www.malwarebytes.com Open in urlscan Pro
2600:9000:206f:8600:16:26c7:ff80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.malwarebytes.com/remediationmap
Submission: On December 21 via manual (December 21st 2021, 1:30:48 am UTC) from CN — Scanned from DE

Summary HTTP 121 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 37 domains to perform 121 HTTP transactions. The main IP is 2600:9000:206f:8600:16:26c7:ff80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by Amazon on May 26th 2021. Valid for: a year.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	2600:9000:206... 2600:9000:206f:8600:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:21a... 2600:1f18:21ae:6701:3334:1bf4:2185:fae6	14618 (AMAZON-AES) (AMAZON-AES)
5	35.164.247.24 35.164.247.24	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.66 13.35.253.66	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2 6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	13.32.21.115 13.32.21.115	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:f600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.209.62 143.204.209.62	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:710... 2a02:26f0:7100:1b7::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.215.205.165 18.215.205.165	14618 (AMAZON-AES) (AMAZON-AES)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	143.204.209.129 143.204.209.129	16509 (AMAZON-02) (AMAZON-02)
2 2	52.212.206.16 52.212.206.16	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.209.60 143.204.209.60	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:54c0:d5f0:3e0a:5e72	14618 (AMAZON-AES) (AMAZON-AES)
1	52.5.181.6 52.5.181.6	14618 (AMAZON-AES) (AMAZON-AES)
1 8	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
6	99.86.8.140 99.86.8.140	16509 (AMAZON-02) (AMAZON-02)
2 2	18.157.95.55 18.157.95.55	16509 (AMAZON-02) (AMAZON-02)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.154.155.224 54.154.155.224	16509 (AMAZON-02) (AMAZON-02)
1	44.236.11.46 44.236.11.46	16509 (AMAZON-02) (AMAZON-02)
121	45

40 2600:9000:206f:8600:16:26c7:ff80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:21ae:6701:3334:1bf4:2185:fae6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.164.247.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-247-24.us-west-2.compute.amazonaws.com

trace.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-66.fra6.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8019375.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10919923.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-115.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-62.fra53.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b7::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.perk0mean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.205.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-205-165.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-129.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.206.16 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.60 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-60.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:54c0:d5f0:3e0a:5e72 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.181.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-6.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.209 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.2.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-140.fra6.r.cloudfront.net

api.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.95.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-95-55.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.155.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-155-224.eu-west-1.compute.amazonaws.com

events.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.11.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-11-46.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	malwarebytes.com 1 redirects www.malwarebytes.com genesis.malwarebytes.com trace.malwarebytes.com	1 MB
8	mapbox.com api.mapbox.com events.mapbox.com	17 KB
8	doubleclick.net 2 redirects 8019375.fls.doubleclick.net 10919923.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
5	google-analytics.com www.google-analytics.com	21 KB
4	pinterest.de www.pinterest.de	15 KB
4	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
4	google.com adservice.google.com www.google.com	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	google.de www.google.de adservice.google.de	1 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	12 KB
3	facebook.net connect.facebook.net	134 KB
3	googletagmanager.com www.googletagmanager.com	163 KB
3	unpkg.com 1 redirects unpkg.com	4 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	crazyegg.com script.crazyegg.com	3 KB
2	avct.cloud 1 redirects ads.avct.cloud	877 B
2	marketo.net munchkin.marketo.net	6 KB
2	facebook.com www.facebook.com	313 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	pinimg.com s.pinimg.com	19 KB
2	getblueshift.com cdn.getblueshift.com api.getblueshift.com	3 KB
2	licdn.com snap.licdn.com	5 KB
2	demandbase.com api.demandbase.com scripts.demandbase.com	18 KB
2	cookielaw.org cdn.cookielaw.org	27 KB
1	districtm.io dmx.districtm.io	268 B
1	mktoresp.com 805-usg-300.mktoresp.com	311 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	675 B
1	adsrvr.org insight.adsrvr.org	261 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	avocet.io 1 redirects ads.avocet.io	140 B
1	googleadservices.com www.googleadservices.com	14 KB
1	rlcdn.com id.rlcdn.com	66 B
1	quora.com q.quora.com	421 B
1	perk0mean.com secure.perk0mean.com	304 B
1	onetrust.com geolocation.onetrust.com	256 B
121	37

