memz-trojan.nl.download.it Open in urlscan Pro
2606:4700:20::ac43:4b7c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://memz-trojan.nl.download.it/
Effective URL:
https://memz-trojan.nl.download.it/
Submission: On October 30 via api (October 30th 2023, 8:10:21 am UTC) from US — Scanned from IT

Summary HTTP 73 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 73 HTTP transactions. The main IP is 2606:4700:20::ac43:4b7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is memz-trojan.nl.download.it.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 12th 2023. Valid for: a year.

This is the only time memz-trojan.nl.download.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2606:4700:20:... 2606:4700:20::ac43:4b7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	2606:4700:20:... 2606:4700:20::681a:f7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:264... 2600:9000:2644:6e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.83.103 13.225.83.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:da00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2644:cc00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	3.126.39.112 3.126.39.112	16509 (AMAZON-02) (AMAZON-02)
73	24

25 2606:4700:20::ac43:4b7c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

memz-trojan.nl.download.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.download.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
download.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:f7f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.download.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
memz-trojan.nl.download.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

spn-v1.revampcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2644:6e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:cc00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.39.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-39-112.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	download.it 2 redirects memz-trojan.nl.download.it cdn.download.it — Cisco Umbrella Rank: 785945 download.it — Cisco Umbrella Rank: 546888	234 KB
8	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3190 test.cmp.quantcast.com — Cisco Umbrella Rank: 11889 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 13468	203 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 154 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	162 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	8 KB
3	revampcdn.com spn-v1.revampcdn.com — Cisco Umbrella Rank: 190636	125 KB
2	google.it www.google.it — Cisco Umbrella Rank: 22792	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	661 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 15116 c.statcounter.com — Cisco Umbrella Rank: 9937	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	149 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	634 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245	9 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	50 KB
1	gstatic.com fonts.gstatic.com	30 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
73	17

	Domain	Requested by
29	cdn.download.it	memz-trojan.nl.download.it
6	cmp.quantcast.com	memz-trojan.nl.download.it cmp.quantcast.com www.datadoghq-browser-agent.com
6	memz-trojan.nl.download.it	2 redirects memz-trojan.nl.download.it www.datadoghq-browser-agent.com
3	api.btloader.com	www.datadoghq-browser-agent.com
3	spn-v1.revampcdn.com	memz-trojan.nl.download.it spn-v1.revampcdn.com
2	www.google.it	memz-trojan.nl.download.it
2	stats.g.doubleclick.net	www.googletagmanager.com www.datadoghq-browser-agent.com
2	ad-delivery.net	memz-trojan.nl.download.it
2	www.google-analytics.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	securepubads.g.doubleclick.net	memz-trojan.nl.download.it securepubads.g.doubleclick.net
2	www.googletagmanager.com	memz-trojan.nl.download.it www.googletagmanager.com
2	fonts.googleapis.com	memz-trojan.nl.download.it
1	audit-tcfv2.cmp.quantcast.com	www.datadoghq-browser-agent.com
1	www.google.com	memz-trojan.nl.download.it
1	region1.analytics.google.com	www.googletagmanager.com
1	test.cmp.quantcast.com	www.datadoghq-browser-agent.com
1	download.it	www.datadoghq-browser-agent.com
1	rules.quantcount.com	secure.quantserve.com
1	ad.doubleclick.net	memz-trojan.nl.download.it
1	c.statcounter.com	www.statcounter.com
1	secure.quantserve.com	cmp.quantcast.com
1	btloader.com	spn-v1.revampcdn.com
1	www.datadoghq-browser-agent.com	spn-v1.revampcdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	memz-trojan.nl.download.it
1	www.statcounter.com	memz-trojan.nl.download.it
73	26

This site contains links to these domains. Also see Links.

Domain
download.it
nl.download.it
en.download.it
es.download.it
fr.download.it
de.download.it
br.download.it
in.download.it
id.download.it
ar.download.it
th.download.it
tr.download.it
pl.download.it
kr.download.it
jp.download.it
fa.download.it
ru.download.it
sw.download.it
my.download.it
ph.download.it
se.download.it
si.download.it
train-simulator-2013.nl.download.it
train-simulator-2017.nl.download.it
website-x5-evolution.nl.download.it
trojan-killer.nl.download.it
memz-trojan.fa.download.it
memz-trojan.th.download.it
memz-trojan.ru.download.it
memz-trojan.ph.download.it
memz-trojan.es.download.it
memz-trojan.ar.download.it
memz-trojan.br.download.it
memz-trojan.de.download.it
memz-trojan.jp.download.it
memz-trojan.en.download.it
memz-trojan.kr.download.it
memz-trojan.tr.download.it
memz-trojan.in.download.it
memz-trojan.pl.download.it
memz-trojan.se.download.it
memz-trojan.my.download.it
memz-trojan.fr.download.it
memz-trojan.download.it
www.iubenda.com

Subject Issuer	Validity	Valid
download.it Cloudflare Inc ECC CA-3	`2023-09-12` - `2024-09-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.revampcdn.com R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
cmp.quantcast.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.it GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://memz-trojan.nl.download.it/
Frame ID: 843B6D6208831301AEA51DEA6CAC62CF
Requests: 71 HTTP requests in this frame

Frame: https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: EBAF1CC05DE32284938EBCDE099309BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Memz Trojan - Download

Page URL History Show full URLs

http://memz-trojan.nl.download.it/ HTTP 301
https://memz-trojan.nl.download.it/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

75 %
IPv6

17
Domains

26
Subdomains

24
IPs

4
Countries

1018 kB
Transfer

3333 kB
Size

12
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://download.it/
Title: groep websites

Search URL Search Domain Scan URL

URL: https://nl.download.it/
Title: Download.it

Search URL Search Domain Scan URL

URL: https://nl.download.it/windows
Title: apps

Search URL Search Domain Scan URL

URL: https://en.download.it/where-to-watch
Title: Films & series

Search URL Search Domain Scan URL

URL: https://nl.download.it/mac
Title: Mac

Search URL Search Domain Scan URL

URL: https://en.download.it/
Title: English

Search URL Search Domain Scan URL

URL: https://es.download.it/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.download.it/
Title: Français

Search URL Search Domain Scan URL

URL: https://de.download.it/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://br.download.it/
Title: Português

Search URL Search Domain Scan URL

URL: https://in.download.it/
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://id.download.it/windows
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://ar.download.it/
Title: العربية

Search URL Search Domain Scan URL

URL: https://th.download.it/
Title: ไทย

Search URL Search Domain Scan URL

URL: https://tr.download.it/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://pl.download.it/
Title: Polski

Search URL Search Domain Scan URL

URL: https://kr.download.it/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://jp.download.it/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://fa.download.it/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://ru.download.it/
Title: Русский

Search URL Search Domain Scan URL

URL: https://sw.download.it/
Title: Kiswahili

Search URL Search Domain Scan URL

URL: https://my.download.it/windows
Title: Melayu

Search URL Search Domain Scan URL

URL: https://ph.download.it/windows
Title: Tagalog

Search URL Search Domain Scan URL

URL: https://se.download.it/windows
Title: Svenska

Search URL Search Domain Scan URL

URL: https://si.download.it/windows
Title: Slovenščina

Search URL Search Domain Scan URL

URL: https://nl.download.it/windows/programmeren
Title: Programmeren

Search URL Search Domain Scan URL

URL: https://nl.download.it/windows/programmeren-editors
Title: Software-ontwikkelomgevingen & editors

