKAfmU+0I6u2cLp+WH5o=; ucid=yIilpcTFZYWz0KYJytziUw==; gig_hasGmid=login; OptanonConsent=groups=2%3A1%2C4%3A1%2C1%3A1&datestamp=Wed+Dec+05+2018+18%3A23%3A28+GMT%2B0000+(Coordinated+Universal+Time)&version=3.6.26 Connection keep-alive Cache-Control no-cache Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:32 GMT Content-Encoding gzip Content-Type text/javascript; charset=utf-8 Server nginx X-Soa true, Gator Vary Accept-Encoding P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-CallID c90d4e5a01354d68a5f99b4064cd85e3 Cache-Control private X-Server eu1a-nomad-g07 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 18386
GET H/1.1	200 OK	bigLoader.gif cdns1.gigya.com/gs/i//accounts/	3 KB 3 KB	44ms 5ms	Image image/gif	2.18.234.36 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://cdns1.gigya.com/gs/i//accounts/bigLoader.gif Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.36 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-36.deploy.static.akamaitechnologies.com Software / Resource Hash 45a4c07e164d3d803b62494a3d2ded0555eee1c6fb4940de3f98fa9c4fb08c7e Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Version 1 Date Wed, 05 Dec 2018 18:23:32 GMT Content-Type image/gif Last-Modified Thu, 16 Aug 2018 13:57:13 GMT P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-LegacyProxy true Cache-Control max-age=86400 X-Server us1d-web520 Connection keep-alive Accept-Ranges bytes X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 3208
GET H/1.1	200 OK	accounts.getSchema Show response login.softonic.com/	10 KB 2 KB	54ms 53ms	Script text/javascript	34.240.167.2 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://login.softonic.com/accounts.getSchema?APIKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&source=showScreenSet&sdk=js_latest&pageURL=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&format=jsonp&callback=gigya.callback&context=R3269425278 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.167.2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-240-167-2.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 9a0c044dc29b44ea59ed5b6a8097bb3b218352a6b719adf3bce7d7b60bd60326 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host login.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://memz-trojan.en.softonic.com/ Cookie hasGmid=ver2; gmid=uXkf9ennq/AjpAwiT1wD5hiOKAfmU+0I6u2cLp+WH5o=; ucid=yIilpcTFZYWz0KYJytziUw==; gig_hasGmid=login; OptanonConsent=groups=2%3A1%2C4%3A1%2C1%3A1&datestamp=Wed+Dec+05+2018+18%3A23%3A28+GMT%2B0000+(Coordinated+Universal+Time)&version=3.6.26 Connection keep-alive Cache-Control no-cache Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 05 Dec 2018 18:23:32 GMT Content-Encoding gzip Content-Type text/javascript; charset=utf-8 Server nginx X-Soa true, Gator Vary Accept-Encoding P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-CallID deb07b28b96345b2aa6016a7a8cac0d6 Cache-Control private X-Server eu1a-nomad-g02 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 1583
GET DATA	200 OK	truncated /	343 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33bd07594a35b1fe9bfd084a672f88c508acf66d71d6b2ab43408c63aa1d317a Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated /	119 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c3d969db3e49baf6aaddd0fd4085a1d083d12b8400a802f8927734d686f29ec5 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET S	200	b6d3c-be66b.png sc.sftcdn.net/images/	3 KB 3 KB	6ms 6ms	Image image/png	151.101.2.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sc.sftcdn.net/images/b6d3c-be66b.png Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 7a2a36b109ce7c47f2b013ecfbc4da3152fcb837bc9fbcdf291e5b3c5c2a4bdc Request headers Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-version 1.727.0 date Wed, 05 Dec 2018 18:23:32 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 15912942 x-cache MISS, HIT status 200 content-encoding gzip content-length 3053 x-detected-as mobile x-request-id d0761de8-86d3-476f-8ec2-b4f45231bcfe x-served-by server-5dbcbccb6f-flwc5, cache-ams4134-AMS, cache-fra19138-FRA last-modified Mon, 04 Jun 2018 13:37:18 GMT x-timer S1544034213.543877,VS0,VE0 etag "601fece93ee4ddb2e152ec4ffa99b824d3ada47e" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-language es-ES access-control-allow-origin * cache-control max-age=31557600, must-revalidate x-is-bot false accept-ranges bytes content-type image/png access-control-allow-headers Origin, X-Requested-With, Accept, Content-Type, If-None-Match x-cache-hits 0, 61691
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	42 B 501 B	35ms 35ms	XHR text/javascript	34.255.224.65 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.viglink.com/api/domains Requested by Host: cdn.viglink.com URL: https://cdn.viglink.com/api/vglnk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-255-224-65.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 3514e38f5cd45e521b6b6753878f10bbd0a19550487fe4e8713ced337223f756 Request headers Referer https://memz-trojan.en.softonic.com/ Origin https://memz-trojan.en.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:31 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin https://memz-trojan.en.softonic.com Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	gscounters.sendReport Show response login.softonic.com/	170 B 539 B	38ms 37ms	Script application/ecmascript	34.240.167.2 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://login.softonic.com/gscounters.sendReport?reports=%5B%7B%22name%22%3A%22load%22%2C%22time%22%3A%221544034212354%22%2C%22source%22%3A%22showScreenSet%22%2C%22reportData%22%3A%7B%7D%7D%5D&APIKey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&sdk=js_latest&pageURL=https%3A%2F%2Fmemz-trojan.en.softonic.com%2F&format=jsonp&callback=gigya.callback&context=R309820460 Requested by Host: cdns.gigya.com URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_Snkrf0bu_hMVnQj3RNLIYsEbjTRtHHToxPzmTRxO0COCQTXewDpSz526HF8J3hCm&lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.167.2 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-240-167-2.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash ce8c377e5f2c9ec2aaedd6f89c79feb4d143b263c606ecda0d70a77254f68a98 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host login.softonic.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://memz-trojan.en.softonic.com/ Connection keep-alive Cache-Control no-cache Referer https://memz-trojan.en.softonic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Dec 2018 18:23:36 GMT Content-Type application/ecmascript; charset=utf-8 Server nginx P3P CP="IDC COR PSA DEV ADM OUR IND ONL" X-LegacyProxy true Cache-Control no-cache X-Server eu1b-web703 X-Version 1 Connection keep-alive X-Robots-Tag none X-Gigya-HA-cfg-ver 5 Content-Length 170 Expires -1