	Domain	Requested by
40	www.malwarebytes.com	1 redirects www.malwarebytes.com www.googletagmanager.com
6	api.mapbox.com	trace.malwarebytes.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.malwarebytes.com
5	trace.malwarebytes.com	www.malwarebytes.com trace.malwarebytes.com
4	www.pinterest.de	s.pinimg.com www.malwarebytes.com
3	ct.pinterest.com	s.pinimg.com www.malwarebytes.com
3	10919923.fls.doubleclick.net	1 redirects www.googletagmanager.com www.malwarebytes.com
3	8019375.fls.doubleclick.net	1 redirects www.googletagmanager.com www.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
3	unpkg.com	1 redirects www.malwarebytes.com www.googletagmanager.com
2	events.mapbox.com	trace.malwarebytes.com
2	x.bidswitch.net	2 redirects
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	ads.avct.cloud	1 redirects
2	munchkin.marketo.net	www.malwarebytes.com munchkin.marketo.net
2	www.google.de	www.malwarebytes.com
2	www.google.com	www.malwarebytes.com
2	adservice.google.com	8019375.fls.doubleclick.net 10919923.fls.doubleclick.net
2	www.facebook.com	www.malwarebytes.com
2	segments.company-target.com	1 redirects www.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	2 redirects
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	snap.licdn.com	www.googletagmanager.com
2	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
1	api.getblueshift.com	cdn.getblueshift.com
1	dmx.districtm.io
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	insight.adsrvr.org
1	static.ads-twitter.com	www.malwarebytes.com
1	www.pinterest.com	1 redirects
1	ads.avocet.io	1 redirects
1	rp4.liadm.com	www.malwarebytes.com
1	rp.liadm.com	1 redirects
1	adservice.google.de	adservice.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	id.rlcdn.com	www.malwarebytes.com
1	api.company-target.com	scripts.demandbase.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.malwarebytes.com
1	www.linkedin.com	1 redirects
1	q.quora.com	www.malwarebytes.com
1	secure.perk0mean.com	www.googletagmanager.com
1	cdn.getblueshift.com	www.malwarebytes.com
1	b-code.liadm.com	www.googletagmanager.com
1	scripts.demandbase.com	www.malwarebytes.com
1	api.demandbase.com	www.malwarebytes.com
1	genesis.malwarebytes.com	www.malwarebytes.com
1	geolocation.onetrust.com	www.malwarebytes.com
121	53

This site contains links to these domains. Also see Links.

Domain
onetrust.com
blog.malwarebytes.com
press.malwarebytes.com
www.rsaconference.com
support.malwarebytes.com
forums.malwarebytes.com
www.youtube.com
jobs.malwarebytes.com
my.malwarebytes.com
cloud.malwarebytes.com
partners.malwarebytes.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
de.malwarebytes.com
es.malwarebytes.com
fr.malwarebytes.com
it.malwarebytes.com
pt.malwarebytes.com
br.malwarebytes.com
nl.malwarebytes.com
pl.malwarebytes.com
ru.malwarebytes.com

Subject Issuer	Validity	Valid
www.malwarebytes.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.malwarebytes.com DigiCert SHA2 High Assurance Server CA	`2020-04-10` - `2022-05-23`	2 years	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-01` - `2021-12-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.getblueshift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-19`	a year	crt.sh
*.quora.com R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
api.mapbox.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
events.mapbox.com GeoTrust RSA CA 2018	`2021-04-09` - `2022-04-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.malwarebytes.com/remediationmap
Frame ID: 841A04ACBDC5F142180F4CBAE9FE5DE4
Requests: 101 HTTP requests in this frame

Frame: https://trace.malwarebytes.com/tap4/
Frame ID: 7AC87C4B67411A83B690ACB8A694D998
Requests: 17 HTTP requests in this frame

Frame: https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
Frame ID: 166C1AD454AC3B8BE1DDE2C2EF59B456
Requests: 1 HTTP requests in this frame

Frame: https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
Frame ID: 9CD15D6FBA20C79A39A9FD664207137A
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
Frame ID: E3F1482AE412AE2AA890D95CD4C285FE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
Frame ID: 5D27173A3C0E3796F3CCB7E6B5D62E94
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DE7E2BF9D353E1300340CFD48085A3A2
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 122741ACAFDCE6543B5CF9CF24FDA97D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Remediation mapThe official Malwarebytes logoBlue arrowBlue arrowBlue arrow1-99Blue arrowBlue arrowBlue arrowBlue arrowBlue arrowPrivacyBlue arrow

Page URL History Show full URLs

https://www.malwarebytes.com/remediationmap/ HTTP 301
https://www.malwarebytes.com/remediationmap Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

93 %
HTTPS

44 %
IPv6

37
Domains

53
Subdomains

45
IPs

6
Countries

1583 kB
Transfer

5618 kB
Size

36
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Malwarebytes Labs

Search URL Search Domain Scan URL

URL: https://press.malwarebytes.com/
Title: Press & News

Search URL Search Domain Scan URL

URL: https://www.rsaconference.com/usa
Title: Featured Event:

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://forums.malwarebytes.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7JQhkZpiyvGPufW2RPBoQ
Title: Training for Personal Products

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/articles/360046199873-Activate-Malwarebytes-Privacy-on-Windows-device
Title: See Content Blue arrow Created with Sketch.