Search URL Search Domain Scan URL

URL: https://train-simulator-2013.nl.download.it/
Title: Train Simulator Een online simulatiespel waarin de speler de rol van treinmachinist op zich neemt

Search URL Search Domain Scan URL

URL: https://train-simulator-2017.nl.download.it/
Title: Train Simulator 2017 Train Simulator 2017 is like virtual tourism

Search URL Search Domain Scan URL

URL: https://website-x5-evolution.nl.download.it/
Title: WebSite X5 Evolution Software om zelf webpagina's samen te stellen gebaseerd op Dreamweaver

Search URL Search Domain Scan URL

URL: https://trojan-killer.nl.download.it/
Title: Trojan Killer Zoekt en verwijdert schadelijke besmettingen met een trojan horse op de pc

Search URL Search Domain Scan URL

URL: https://memz-trojan.fa.download.it/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://memz-trojan.th.download.it/
Title: ไทย

Search URL Search Domain Scan URL

URL: https://memz-trojan.ru.download.it/
Title: Русский

Search URL Search Domain Scan URL

URL: https://memz-trojan.ph.download.it/
Title: Tagalog

Search URL Search Domain Scan URL

URL: https://memz-trojan.es.download.it/
Title: Español

Search URL Search Domain Scan URL

URL: https://memz-trojan.ar.download.it/
Title: العربية

Search URL Search Domain Scan URL

URL: https://memz-trojan.br.download.it/
Title: Português

Search URL Search Domain Scan URL

URL: https://memz-trojan.de.download.it/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://memz-trojan.jp.download.it/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://memz-trojan.en.download.it/
Title: English

Search URL Search Domain Scan URL

URL: https://memz-trojan.kr.download.it/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://memz-trojan.tr.download.it/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://memz-trojan.in.download.it/
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://memz-trojan.pl.download.it/
Title: Polski

Search URL Search Domain Scan URL

URL: https://memz-trojan.se.download.it/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://memz-trojan.my.download.it/
Title: Melayu

Search URL Search Domain Scan URL

URL: https://memz-trojan.fr.download.it/
Title: Français

Search URL Search Domain Scan URL

URL: https://memz-trojan.download.it/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://nl.download.it/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/61913038
Title: Privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://memz-trojan.nl.download.it/ HTTP 301
https://memz-trojan.nl.download.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
memz-trojan.nl.download.it/
Redirect Chain

http://memz-trojan.nl.download.it/
https://memz-trojan.nl.download.it/

57 KB
14 KB

138ms
100ms

Document
text/html

2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e14188aa19d357d92174e6a77cb72ef76598082febbb65be622ab2deead0175

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81e22e4c9dce0e4e-MXP
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 30 Oct 2023 08:10:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCeMdKTNbezyMIhnH5fsdniDieI456d1eZNyeLuHhhRorcSqokjTIx4NbtjLD9I1EstiQD9f%2FpAHChW7K6xLe3ikFARNyJPngW8jm2TLFfQp%2B5itCGmELqySR88zPsI2kd6YbzboyRtlIEeA5l%2B2lDeB4cI4OtF7"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 81e22e4c29fe83a8-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 30 Oct 2023 08:10:16 GMT
Expires: Mon, 30 Oct 2023 09:10:16 GMT
Location: https://memz-trojan.nl.download.it/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr0qZ3p7aCje6QXObUUkUte7P3tlCEtoBBlWu0hKF5oHD0UgzU%2F1A7pEMvfw5Zt2%2BVPegszh7GZMHayzBhHC66WH1I879EC%2BcNBlkOAHaNf%2BWdLXn3tOYJNKv3mB53M3NBx6dU6dueaytGH1JXEQbDWsOcg%2BZvwI"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 35117E_0_0.woff
cdn.download.it/dit/fonts/ 47 KB
47 KB 250ms
199ms Font
font/woff 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/fonts/35117E_0_0.woff
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1826c77619422cbfc2d6c86317f35c583411abd2f75de81a7ee8bb309cd9135

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 48240
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
server: cloudflare
etag: "bc70-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E1WRJwZAfvXt7Zh1Z1A%2F7XqNnSd92a7uR8S5r3lO5G9ANI6%2BCVRAUf7pbikI3mWaEIt9mLsqywLqpCCcy6vZ%2BILap%2B%2BV3Q%2FWME%2BHvXTKneWUXlwbnWAeTDrSw2hfu5FonuoIOoZDWu7VyUKpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4d8e750e6d-MXP
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 dit-logos.woff2
cdn.download.it/fontello/font/ 3 KB
4 KB 102ms
51ms Font
application/octet-stream 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/fontello/font/dit-logos.woff2
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6117060a9640c268607f9f9f26889c1cba88aee1989e9cbb5f4bbb2b0b3c7dc6

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Dec 2021 08:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dc0-5d225e95b2264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAAhvrhG33W%2BAggFHwac2kAennu%2Fw%2FJHdjD5DXkFNmuDtYD4MN0aLPPEkTOIBR4vylmlDtXXL2vtdz6pWxL2gFMU7f0GFJjf4EWLCkEYJlhNoYRB8lmnU26%2BmsDequ1W8oWNkWLoOLwHH18U8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4d8e740e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 3520
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
893 B 95ms
34ms Font
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38e42a9a323fd44fe86f0dfe5f7695590e6d4e4b3c016e30031dbbae5171df33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 07:47:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 08:10:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
893 B 96ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38e42a9a323fd44fe86f0dfe5f7695590e6d4e4b3c016e30031dbbae5171df33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 07:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 08:10:16 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
cdn.download.it/dit/js/ 86 KB
31 KB 75ms
68ms Script
application/javascript 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/js/jquery-3.4.1.min.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15851-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cp9PPArfPoFm0KZlU6rwQ3x%2FffXALScpGJoQDKXGZrfLBDKWkU8cK1TbUFqnOy73sGGlTCPGsHslOjAkIjxjEcVtYBStNK5zclfYhDeThD0vm%2FASplglKXqZeZcor8dtc0RxtbcpGYeeXA%2FsfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4deee20e6d-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 popper.min.js Show response
cdn.download.it/dit/js/ 21 KB
8 KB 207ms
200ms Script
application/javascript 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/js/popper.min.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5309-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYmqIqF%2F%2BXk8hiZ2yGo1g%2Ft%2FYQbo3CMsROl9YV26eKs8YFUMTSFH7lhuutgMUMA5EbA4kSzhlMIBCCbDpmgliHbaa4u6NE1IaYNQabuDdv5rsQnvSIs9vz%2FsWOkeR9Lnq%2F4%2FlPmhTzC4T81EAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4deee50e6d-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.download.it/dit/js/ 59 KB
16 KB 69ms
63ms Script
application/javascript 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/js/bootstrap.min.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ea6a-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnUTN5oUnCPFJgietSIPDmDVqwzgYXpvDFsFqYPGHwzH99IcaL5Zgt9FmVDaTYOATzFo9tpEDKeJLseCJDn8WkUhGNCMlwT2NQ767dI6dD8yA9h9p3nxzVAlDz7QOI90npNuU%2B7M2KiJDu7lcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4deee70e6d-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 18:04:35 GMT

GET
H2 200 search-header.js Show response
cdn.download.it/dit/js/ 416 B
599 B 128ms
121ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/js/search-header.js?v=1695907987063
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec47e6472651559ca723a66ef956e8b17527d80edc59644be04633abf4516786

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2745357
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Aug 2020 13:04:58 GMT
server: cloudflare
etag: W/"1a0-5abf8c91e5280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmj10ZuitfwDOp7OIbEoaBb7RdpVh06MTWKJB0UMLxR22UepS%2FEE77p4%2F%2B8eCzwsEN3fw7pI%2B9gUSWlvYcdczaBOPEA0VfICj50feNye8h5lYftav4VWC1LbmYekHFauZsTjVYJZ%2F6mCjvonYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff970e4e-MXP
expires: Sat, 27 Sep 2025 13:33:48 GMT

GET
H2 200 lazysizes.min.js Show response
cdn.download.it/js/ 8 KB
4 KB 44ms
38ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/lazysizes.min.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096489
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Aug 2021 15:15:49 GMT
server: cloudflare
etag: W/"1ed1-5c9c2caf025fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIqRwbv4gJzJ2wjk6Qx1wkXKLgmWFDNSKSEq%2FfqJV1awtUcLAQaSiEahg3Bf9VyOWiLvwRu3mgr5ytcFv3Q6WDu5t0q4hubWp7mLTlXwSe2M%2FGxWiKhIm5o3ReNbRDa7u5BpNj6l3O7xlnAbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def630e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 bootstrap.min.css
cdn.download.it/dit/css/ 125 KB
20 KB 59ms
55ms Stylesheet
text/css 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/css/bootstrap.min.css?v=2
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3400e3ea6c68192ead1f3ed3b73ed718742596e653370e25dcbf279dfa4e8ad

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 15:40:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f280-5e3895eeba10a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmTqKpISeNlb2rTeSVtEY85JPlcsMS%2FIOBS5y00y%2B0xQ1FRm1R1u7FOTXV8fUJepHfjQgv6y7mJIeidcEMlqVjWdsR1fxl4AtjqSjd43tsZpj8TH3x3rv9N3niyJ7i2w5EwySEaSB9yJcS034A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4deee80e6d-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 main.css
cdn.download.it/dit/css/ 10 KB
3 KB 136ms
133ms Stylesheet
text/css 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/css/main.css?v=1695907987063s
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c91e06fa9ddd31b7ccf2097169b9334c0626886a2488dc57ff03662a8fee7f34

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2745357
cf-polished: origSize=13398
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Jul 2023 12:02:43 GMT
server: cloudflare
etag: W/"3456-6018adbb1a6a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcJQDBnN0BX5diGkXSg%2BCpWd72VQiSHj1eHMPbUAKlmIlfJzO7bfLlZlRXWiqOKYyhRCWOLQkFJc4RriIgFaTJzrSclNXipktOk0iNma%2F1QEUOeM2qnd5bjkiGvVASBJQBJ8YHiWkSyk0OXzwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff990e4e-MXP
expires: Sat, 27 Sep 2025 13:33:48 GMT

GET
H2 200 hover-min.css
cdn.download.it/dit/css/ 93 KB
7 KB 56ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/css/hover-min.css
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e0bcee3ba93b5a2d0f5239bb2c55ebc5a648b0aab48a0d95c1cb5edccb093d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096478
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
server: cloudflare
etag: W/"17432-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXpy4NPDI%2BxxFY8ugrlwVmMWcoPKm1fEffzlvE6l%2BiMvyiorhi2F05bbCpyynbGKy%2FZGebQaA51d2uRR%2FuZwc2c8mne%2F%2F5a0FHqBO5XQ459oqC5xUbvgzvkmT0lm6QTUcwCkmCgIOWKDXSGaQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff9a0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 dit-logos.css
cdn.download.it/fontello/css/ 1 KB
886 B 55ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/fontello/css/dit-logos.css?v=1695907987063
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d35615d83672e5ceb1bf88fb84a9da3a4c243148b10bea4b651f624bac3d674

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2745357
cf-polished: origSize=2306
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 28 Jul 2023 12:03:26 GMT
server: cloudflare
etag: W/"902-6018ade44a5f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUHg12hF6hEsm7Htv1XUNCYTlOHaShdPHYm7dA0HBQwVwldFxiqzrU2WUYtv7BNzHBTUgO%2BDou9YXIQ5gpedK4CVinmnhoWXJz%2FRS4Uoo8dN%2Ffggt1enSt2IsjrYsHlOa566Rlt3f014jXBIMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff9b0e4e-MXP
expires: Sat, 27 Sep 2025 13:33:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 113ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-30374496-1

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce83e8fbffa5e98e1a8da8489741c195717317645b6a01fa39660cc13f971696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68655
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Oct 2023 08:10:16 GMT

GET
H2 200 dit-supplement.js Show response
cdn.download.it/js/ 175 B
568 B 43ms
37ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/dit-supplement.js?v=1695907987063
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18351534209a91b2f82b9d729cd40ec03df685421e7f918abf4da735dc5237c7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2745357
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 11:23:20 GMT
server: cloudflare
etag: W/"af-5eec272cb4186"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqoCPU%2FZE7ZLF7isUvqfRUdJsZuJZ9DaGck4zGssqLX5QRwOy5eRNHgK2ZANO4jqRxH5C%2F6gyB6lacXQKzYzasUizzckLPyuMutgBF3qTHeHeP1sRxhW3VdL4CWgHIVVCtnlkE%2B3JRQHcaMH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def660e4e-MXP
expires: Sat, 27 Sep 2025 13:33:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 160ms
90ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be49fc5d6c19e1c039597941d69474beeb2115408f8c757a4019e19414b56751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29494
x-xss-protection: 0
server: cafe
etag: 649 / 19660 / 31079134 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 08:10:16 GMT

GET
H3 200 prebid-client.js Show response
spn-v1.revampcdn.com/prebid/downloadit/ 255 KB
74 KB 41ms
18ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/prebid/downloadit/prebid-client.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 65ef2e4096e3187ec54dfe47b5f8682566ab6d2783aa3a2c3c522396c430139d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-version: 1.1270.0
date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 8995
x-cache: HIT, HIT
x-envoy-upstream-service-time: 37
x-region: RM
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 74794
x-request-id: 51e6f46a-2bdf-42eb-9961-98f83d34cb37
x-served-by: cache-ams12726-AMS, cache-mxp6925-MXP
x-platform-version: NT 10.0
x-browser-version: 118.0.5993.117
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: downloadit
x-timer: S1698653417.643198,VS0,VE1
etag: W/"f58edc13c8b20fdc2f70e63b88f7fb5a"
x-browser-name: Chrome
vary: Accept-Encoding,x-country-code,x-device-platform
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: IT
x-cache-hits: 1, 1

GET
H2 200 downloadit.js Show response
spn-v1.revampcdn.com/publishers/ 206 KB
51 KB 65ms
16ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/downloadit.js?modern=1
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1b56d92355d8c1fcf7a030c04d5de9a45cd684550e54bbc5e33fdfdd68fbab3f