Search URL Search Domain Scan URL

URL: https://jobs.malwarebytes.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login
Title: My Account

Search URL Search Domain Scan URL

URL: https://cloud.malwarebytes.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://partners.malwarebytes.com/English
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.malwarebytes.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.malwarebytes.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://it.malwarebytes.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt.malwarebytes.com/
Title: Português (Portugal)

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://nl.malwarebytes.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.malwarebytes.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://ru.malwarebytes.com/
Title: Pусский

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.malwarebytes.com/remediationmap/ HTTP 301
https://www.malwarebytes.com/remediationmap Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://unpkg.com/aos@2.3.1/dist/aos.css?v=77764225 HTTP 302
https://unpkg.com/aos@2.3.1/dist/aos.css

Request Chain 53

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap HTTP 302
https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Request Chain 68

https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap HTTP 302
https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Request Chain 70

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1640050242862%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fremediationmap%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true&e_ipv6=AQJO0T3FzWO7hgAAAX3anLZxUptlILj22NIQUbZN9b4dP0qnjgZqQAaRFEzc_kJCwSZAO7oh

Request Chain 74

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ&verifyHash=629040e5d05448b6bf6a7929fce6f830dcd3c238

Request Chain 86

https://rp.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdGxlPlJlbWVkaWF0aW9uIG1hcDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IldhdGNoIE1hbHdhcmVieXRlcyBjYXRjaCB0aHJlYXRzIHRoYXQgb3RoZXIgc2VjdXJpdHkgY29tcGFuaWVzIG1pc3MgaW4gcmVhbCB0aW1lIG9uIHRoaXMgcmVtZWRpYXRpb24gbWFwLiI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT4xLTk5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5Qcml2YWN5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48c3BhbiBzdHlsZT0iY29sb3I6ICMwODI4ODI7Ij5XZSBjYXRjaCB3aGF0IG90aGVycyBtaXNzPC9zcGFuPjwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdGxlPlJlbWVkaWF0aW9uIG1hcDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IldhdGNoIE1hbHdhcmVieXRlcyBjYXRjaCB0aHJlYXRzIHRoYXQgb3RoZXIgc2VjdXJpdHkgY29tcGFuaWVzIG1pc3MgaW4gcmVhbCB0aW1lIG9uIHRoaXMgcmVtZWRpYXRpb24gbWFwLiI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT4xLTk5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5Qcml2YWN5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48c3BhbiBzdHlsZT0iY29sb3I6ICMwODI4ODI7Ij5XZSBjYXRjaCB3aGF0IG90aGVycyBtaXNzPC9zcGFuPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true

Request Chain 98

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j HTTP 307
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j HTTP 307
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

Request Chain 99

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

Request Chain 115

https://x.bidswitch.net/sync?dsp_id=59&user_group=2&user_id=9c36421f-fdea-4a64-95cc-5165ebf99852 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_group=2&user_id=9c36421f-fdea-4a64-95cc-5165ebf99852 HTTP 302
https://dmx.districtm.io/s/10009/69aff686-f570-4c40-a23d-0bb6cd639bb3

121 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request remediationmap Show response
www.malwarebytes.com/
Redirect Chain

https://www.malwarebytes.com/remediationmap/
https://www.malwarebytes.com/remediationmap

126 KB
27 KB

402ms
402ms

Document
text/html

2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa768d10a5e8996fe11bff78a19363f7486f47226f762f1b17f0f664a3affc2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private
date: Tue, 21 Dec 2021 01:30:41 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: I2yAl86JuWpjYCJAspJzYIWx3aUvrxgyWg1svD-tZgOftnEx0m0qvg==

Redirect headers

content-type: text/html; charset=UTF-8
content-length: 166
location: https://www.malwarebytes.com/remediationmap
date: Tue, 21 Dec 2021 01:30:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: l7ir88aGfnpm_4Y13WrqWs5knnK6FcrLNk6IQeGtF3Ud1ax2vPEinw==

GET
H2 200 jquery.min.js Show response
www.malwarebytes.com/js/library/ 87 KB
31 KB 15ms
14ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:27 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 20:51:28 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
etag: W/"a7c934aaaa9d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Rpt7xhWrUlocy89G_aJ-2HZPE_2SPWVBGYnSuklW445wKH7y6xnpMQ==