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-version: 1.1271.0
date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 17896
x-cache: HIT, HIT
x-envoy-upstream-service-time: 187
x-region: RM
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51277
x-request-id: c474b9c4-6fe1-442a-9f13-46a6c38dba79
x-served-by: cache-ams21039-AMS, cache-mxp6960-MXP
x-platform-version: NT 10.0
x-browser-version: 118.0.5993.117
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: downloadit
x-timer: S1698653417.588917,VS0,VE0
etag: W/"8149d40cd1c0ca69c53884464dc50774"
x-browser-name: Chrome
vary: Accept-Encoding,x-device-platform,x-platform-id
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: IT
x-cache-hits: 70, 5

GET
H2 200 jquery.md5.js Show response
cdn.download.it/js/ 4 KB
2 KB 44ms
38ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/jquery.md5.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096479
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 01 Sep 2014 14:38:01 GMT
server: cloudflare
etag: W/"f18-50201f3240440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3AT3rT057LHb5wwAuPLcx8jKcg5cHOgpwJt5GTzEXeBlMP%2F80asIiWhFA%2Bt2wIsdZ1H%2BfefcrQFIwGMsBuwf%2Fqey0Kh9ldLCYhlF0X5ezO6IdZPB%2Fmw%2FuA5soaS27vDo7%2FnCMPmF9cszGuMEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def670e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 ouibounce.js Show response
cdn.download.it/js/ 2 KB
1 KB 37ms
31ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/ouibounce.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 332a4f3e0e1cc73b6dc796594340d2c5bdd5a6af61f559740e33aae5300c23d3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096488
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 19 Dec 2014 13:44:54 GMT
server: cloudflare
etag: W/"6bc-50a91e9e22180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=je0h1OWQGq%2FPVpjLoXR1seGxVdr4gY3dA4B7hTSZQ2E7SV1czFggxux%2FGBusVKgv6fUoFsJqDbOzAaKQoA6fU87W5bfRUUbBJJb2B5ArSWshRVBiEbIG2l7zjmElJ90XAPIbwmFcZrmS%2Fp8UAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def680e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 ajget-download.js Show response
cdn.download.it/js/ 1 KB
1 KB 38ms
32ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/ajget-download.js?t=1695907987063
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a838a8cab2b7d95c437c8ee698ecefbd5745e7c9709146d473547f5e88ddab59

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2741201
cf-polished: origSize=1466
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Jul 2023 08:13:09 GMT
server: cloudflare
etag: W/"5ba-600be7c47fe84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvDi6xhhkODmOxAZ0%2B62g%2FH1HEs32OwyGKxpmVmbs30jbI3AoxkfoowQpwd7ID8fPCkGDfUhXOgEQpdhaHLc6sFkjVMUOY7ge9kjb2QJiacFNw9YDsOo2eer%2BX2CExz81LGbFwmlsgffrShAPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6a0e4e-MXP
expires: Sat, 27 Sep 2025 13:33:48 GMT

GET
H2 200 raty.woff
cdn.download.it/dit/raty/fonts/ 2 KB
1 KB 256ms
227ms Font
application/font-woff 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/raty/fonts/raty.woff
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"704-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtgwfUZxuGgtINp6gW%2BJjFVrWwHnXp6A4K%2FSczhlBuQ6SGT5BhqDLEakX37Y0TgtKC4ybdhaLDwV7BHtUxWTZIeE7OTm0vjsASEfBDNeXQAPMWrhqIlQCS5H7INTfpm9R0jRysyEgkKc661dpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4d8e760e6d-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 18:04:34 GMT

GET
H2 200 jquery.raty.js Show response
cdn.download.it/dit/raty/ 13 KB
4 KB 38ms
32ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/raty/jquery.raty.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5112588a752ef36a064ece2242fe849bfbb90c333608d4515c4d34bbb81a60

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096489
cf-polished: origSize=19307
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
server: cloudflare
etag: W/"4b6b-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qNs2%2F%2FOUhMksQKYHI8ViAmDbFdNQsF2v%2F%2B1LHNin10Lxg8Mecn95k4n6qkUsIrGdDiIyUhgvNZQLKwBW%2F49Mdc%2Fmnj0t072qzxK0xAywq1hdDUDDUMHNZBdNMJifLfdEXhdvo4BaiTSgTDsew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6b0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 raty-bridge.js Show response
cdn.download.it/js/ 2 KB
1 KB 36ms
31ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/js/raty-bridge.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147bfa7f085b8fc56ba18f988db65946c89bb63a9e3ad4ac0eaf0693c345b61d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096489
cf-polished: origSize=2064
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 03 Aug 2020 13:36:22 GMT
server: cloudflare
etag: W/"810-5abf93969e180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4vF7zNRz0L6Zsb9fGnLiMBV%2FgZaCJTP9NowNN%2FjidQ9tduvR%2FpWDGZ9pJQutyNI5v%2F8%2FgM1IPnIwUSALvjqANebxanRqw8fKxxIRRSVM%2FJe4QWhuRuS%2B%2FYXq1P4iBVWb3jE18nHTv0LHee9ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6c0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 raty-votable-main.js Show response
cdn.download.it/dit/js/ 451 B
609 B 50ms
44ms Script
application/javascript 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/js/raty-votable-main.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b79f935e90b63658f207544145a77b0f1eda307bcfc65980d7c9f916965c2ce

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096479
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Dec 2021 09:15:43 GMT
server: cloudflare
etag: W/"1c3-5d2263c2caf8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzLmdk6PYbaQEsw4yDZgN5yjpA4LnkbohJ6sEh7qHYy7iK8yBWKCYEqh4UnuJjsvvGT871pW8%2B%2F4a4jbxqTAjIc8Bd81adwGUsvjez2on4hdvcmCDgCVS8g8MbHADryh%2BrgX3QxGZgdl1s2ksw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6d0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 maglass-blue.svg
cdn.download.it/dit/images/ 258 B
493 B 36ms
30ms Image
image/svg+xml 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/dit/images/maglass-blue.svg
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 307238fd564ccf483e9503989f781d89c45525f80dec2bb3e80a9ad70fb37ba2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096478
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
server: cloudflare
etag: W/"102-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpHavFd%2FiO8CHyQlBvkcpVFCwEG%2BO3vMr%2F75a1%2F3EOB7jLbdDTEVh0h5nWxQ8ez4OI9HM1zegZXm4SOON%2FmKgSgnUD0HB4GARk08tcRlqrb5bGWLbvBO7hKf4fGXqfz3N3zfvR%2Bu1V02pUyycg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6e0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 maglass-white.svg
cdn.download.it/dit/images/ 276 B
600 B 35ms
30ms Image
image/svg+xml 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/dit/images/maglass-white.svg
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38afa88926f69f684e93ac9023338100a57b9424cedf63f7ee73b1202c98eead