GET
H2 200 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
cdn.cookielaw.org/consent/ 140 KB
21 KB 62ms
22ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NyuiOqvVdJMyWTtUb2ZlDA==
age: 4446
vary: Accept-Encoding
content-length: 20591
x-ms-lease-status: unlocked
last-modified: Wed, 19 Aug 2020 23:29:25 GMT
server: cloudflare
etag: 0x8D84497B6030FBF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 56497d15-001e-007f-3215-b646d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c0d58bd1ff1374f-MXP
expires: Tue, 21 Dec 2021 05:30:42 GMT

GET
H2 200 slick.min.css
www.malwarebytes.com/css/ 8 KB
2 KB 19ms
18ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/slick.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d5dbdf92525679908490a5d29c6fc62f8129163b935a882b29bb7fb2b14558c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:27 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 22:36:40 GMT
server: Microsoft-IIS/10.0
age: 195
x-powered-by: ASP.NET
etag: W/"c8b6f143ed50d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1e7ebaueKHRMrHk2ody99sP6sCO87ecweBwMLjj6SUt8NsI70vP9fA==

GET
H2 200 slick-theme.min.css
www.malwarebytes.com/css/ 0
349 B 19ms
18ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/slick-theme.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 16:48:23 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
etag: "dfe96ef2974dd71:0"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: UjwlmOCB6QjlUHyl8ceG_LI9MD9VXq0JRgG4JCZG8uIHgViTJkjqSQ==

GET
H2 200 bootstrap_mwb.min.css
www.malwarebytes.com/css/ 87 KB
15 KB 20ms
18ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/bootstrap_mwb.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:19:44 GMT
content-encoding: gzip
etag: W/"677c94d5d45d71:0"
last-modified: Sun, 09 May 2021 19:59:35 GMT
server: Microsoft-IIS/10.0
age: 657
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4agITGAJQK53Q2JQlmXGIHpeWEM42R7KMtBXWzgvzE28uaiBvzUeEg==

GET
H2 200 bootstrap_overrides.min.css
www.malwarebytes.com/css/ 19 KB
4 KB 22ms
20ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/bootstrap_overrides.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82dd3077aedc1dc7221e3e5213e2728db90f833af6419a1304cbfaa2108f373d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"33dff1d46ddd71:0"
last-modified: Fri, 19 Nov 2021 05:32:24 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: yrS3ai6AFipmI86cC5uIvPca2nJ5eBZIZPkN01yrnB0MLvv-pmfu7A==

GET
H2 200 font-awesome.min.css
www.malwarebytes.com/css/ 1 KB
904 B 20ms
18ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/font-awesome.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"cc7451b3dd0d71:0"
last-modified: Tue, 02 Nov 2021 22:58:09 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 7_hXv6lpP37BBB-4UyYKiXByQP7IUTGTyfjteD_98EdFpDb4-NoXIw==

GET
H2 200 fonts.min.css
www.malwarebytes.com/css/ 7 KB
955 B 29ms
27ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"1c46f8bc1841d71:0"
last-modified: Tue, 04 May 2021 19:07:33 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: STpDJ5Yo2OZVqyW60Ak5eaoIy5uxtOb7NeQ6ct2RtCcNdq1yLD4E7Q==

GET
H2 200 styles.min.css
www.malwarebytes.com/css/ 53 KB
10 KB 23ms
21ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a94b87209cd778af6e2ca89866c8f4576d8f4ca1aed831c29fd9a17e4c224f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:11 GMT
content-encoding: gzip
etag: W/"9e7227c779f0d71:0"
last-modified: Mon, 13 Dec 2021 23:33:05 GMT
server: Microsoft-IIS/10.0
age: 658
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: H_i6cZQDkyn0zfaI-0gWC_TxgCGGqFvh3N6mgbXlD5ePjtXQPxlMEA==

GET
H2 200 styles_overrides.min.css
www.malwarebytes.com/css/ 26 KB
6 KB 21ms
19ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b84225085a21f4908f8a9a17b8a8049e0b7fcb4205167ad87b57469e124aac4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:27 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 23:35:46 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
etag: W/"defa4f277af0d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: H1Xr_7Km3znysgXYuTWHIs-aCI-2edhCDIHpNuaELbN8g-ZUdekX-A==

GET
H2 200 styles_components.css
www.malwarebytes.com/css/ 50 KB
7 KB 22ms
20ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles_components.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: da209c9ed474b489cb1ac7817915dddfc761b2f188d6b418bf2dc709e4e1eeca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"19879fa87af0d71:0"
last-modified: Mon, 13 Dec 2021 23:39:23 GMT
server: Microsoft-IIS/10.0
age: 195
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: laJpRvucuKKrXf2xCZsxbsVP22nnRKlHwNhHtfhnbFUc3WE3qvexLg==