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096478
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 16:02:49 GMT
server: cloudflare
etag: W/"114-5ab82921c9c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Sf%2FsV9Hx6GuFFqvnjHhLgfbRT8MPuDi%2BUVw%2B%2BorrYNdu%2BjNg3f5l31%2BPMskjnK3ZQeja7lnSuBMCXeceIQMB%2FS5GxvY%2Fnz3desY9s2IfjdEHrr3vNBeyUxevmJZd4BMUG6j6JC5nqjz7HWjXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4def6f0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 burger-32.png
cdn.download.it/dit/images/ 214 B
664 B 56ms
50ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/dit/images/burger-32.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874a64c76ae3d1fb76c4e9c9b97a4e1d655fd13dc582efb01c80e59222dd542d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2715706
cf-polished: origFmt=png, origSize=499
content-disposition: inline; filename="burger-32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 214
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Jul 2023 13:45:45 GMT
server: cloudflare
etag: "1f3-601782e523257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90i9GmB%2FgkmT6yTvilC1IlJj%2FYLztW1zOwJpEwsfMUwzZqPJXvN6A0FGsIrwrYDBxE8YOjno%2B%2FKTsQCRlXgmC95R3w8t6MXKlzrQNZdMfp%2BtIN1yFPFdlY1bBVjGQn2GMA8ofRFw39s8azwi7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff8f0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 memz-trojan-100x100.png
cdn.download.it/gen/ 5 KB
5 KB 55ms
49ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/gen/memz-trojan-100x100.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bff134d4cc72f0a5a4a627e00e3db0700329f173100f990678e072d8e165a03

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3369210
cf-polished: origFmt=png, origSize=9248
content-disposition: inline; filename="memz-trojan-100x100.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4712
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Jul 2023 23:31:54 GMT
server: cloudflare
etag: "2420-60066bccae94c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F%2FyWCbOlhrBBPvzJn6Li1Xbr0vf1WtY9o9O7gSsoJBZWqECNe7cikAoaV%2F88KpN931BgaLdToEnqwrtEimoXzV3BFzj5DT5aFY7LmKSL0w9%2BvBl87vwVSo%2FIb20HpcTtJ7QCHvzzzXHbDAUCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff900e4e-MXP
expires: Sun, 27 Jul 2025 15:11:34 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 90ms
30ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 09:54:32 GMT
server: cloudflare
age: 17926
etag: W/"653a3758-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 81e22e4e39cb0e71-MXP
expires: Mon, 30 Oct 2023 15:11:30 GMT

GET
H2 200 train-simulator-2013-100x100.png
cdn.download.it/gen/ 14 KB
15 KB 76ms
72ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/gen/train-simulator-2013-100x100.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062efde974335cb24173bc41063086a5e5020c48d97d295b401df71b42d949ec

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=21573
content-disposition: inline; filename="train-simulator-2013-100x100.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14492
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Feb 2021 09:32:33 GMT
server: cloudflare
etag: "5445-5ba57266ddf45"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG6pTPDnxEVAmXYJUTDCNkfApKWJgm82B0LQD9B2Hn81lDWrbl2eUx429Xp0UDNGqr6TLA8qfkMU65Q28Vm876m%2Fs2LHPmSF5vVN97iVajiSKCuFAlP4b06qaBngDC3KyYaGTuyE7T%2BqU6dZpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff910e4e-MXP
expires: Mon, 27 Oct 2025 17:37:08 GMT

GET
H2 200 train-simulator-2017-100x100.png
cdn.download.it/gen/ 12 KB
12 KB 49ms
45ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/gen/train-simulator-2017-100x100.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb3beb714b118327157a0efb5895d561d200e08b0c881d2b61c94a0edbfca4c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59713
cf-polished: origFmt=png, origSize=18888
content-disposition: inline; filename="train-simulator-2017-100x100.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12228
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Feb 2021 09:32:33 GMT
server: cloudflare
etag: "49c8-5ba57266d1425"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPBfI%2FNFCobDfK1TvSh16R%2F3k6WVo9BUKqURblHo%2BBqqK52ntGELokYAvY43hXG5Aax6LJ3EGvQWx3wysnNW59PoDzuyGHm9errc0nhkacfjoyLvWyDDpd%2FFRl9YqMgcU5z2iHPqCaZfU9KNoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff920e4e-MXP
expires: Sun, 27 Jul 2025 15:36:00 GMT

GET
H2 200 website-x5-evolution-100x100.png
cdn.download.it/gen/ 13 KB
13 KB 50ms
46ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/gen/website-x5-evolution-100x100.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92eec204b5ad5f0f2f224aafe74817ccdc27f5786caa4ba49ff68fe0435865d0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134786
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="website-x5-evolution-100x100.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13130
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jul 2023 23:32:39 GMT
server: cloudflare
etag: "3ccc-60052a1a1aab9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9FwTeWoHmq3I8d5q7vPPHxsaJbqvlRneUH4a6X%2FLaOeeemQLwP%2Fi4xfzLG%2BTuq8nSWIM60gBOY2WDDHQ8tpyTKYwndYTQygEBYpjbZBFO%2BVEWzBKf1luCVI2pHn8N%2FnW4oI1lEKd2LrMNUAJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff940e4e-MXP
expires: Tue, 16 Sep 2025 15:47:53 GMT

GET
H2 200 trojan-killer-100x100.png
cdn.download.it/gen/ 11 KB
11 KB 54ms
50ms Image
image/webp 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.download.it/gen/trojan-killer-100x100.png
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a51de0267f5d4307d9ceab3418187a14e78fced1ef529365387d58ba6d490e9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 436367
cf-polished: origFmt=png, origSize=13549
content-disposition: inline; filename="trojan-killer-100x100.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11010
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 01:03:22 GMT
server: cloudflare
etag: "34ed-6006803ec866b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df21EuQqQgdVpI%2BvZ1tL0Fcrl%2Bvd6nw10LP8obU9r3WqSPOjXn03euNFEyUr6AFmAZZ58%2BeEcAOP8i4mYGQFLf7%2FaGsu1F1AMjtl3P1Bkn3eLhUVEHpC5gdA9Wj0BKz6vl9vXzfZDZf3U%2FoC1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=63072000
accept-ranges: bytes
cf-ray: 81e22e4dff950e4e-MXP
expires: Sun, 27 Jul 2025 16:01:12 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 111ms
53ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://memz-trojan.nl.download.it/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81e22e4e3e5e5237-MXP

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/NckurUNbznaCm/download.it/ 4 KB
2 KB 105ms
29ms Script
application/javascript 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d212386876860bad63673d86fad7436cd68336c50cbf367f326bc4a061a62a58

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 21:42:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 1
x-amz-server-side-encryption: AES256
etag: W/"05ca91ae9788ef03354671b196c01ba9"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SQEMKMrCubI1WVVvwxn1LA4ugpz0mDHKBw7WBheeiyYsNrDQED6xow==

GET
H2 200 ouibounce.css
cdn.download.it/dit/css/ 3 KB
1 KB 52ms
48ms Stylesheet
text/css 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/css/ouibounce.css
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e08b5b325fbbd6fbcbaa1deb294125ee425297b994d722bcce1d329d60de2b7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096488
cf-polished: origSize=2615
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Aug 2020 16:15:50 GMT
server: cloudflare
etag: W/"a37-5ad2933549980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uz2Pi6b0Uca%2FkJAlXPjUGnoXBN8d179rV6hNKuWezXNKTv5fHVM1h13a%2FZFQgsMOcVf%2B3x%2BAhLY8A%2ForHglUN5KJmOP8IlzwRb4B3bHqEZ33HCUHDeaYRbZM4C7ODpkO89jRIhrNYGBzZdz0Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff9c0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 jquery.raty.css
cdn.download.it/dit/raty/ 832 B
681 B 54ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.download.it/dit/raty/jquery.raty.css?v=2
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d31a13cd5e137294047a76fb9f244a98ba7df979f22c492997f7f4916dd3fc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8096477
cf-polished: origSize=995
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 13 Aug 2021 09:16:44 GMT
server: cloudflare
etag: W/"3e3-5c96d4f6495a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UVApJuWb1kfPe4WOWdDiKGQtPLv3jWDrqeajmJrzAiW0mpSYl2HJ6n7uwcunnDvSNmLa3j%2FjdZw7NHR3lAxWjjSYbjnZ%2BHdY5275uUOCDW6oTns0RvKZe5MaC4a6eZMu1%2BqI4rLIEwYdO7Ffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=63072000
cf-ray: 81e22e4dff9e0e4e-MXP
expires: Sun, 27 Jul 2025 15:08:43 GMT

GET
H2 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v32/ 30 KB
30 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://memz-trojan.nl.download.it
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:54:38 GMT
x-content-type-options: nosniff
age: 231338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30208
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:45:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:54:38 GMT

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
50 KB 133ms
43ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/downloadit.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:09:37 GMT
content-encoding: gzip
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 45
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: n3K3heEHwMY1YR9zJi8OC0hoByvgCEwnChJ-qhTVZtx5GBgdMxP9Kw==

HEAD
H2 200 downloadit.js
spn-v1.revampcdn.com/publishers/ 0
0 18ms
11ms Fetch
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spn-v1.revampcdn.com/publishers/downloadit.js?modern=1
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/downloadit.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-version: 1.1271.0
date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
x-envoy-decorator-operation: svc-revamp-api-cms.revamp-api-v2.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 17896
x-cache: HIT, HIT
x-envoy-upstream-service-time: 187
x-region: RM
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51277
x-request-id: c474b9c4-6fe1-442a-9f13-46a6c38dba79
x-served-by: cache-ams21039-AMS, cache-mxp6960-MXP
x-platform-version: NT 10.0
x-browser-version: 118.0.5993.117
x-platform-id: Windows 10
server: istio-envoy
x-publisher-id: downloadit
x-timer: S1698653417.670034,VS0,VE0
etag: W/"8149d40cd1c0ca69c53884464dc50774"
x-browser-name: Chrome
vary: Accept-Encoding,x-device-platform,x-platform-id
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform: Desktop
accept-ranges: bytes
x-country-code: IT
x-cache-hits: 70, 6

GET
H2 200 tag Show response
btloader.com/ 18 KB
8 KB 86ms
36ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5633429348548608&domain=download.it&upapi=true
Requested by: Host: spn-v1.revampcdn.com
URL: https://spn-v1.revampcdn.com/publishers/downloadit.js?modern=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b4e1554c69d91dc4cc9aed8009346008a670c1a6fa9ec61d5ca4fafa38437d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 07:51:17 GMT
server: cloudflare
age: 977
etag: "da74df8f9b66030886646bfb36b78ad2"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 81e22e4eff8783ba-MXP
content-length: 7498

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 97ms
34ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 06 Nov 2023 08:10:16 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 160 KB
45 KB 30ms
29ms Script
text/javascript 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=download.it
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/NckurUNbznaCm/download.it/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:09:58 GMT
content-encoding: gzip
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 28 Sep 2023 19:02:48 GMT
server: AmazonS3
etag: W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: QAdJctTQtHUf-i0b9y52HyXMtP8l2gbIGEF3Iy7GY3ib5HQSK5s3bw==

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
499 B 176ms
166ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=9076449&u1=04F07C8470BA4FACDED9DA4C90E66AFE&java=1&security=0f258408&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//memz-trojan.nl.download.it/&t=Memz%20Trojan%20-%20Download&invisible=1&sc_rum_e_s=555&sc_rum_e_e=564&sc_rum_f_s=0&sc_rum_f_e=402&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://memz-trojan.nl.download.it
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 81e22e4f8b420e71-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

main.js Show response
memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame EBAF
Redirect Chain

https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

7 KB
4 KB

23ms
22ms

Script
application/javascript

2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Server

2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712882f929e8cde3b48d10079d47d2ebbcb3160626a11bbd7d78c9663ddf82d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0h2ABZtOAwe6ueZlOxwsHqg%2Fb%2FRoUoUrYqOU4cB1Fl4IR5XQ2Uzugz%2F5gvQc1nxWnRZ3978qHJaqDVhffbY3Tzln08MH1UCsF3FC8kseRS9YTU9ZM%2BUqYBnF9tzu3ELtgrfvBJrEQoIz6bCEK%2B5BOPSiJPO7xAC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81e22e4ffca90e8f-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 30 Oct 2023 08:10:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FFM7bDVOmmt5RuQS5zIQca32n3wn8eyPNDZkHOPHGYL7a1sB9hVoMk0uBK4BaiLmlqnymE3lsUq8hHkGR6RqwSJ7S%2F%2BBcDgE0GC%2BqJgWuII2ZfREqYQWOKsjQ0AKtJP3QRcsUzMzeJBr7eA5wmT5OU1eOGDeeOx"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 81e22e4fbc760e8f-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
82 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30374496-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c74ec5d475894e3b50cdaaabb0b572dad71c9c2e6ecb3332770b6de9f7f4364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 08:10:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30374496-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 07:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 30 Oct 2023 09:51:32 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ 420 KB
132 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 13:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65606
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134989
x-xss-protection: 0
server: cafe
etag: 2612702921649259081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 28 Oct 2024 13:56:50 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 186ms
139ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 08:10:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 72ms
24ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2081300
x-guploader-uploadid: ADPycdvgfKF3q2NqMQumaBVImjlbpy9Krv1hTlJzr530l-WDeMsImAUae55zyMIp0BxsVzxlN5OhKQ3jGLTY80ovdkCTGA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn4v3n2zGK%2FdDGxMhwRSC603ULH%2BBnr%2BasAb39TAvDe2WnJRzx40pyMMbagNdKuyLR4BHYnwKWRDZocWsTS3GurQvckqitqUem7OSbZCEkUWd%2BkzwmobNVMrk164RUYqfwM4CNWyFW0Cibx9gg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 81e22e504e025a01-MXP
expires: Fri, 06 Oct 2023 06:55:56 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 110ms
28ms Image
image/x-icon 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 10:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Oct 2023 10:57:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
928 B 71ms
23ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.23790566634862276
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2081300
x-guploader-uploadid: ADPycdvgfKF3q2NqMQumaBVImjlbpy9Krv1hTlJzr530l-WDeMsImAUae55zyMIp0BxsVzxlN5OhKQ3jGLTY80ovdkCTGA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l3oNc2FfNR8mFlrNYSWA511gYJx3%2FDv6zholyWnBOvaLhxZWxH06zatntMy1p%2Fh9JBKA59ULzeG2v471vwrLH9AuNPMazv0gnEhwAtu%2BLim6%2BLhvlaXmQTALzjC1kFR4YipL0jSnOgTjjHYww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 81e22e504e005a01-MXP
expires: Fri, 06 Oct 2023 06:55:56 GMT

GET
H2 200 rules-p-NckurUNbznaCm.js Show response
rules.quantcount.com/ 160 B
634 B 127ms
29ms Script
application/javascript 2600:9000:223c:da00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-NckurUNbznaCm.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33949e102d222316480736a4e8121ff411f2adc3d05bbe2d41b033ba294b2d7f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 07:36:02 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:39:45 GMT
server: AmazonS3
etag: "dcbd642f259c6f45ec1a2bdfa9286bf7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 88oUZYNixW-OPQX_FIfrKBQzIPXYaulL0wtsWhS2bdaP4sL2Da29OQ==