GET
H2 200 master_page.min.css
www.malwarebytes.com/css/ 44 KB
9 KB 25ms
23ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/master_page.min.css?v=77764225
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dd7998adcd0cf9d176473e259390063512c418d38d074e1e42c238ae28840d0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"5c2556257af0d71:0"
last-modified: Mon, 13 Dec 2021 23:35:43 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 7lKVBoeSAH90Eeoq-XAYPeYI8jiuG7DZg2oRCGHU9wUSUu6eTkNK6w==

GET
H2

200

aos.css
unpkg.com/aos@2.3.1/dist/
Redirect Chain

https://unpkg.com/aos@2.3.1/dist/aos.css?v=77764225
https://unpkg.com/aos@2.3.1/dist/aos.css

25 KB
2 KB

24ms
24ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10738167
fly-request-id: 01FDD92HZBW7QVXMZWSDQFGVXK
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c0d58bd4ae483ac-MXP

Redirect headers

date: Tue, 21 Dec 2021 01:30:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FQD92SXYF7RH06FPJNRPW995
server: cloudflare
age: 740
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /aos@2.3.1/dist/aos.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c0d58bd1aca83ac-MXP
access-control-allow-origin: *

GET
H2 200 slick.min.js Show response
www.malwarebytes.com/js/user-experience/carousel/ 42 KB
11 KB 16ms
14ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/user-experience/carousel/slick.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"4e8eae52aaa9d71:0"
last-modified: Tue, 14 Sep 2021 20:51:42 GMT
server: Microsoft-IIS/10.0
age: 190
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5n5bocMex9hxoWFwX07FjT1iQabEUsBxGXP-jL3l4-qoCY3WXipogQ==

GET
H2 200 popper.min.js Show response
www.malwarebytes.com/js/user-experience/tooltip/ 21 KB
8 KB 17ms
16ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/user-experience/tooltip/popper.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 20:51:35 GMT
server: Microsoft-IIS/10.0
age: 190
x-powered-by: ASP.NET
etag: W/"8db91c4eaaa9d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9Z7aZkSR-enLlpXL3unmApm-yiWoSTZdT7vjureX8cCze7w43GJFrA==

GET
H2 200 bootstrap.min.js Show response
www.malwarebytes.com/js/ 39 KB
11 KB 26ms
25ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/bootstrap.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:11 GMT
content-encoding: gzip
etag: W/"1cc9f12dad93d71:0"
last-modified: Tue, 17 Aug 2021 21:16:44 GMT
server: Microsoft-IIS/10.0
age: 657
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YqXh8Xm69C8-hZDzBeSAVXgTSz_tU2BvuX84hPBZQ2aGhaEzs7JIgw==

GET
H2 200 global_mwb.min.js Show response
www.malwarebytes.com/js/ 21 KB
7 KB 25ms
23ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e39a61e62de49ec594437288cb8f6cfd581f14212f9782b5dec6ece2a685ad87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"8a6a52b936f1d71:0"
last-modified: Tue, 14 Dec 2021 22:05:37 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mghiej2bWtWOlxQYqqhSv3CZAG49pDe9UMDHTduPKj3MjI8zpVkuDw==

GET
H2 200 core_ssdomvar_generic-adapter.min.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 25ms
24ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/core_ssdomvar_generic-adapter.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"19d67a4ce344d71:0"
last-modified: Sun, 09 May 2021 14:55:06 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: L5rc3JbsXmqzUIL64igpbN1sizmjNeo-vltQHyqEP-yHfH-9Mwna2Q==

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 26ms
25ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/modernizr.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"c757b660bc7dd71:0"
last-modified: Tue, 20 Jul 2021 23:10:06 GMT
server: Microsoft-IIS/10.0
age: 116
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9K65IryTS_IY5Knb05FjgoBoHeRPpnSKCpfbASkgX8jqJszEEO8B1g==

GET
H2 200 respond.min.js Show response
www.malwarebytes.com/js/ie-fixes/ 4 KB
3 KB 27ms
26ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/ie-fixes/respond.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:11 GMT
content-encoding: gzip
etag: W/"10e31071bc7dd71:0"
last-modified: Tue, 20 Jul 2021 23:10:33 GMT
server: Microsoft-IIS/10.0
age: 657
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 3BLec0eParrqf_BxTWSPfUzCPxZVISqeH8lROLN2bBFdoLjHtu1fCQ==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 21 KB
8 KB 27ms
26ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 21:07:34 GMT
server: Microsoft-IIS/10.0
age: 194
x-powered-by: ASP.NET
etag: W/"f9abef42dbad71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: DrXbzmi54HkWmPUYEnhrxO1jNjPyo5Ao7BgsMEvQXu5wnXR51k81Qw==

GET
H2 200 global-phone.min.js Show response
www.malwarebytes.com/js/ 437 B
803 B 17ms
16ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global-phone.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Sat, 22 May 2021 18:40:24 GMT
server: Microsoft-IIS/10.0
age: 116
x-powered-by: ASP.NET
etag: "801b64ed394fd71:0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 437
x-amz-cf-id: LqV74beGowNi4SAwtPHh81U-qxwEmp39N3E87Aw_bueaALFckb7tdA==

GET
H2 200 xs.min.js Show response
www.malwarebytes.com/js/ 5 KB
2 KB 28ms
28ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/xs.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:27 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 00:55:56 GMT
server: Microsoft-IIS/10.0
age: 195
x-powered-by: ASP.NET
etag: W/"ce4163c3745d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WDYuEne-y5VH9QlOVcDgrhSBfKAdqIT1soiuiVwXMHPunhjWTbHAnA==

GET
H2 200 animate-on-scroll.min.js Show response
www.malwarebytes.com/js/user-experience/animation/ 14 KB
5 KB 16ms
15ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/user-experience/animation/animate-on-scroll.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
etag: W/"53cb6f55aaa9d71:0"
last-modified: Tue, 14 Sep 2021 20:51:47 GMT
server: Microsoft-IIS/10.0
age: 190
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Gn6D1WSgp0IL0TeP299Cz8xYRkScavwMP9-kXosNDvkEfalOw5AzCQ==

GET
H2 200 map_remediation.min.css
www.malwarebytes.com/css/pages/ 1 KB
870 B 130ms
129ms Stylesheet
text/css 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/pages/map_remediation.min.css?v=307768852
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59990b59b55892f39f6fab071288b350d082a1040016080048b029d6d4ebdf48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:41 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 20:52:51 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
x-powered-by: ASP.NET
etag: W/"3d722c4bc8fd71:0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: XAW4uIvwNyC-Mkl6GCIU7IrVF0BXEmEtCsOPQv6G7UCQM2cZ5CfOGA==

GET
H2 200 optimus-systems.webp
www.malwarebytes.com/images/partners/ 2 KB
2 KB 16ms
15ms Image
image/webp 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/partners/optimus-systems.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:20:58 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
etag: "78bd4d65236d71:0"
last-modified: Wed, 21 Apr 2021 02:05:43 GMT
server: Microsoft-IIS/10.0
age: 583
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: gaanQS_Y6F8cA_ZiL14-49qxqdLzLrG56KxypcjiigeAhRAgWgvTwg==

GET
H2 200 rsa2021.jpg
www.malwarebytes.com/images/ 27 KB
28 KB 18ms
16ms Image
image/jpeg 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/rsa2021.jpg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:19:18 GMT
server: Microsoft-IIS/10.0
age: 583
x-powered-by: ASP.NET
etag: "9c6452f84336d71:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 28006
x-amz-cf-id: XZNPxC_gB-Z_n1MHH7J65HBBdpcmJRla45nZXSDAQQmVRqR0RN06nw==

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 24ms
24ms Stylesheet
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E062TbpGx6vwVsuuNM/jFw==
age: 9217
vary: Accept-Encoding
content-length: 5561
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:01 GMT
server: cloudflare
etag: 0x8D83F440F482A65
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b1b34e5b-301e-00ff-506c-c4e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c0d58bd5833374f-MXP

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 71ms
25ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery351005025793616275687_1640050242080&_=1640050242081

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=572605605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c0d58c01afd83b5-MXP
content-length: 32

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
89 KB 78ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c00e723f5fe4c763c6ccfc38a8a7fc17db82048cd28d598c97e465dbad0070b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90820
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Dec 2021 01:30:42 GMT

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 395 B
617 B 348ms
101ms XHR
application/json 2600:1f18:21ae:6701:3334:1bf4:2185:fae6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=572605605
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6701:3334:1bf4:2185:fae6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d973d9d1e6d810204036caca830beadbf4ad6c8a6d9f7a1604cfcd7c9d26e79c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Dec 2021 01:30:42 GMT
access-control-allow-credentials: true
server: Apache-Coyote/1.1
access-control-allow-headers: origin, content-type, accept, authorization
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 graphik-regular.otf
www.malwarebytes.com/css/fonts/ 128 KB
51 KB 10ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-regular.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:52 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:21:31 GMT
server: Microsoft-IIS/10.0
age: 110
x-powered-by: ASP.NET
etag: W/"d8463789727dd71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TzJZ3sk6OoJPRvN_y3TW2sAeVDe1gnTBT5CR04Ki-6O1-t4j-ELDzg==