GET
H2 200 consent Show response
download.it/api/ 2 B
584 B 95ms
84ms XHR
application/json 2606:4700:20::ac43:4b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://download.it/api/consent
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/plain, */*
Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r52GgiY1vsMowBSIgX%2B3Ea1SqvsVR8E0i62%2BruG%2F1xwCQ%2Fj54Y2s4%2F21YttWVwzfWr0ZvlO5aqr3hPeDsa3o4Q9tmVKTIlKWja0HltfGusJszMty4zg%2FnPWaeXtcRiA34LUKG3hs6ufA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://memz-trojan.nl.download.it
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
cf-ray: 81e22e502a7f0e4e-MXP
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Content-Range, Range, Pragma, Upgrade-Insecure-Requests
alt-svc: h3=":443"; ma=86400

POST
H3 200 81e22e4c9dce0e4e Show response
memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EBAF 0
569 B 41ms
40ms XHR
text/plain 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/h/g/jsd/r/81e22e4c9dce0e4e
Requested by: Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2DP8AXJ1lp7LA%2B7Jnm92h%2BrjypGbQoufWFbBmJKvMaOmxStpdC3JT5lyj8grTC%2Fa3lZjRICZrlPAzG9BXD%2Fhy3n0qXJ5HOUiXQ0KAfoFPCF9kKQmka7c6SD2ckRtIH%2F05iTs3WiJlmeqvZRS1dcKuWz%2F1TNz1Pp"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 81e22e50ad780e8f-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 11 KB
4 KB 100ms
29ms XHR
application/json 2600:9000:2644:cc00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:cc00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9c42d24bff5c44e2f82f65616c142cb6adaa6617973fbeb13d58157a3524157

Request headers

Accept: application/json, text/plain, */*
Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:00:40 GMT
x-amz-version-id: R3olSHr8yTVNfSkU6AuI.FQdarbcuUZM
content-encoding: gzip
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 18578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 26 Oct 2023 19:52:29 GMT
server: AmazonS3
etag: W/"3eff75893b6f2556fb4e94999363c1de"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: nlkoYdWWuT0DOc2796a7vp-av0ikEydv1dC3ohZOE0ja3tYsYnCUNw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 88ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XYHRS06G1C&_ono=1&gtm=45je3ap0v9126950198&_p=765049349&_gaz=1&gcd=11l1l1l1l1&cid=16331297.1698653417&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698653417&sct=1&seg=0&dl=https%3A%2F%2Fmemz-trojan.nl.download.it%2F&dt=Memz%20Trojan%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://memz-trojan.nl.download.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 106ms
35ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-XYHRS06G1C&cid=16331297.1698653417&gtm=45je3ap0v9126950198&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYHRS06G1C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://memz-trojan.nl.download.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 97ms
37ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-XYHRS06G1C&cid=16331297.1698653417&gtm=45je3ap0v9126950198&aip=1&z=1796796044

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 34ms
32ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=765049349&t=pageview&_s=1&dl=https%3A%2F%2Fmemz-trojan.nl.download.it%2F&ul=en-us&de=UTF-8&dt=Memz%20Trojan%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1708688362&gjid=804147459&cid=16331297.1698653417&tid=UA-30374496-1&_gid=1329889274.1698653417&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=231685120

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://memz-trojan.nl.download.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 138ms
137ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: c83097c2966a55a44d052f1d453f2f2a86e054cf9ce476d1d6a18c5971546f01

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 139ms
139ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=s1UxeC8dpN&w=6270088066367488&o=5633429348548608&cv=2.1.20-1-gef591d7&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fmemz-trojan.nl.download.it%2F&sid=3l03E8tA&upapi=true
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 08:10:17 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 cmp2ui-nl.js Show response
cmp.quantcast.com/tcfv2/48/ 297 KB
70 KB 29ms
29ms Script
text/javascript 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/48/cmp2ui-nl.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=download.it
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f84775e2d1a11204d3c64bcee089bbd259983d3c1d55b815f4657278e3cf85da

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 01:27:27 GMT
content-encoding: br
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 110571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Thu, 28 Sep 2023 19:02:12 GMT
server: AmazonS3
etag: W/"5327ab3d902fe6d5c887c580e1d3b0b9"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: _VsG88LFPrG0Bm90x1Pl7ujQE2N_10GlYhdcNFBJOr-QIha-qLlm-Q==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 358 KB
44 KB 81ms
29ms XHR
application/json 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e31b5718a4b54cfc8455c60942b6c1925b39b08edf8e6db936d1fa828c383e4e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:00:41 GMT
content-encoding: br
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 18577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 30 Oct 2023 03:00:37 GMT
server: AmazonS3
etag: W/"4d74204056414ae89162eb1d42c0e48d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: nrbIIm8Zs6o70YfwDXq0KfE3kWp1EbY-iBXVesb9-08z1i_sF_JO3g==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 141 KB
34 KB 109ms
58ms XHR
application/json 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be

Request headers

Accept: application/json, text/plain, */*
Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:00:30 GMT
content-encoding: gzip
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 18588
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 30 Oct 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1e4d3cb991895e0ec4cdfbc78091c44d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vHMzAgvdY9WYW-NkaCnN2MrrVBpdMeyADPyX-7kV9pUZy1yOwggMLA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 35ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30374496-1&cid=16331297.1698653417&jid=1708688362&gjid=804147459&_gid=1329889274.1698653417&_u=YADAAUAAAAAAACAAI~&z=1608085291

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://memz-trojan.nl.download.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 128ms
47ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30374496-1&cid=16331297.1698653417&jid=1708688362&_u=YADAAUAAAAAAACAAI~&z=1727864109

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30374496-1&cid=16331297.1698653417&jid=1708688362&_u=YADAAUAAAAAAACAAI~&z=1727864109

Requested by

Host: memz-trojan.nl.download.it
URL: https://memz-trojan.nl.download.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 95ms
28ms XHR
text/plain 3.126.39.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22NckurUNbznaCm%22%2C%22domain%22%3A%22memz-trojan.nl.download.it%22%2C%22publisher%22%3A%22Download.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22lK4ZGia%2FGm94yiN%2BJ4OFAA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1698653417228%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-l5ze6pdabtye61l7og6h%22%7D
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.39.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-39-112.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 08:10:17 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 purposes-NL.json Show response
cmp.quantcast.com/GVL-v2/ 31 KB
5 KB 27ms
27ms XHR
application/json 2600:9000:2644:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/purposes-NL.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 128106f0dea9554918edd9920f4a66e21abcc92bc78db7164d54e471888a8bea

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://memz-trojan.nl.download.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:00:41 GMT
content-encoding: br
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 18577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 03:00:37 GMT
server: AmazonS3
etag: W/"e5260900a233caf9a8b65166b9bf5d37"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: uxj9jzvdEhMnhY5x5-EGt_YNorIxecsAYXM92Y_m9no7tjhBNRO8wA==

POST
H3 204 rum Show response
memz-trojan.nl.download.it/cdn-cgi/ 0
149 B 23ms
20ms XHR
text/plain 2606:4700:20::681a:f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://memz-trojan.nl.download.it/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://memz-trojan.nl.download.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Oct 2023 08:10:17 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://memz-trojan.nl.download.it
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81e22e527ffb0e8f-MXP

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.download.it/	1970-01-20 15:50:55	Name: rv_prebid_position Value: 122
.download.it/	1970-01-20 15:50:55	Name: rv_test_position Value: 393
.download.it/	1970-01-20 15:50:55	Name: rv_fp_ad_session_id Value: 48ff35ed-0a9f-49c5-9f4c-33ee3eded304
.download.it/	1970-01-20 15:50:55	Name: rv_fp_pv Value: 1
.memz-trojan.nl.download.it/	1970-01-21 01:26:53	Name: sc_is_visitor_unique Value: rx9076449.1698653417.04F07C8470BA4FACDED9DA4C90E66AFE.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 01:26:53	Name: is_unique Value: sc9076449.1698653416.0
.download.it/	1970-01-21 01:26:53	Name: _ga_XYHRS06G1C Value: GS1.1.1698653417.1.0.1698653417.60.0.0
.download.it/	1970-01-21 00:36:29	Name: cf_clearance Value: B6K5jfRtwFIfzy30mHqQdeX5Sz9VlLS9RIAPgPQyCDY-1698653417-0-1-56be74e9.c28e2ba3.9525e8c2-0.2.1698653417
.download.it/	1970-01-21 01:26:53	Name: _ga Value: GA1.2.16331297.1698653417
.download.it/	1970-01-20 15:52:19	Name: _gid Value: GA1.2.1329889274.1698653417
.download.it/	1970-01-20 15:50:53	Name: _gat_gtag_UA_30374496_1 Value: 1
memz-trojan.nl.download.it/	1970-01-20 15:50:54	Name: _dd_s Value: rum=0&expire=1698654316932

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://memz-trojan.nl.download.it/ Message: The resource https://fonts.googleapis.com/css?family=Dosis:400,600&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
audit-tcfv2.cmp.quantcast.com
btloader.com
c.statcounter.com
cdn.download.it
cmp.quantcast.com
download.it
fonts.googleapis.com
fonts.gstatic.com
memz-trojan.nl.download.it
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
spn-v1.revampcdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
test.cmp.quantcast.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.statcounter.com
104.20.219.77
13.225.83.103
130.211.23.194
142.250.184.230
151.101.129.91
2001:4860:4802:34::36
2600:9000:223c:da00:6:44e3:f8c0:93a1
2600:9000:2644:6e00:9:46dc:4700:93a1
2600:9000:2644:cc00:3:a4cd:8380:93a1
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:f7f
2606:4700:20::ac43:4b7c
2606:4700::6810:3965
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9d
3.126.39.112
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
062efde974335cb24173bc41063086a5e5020c48d97d295b401df71b42d949ec
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c74ec5d475894e3b50cdaaabb0b572dad71c9c2e6ecb3332770b6de9f7f4364
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
128106f0dea9554918edd9920f4a66e21abcc92bc78db7164d54e471888a8bea
147bfa7f085b8fc56ba18f988db65946c89bb63a9e3ad4ac0eaf0693c345b61d
18351534209a91b2f82b9d729cd40ec03df685421e7f918abf4da735dc5237c7
1b56d92355d8c1fcf7a030c04d5de9a45cd684550e54bbc5e33fdfdd68fbab3f
1e14188aa19d357d92174e6a77cb72ef76598082febbb65be622ab2deead0175
2e08b5b325fbbd6fbcbaa1deb294125ee425297b994d722bcce1d329d60de2b7
307238fd564ccf483e9503989f781d89c45525f80dec2bb3e80a9ad70fb37ba2
332a4f3e0e1cc73b6dc796594340d2c5bdd5a6af61f559740e33aae5300c23d3
33949e102d222316480736a4e8121ff411f2adc3d05bbe2d41b033ba294b2d7f
38afa88926f69f684e93ac9023338100a57b9424cedf63f7ee73b1202c98eead
38e42a9a323fd44fe86f0dfe5f7695590e6d4e4b3c016e30031dbbae5171df33
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b79f935e90b63658f207544145a77b0f1eda307bcfc65980d7c9f916965c2ce
5cb3beb714b118327157a0efb5895d561d200e08b0c881d2b61c94a0edbfca4c
6117060a9640c268607f9f9f26889c1cba88aee1989e9cbb5f4bbb2b0b3c7dc6
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
65ef2e4096e3187ec54dfe47b5f8682566ab6d2783aa3a2c3c522396c430139d
6b4e1554c69d91dc4cc9aed8009346008a670c1a6fa9ec61d5ca4fafa38437d2
6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39
712882f929e8cde3b48d10079d47d2ebbcb3160626a11bbd7d78c9663ddf82d1
73e0bcee3ba93b5a2d0f5239bb2c55ebc5a648b0aab48a0d95c1cb5edccb093d
83d31a13cd5e137294047a76fb9f244a98ba7df979f22c492997f7f4916dd3fc
874a64c76ae3d1fb76c4e9c9b97a4e1d655fd13dc582efb01c80e59222dd542d
92eec204b5ad5f0f2f224aafe74817ccdc27f5786caa4ba49ff68fe0435865d0
9a51de0267f5d4307d9ceab3418187a14e78fced1ef529365387d58ba6d490e9
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9bff134d4cc72f0a5a4a627e00e3db0700329f173100f990678e072d8e165a03
9d35615d83672e5ceb1bf88fb84a9da3a4c243148b10bea4b651f624bac3d674
a838a8cab2b7d95c437c8ee698ecefbd5745e7c9709146d473547f5e88ddab59
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
be49fc5d6c19e1c039597941d69474beeb2115408f8c757a4019e19414b56751
c1826c77619422cbfc2d6c86317f35c583411abd2f75de81a7ee8bb309cd9135
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c83097c2966a55a44d052f1d453f2f2a86e054cf9ce476d1d6a18c5971546f01
c91e06fa9ddd31b7ccf2097169b9334c0626886a2488dc57ff03662a8fee7f34
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5
ce83e8fbffa5e98e1a8da8489741c195717317645b6a01fa39660cc13f971696
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d212386876860bad63673d86fad7436cd68336c50cbf367f326bc4a061a62a58
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9c42d24bff5c44e2f82f65616c142cb6adaa6617973fbeb13d58157a3524157
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e31b5718a4b54cfc8455c60942b6c1925b39b08edf8e6db936d1fa828c383e4e
e3400e3ea6c68192ead1f3ed3b73ed718742596e653370e25dcbf279dfa4e8ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec47e6472651559ca723a66ef956e8b17527d80edc59644be04633abf4516786
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be
f84775e2d1a11204d3c64bcee089bbd259983d3c1d55b815f4657278e3cf85da
fb5112588a752ef36a064ece2242fe849bfbb90c333608d4515c4d34bbb81a60

memz-trojan.nl.download.it Open in urlscan Pro 2606:4700:20::ac43:4b7c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

99 %HTTPS

75 %IPv6

17 Domains

26 Subdomains

24 IPs

4 Countries

1018 kBTransfer

3333 kBSize

12 Cookies

51 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

memz-trojan.nl.download.it Open in urlscan Pro
2606:4700:20::ac43:4b7c Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

99 %
HTTPS

75 %
IPv6

17
Domains

26
Subdomains

24
IPs

4
Countries

1018 kB
Transfer

3333 kB
Size

12
Cookies

73 HTTP transactions
0 data transactions