GET
H2 200 graphik-medium.otf
www.malwarebytes.com/css/fonts/ 134 KB
57 KB 9ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-medium.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:19:24 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:21:06 GMT
server: Microsoft-IIS/10.0
age: 677
x-powered-by: ASP.NET
etag: W/"d150747a727dd71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 13IuW12gQgolLPWeu0Uorpx6UCY4LjGLEqU-r3vOmJ9efN34U_3yKQ==

GET
H2 200 graphik-semibold.otf
www.malwarebytes.com/css/fonts/ 135 KB
58 KB 9ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-semibold.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:52 GMT
content-encoding: gzip
etag: W/"1dbd9e96727dd71:0"
last-modified: Tue, 20 Jul 2021 14:21:53 GMT
server: Microsoft-IIS/10.0
age: 415
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jK72ScO4KdO48R-yEnhSbTKJYaf54hrdsaQCXT1oY4diE3viJ8hCXg==

GET
H2 200 world.svg
www.malwarebytes.com/images/footer/ 4 KB
2 KB 10ms
9ms Image
image/svg+xml 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/footer/world.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:20:58 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:48:18 GMT
server: Microsoft-IIS/10.0
age: 583
x-powered-by: ASP.NET
etag: W/"3cff4e54836d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YWcMlAGx5_SOOHXsf4MiHyAfYNAQuPTU67IiywPj-BoN2plBtdFRKw==

GET
H2 200 footer.min.js Show response
www.malwarebytes.com/js/ 5 KB
3 KB 9ms
9ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/footer.min.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:46 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 21:05:43 GMT
server: Microsoft-IIS/10.0
age: 115
x-powered-by: ASP.NET
etag: W/"b3df5a5daa67d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: yoi01PRRxA5h0M4MiSGW7tO38wjW420BCq-NMGDgzyx6fP7fvExuNA==

GET
H2 200 utilities.js Show response
www.malwarebytes.com/js/ 17 KB
6 KB 10ms
10ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/utilities.js?v=572605605
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 392eb72c9a1d265ef3890cab75b08424e3b3bf9542f390dc8f86aea57d83e63a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:47 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 22:05:38 GMT
server: Microsoft-IIS/10.0
age: 115
x-powered-by: ASP.NET
etag: W/"3733dba36f1d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Grc0xZXv0MleYJesh6ShV-QzeVvT_qiVnae5jEleZ57-bhFzbgJcVQ==

GET
H2 200 / Show response
trace.malwarebytes.com/tap4/ Frame 7AC8 750 B
1 KB 546ms
183ms Document
text/html 35.164.247.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trace.malwarebytes.com/tap4/

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.247.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-247-24.us-west-2.compute.amazonaws.com

Software

Resource Hash

f67f68bb780a0534178a5c576ce451fc5efb952a23855b9bab48ca0d4133e6d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.malwarebytes.com
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.malwarebytes.com
etag: W/"f67f68bb780a0534178a5c576ce451fc"
cache-control: max-age=0, private, must-revalidate
x-request-id: dbd4405f-db0d-4b82-8ba8-347188b5aef6
x-runtime: 0.002934
strict-transport-security: max-age=15552000; includeSubDomains

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 142020e9bf314b129033474a108af0b535b950359063d66f46b0d76c5d445385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cfd2d069a86c0f29ca567ca09f5d4eb8467374a60d6e5d5a9fe05c8fb29ecba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb5b02252ab511b3f0f93b2f469823ad6cfb87c0f3955227c648e9db7e5f28aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d5ae1a01fdb5f49ae01065252eaca0450a30266defebae04a6cf671629bc08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69e4e947bf39a57382ef464b40055f60edc494c35b4503880b40d5d1a5cb1e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 ic-search.svg
www.malwarebytes.com/images/footer/ 601 B
964 B 8ms
8ms Image
image/svg+xml 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/footer/ic-search.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/master_page.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/css/master_page.min.css?v=77764225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:21:00 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:48:14 GMT
server: Microsoft-IIS/10.0
age: 581
x-powered-by: ASP.NET
etag: "6d56f524836d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 601
x-amz-cf-id: unXwFu9MU5PySVFxlWkSq3RJEsvdcGkIeL9C1uFHlLBuID-WKwcqUw==

GET
H2 200 graphik-light.otf
www.malwarebytes.com/css/fonts/ 132 KB
55 KB 10ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-light.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:11 GMT
content-encoding: gzip
etag: W/"fe63516e727dd71:0"
last-modified: Tue, 20 Jul 2021 14:20:46 GMT
server: Microsoft-IIS/10.0
age: 677
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: E_SLYap_aiQoiHFS2NRgIlhfLT4N4-xu0jlT7S7rEBZS0XJA1vLGpg==

GET
H2 200 socicon.woff
www.malwarebytes.com/css/fonts/ 20 KB
20 KB 24ms
23ms Font
font/x-woff 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:27:32 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
etag: "919d722727dd71:0"
last-modified: Tue, 20 Jul 2021 14:18:39 GMT
server: Microsoft-IIS/10.0
age: 190
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: font/x-woff
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 20472
x-amz-cf-id: _bstrIw36Kgb1NqAfEd02HmyQVmstb4MoxJC16oYjAQgV3cCFS82jQ==

GET
H2 200 graphik-bold.otf
www.malwarebytes.com/css/fonts/ 136 KB
58 KB 9ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-bold.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:28:53 GMT
content-encoding: gzip
etag: W/"23643a52727dd71:0"
last-modified: Tue, 20 Jul 2021 14:19:59 GMT
server: Microsoft-IIS/10.0
age: 415
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rgInygJjteQX-1ItVz3Jj6IC_H8rx7jI1M6nKQBrrTHQVHF-EUVzUg==

GET
H2 200 graphik-lightitalic.otf
www.malwarebytes.com/css/fonts/ 136 KB
59 KB 9ms
9ms Font
font/otf 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-lightitalic.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 390635099fc3397ccc6404a6544eb153b75bc85a23e7b6699472088f433af2a2

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css?v=77764225
Origin: https://www.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:12 GMT
content-encoding: gzip
etag: W/"c7a84272727dd71:0"
last-modified: Tue, 20 Jul 2021 14:20:52 GMT
server: Microsoft-IIS/10.0
age: 481
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: uOoNpxsCMs2939tKdHxo-rbBIgLxe1sOx-9MLLZiyJLemFNU9xctrA==

GET
H2 200 intl-sites.json Show response
www.malwarebytes.com/js/ 890 B
1 KB 9ms
8ms XHR
application/json 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/intl-sites.json
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=572605605
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/remediationmap
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:23:12 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
etag: "9d93b9b04336d71:0"
last-modified: Wed, 21 Apr 2021 00:17:18 GMT
server: Microsoft-IIS/10.0
age: 2742
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: application/json
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 890
x-amz-cf-id: y3U_6z29SCmL6YQqYDD2vAZxVXhMZUOuiy268DUtsuwDafe5YkTFmw==

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 430 B
1 KB 130ms
69ms XHR
application/json 13.35.253.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demandbase.com/api/v2/ip.json?key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=572605605
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-66.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 0779fec5437dfc1e968ecd57953dcad82a2b2f3bedb724efcd66901720d93540

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:42 GMT
Identification-Source: CENTRAL
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Access-Control-Max-Age: 7200
Connection: keep-alive
Request-ID: cd94e2b2-f616-445f-bdba-1d37d8221197
Content-Encoding: gzip
Pragma: no-cache
Access-Control-Allow-Origin: https://www.malwarebytes.com
Server: nginx
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json;charset=utf-8
Via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Api-Version: v2
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: Fu_pDnJ_VsFNaRmlaZKgTByZozXERm3aJRCSyg1Rl49j6YJDm7KDaA==
Expires: Mon, 20 Dec 2021 01:30:42 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 69ms
35ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57471
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: gQ4KE1VfMYBGELC3j52E2KO+4n0C8hWQpKQgK2HG7gOxoZsq93PkSotObAO/W0ap2kVnUZn3yy4D8IZx1IyW7g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 21 Dec 2021 01:30:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1776
date: Tue, 21 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 21 Dec 2021 03:01:06 GMT

GET
H3

200

activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap Show response
8019375.fls.doubleclick.net/ Frame 166C
Redirect Chain

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediatio...
https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2...

504 B
422 B

33ms
18ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

7260b856730759db4623e6636409edc4ddfcd173b178bcb2eceb3a52b66061ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 60 KB
16 KB 66ms
45ms Script
application/javascript 13.32.21.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: IE5IzYwU4gx7oNbzFWwbL4ZS6nSJjwBv
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:24:47 GMT
server: AmazonS3
age: 3436
etag: W/"c890c8c9866d4d0ee9b287e7db203091"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 21 Dec 2021 00:34:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: itjnrbDYi9ySVxzh0qQz3Hstc3wXb3iUxgujlEldBnxDmmpALKbWSw==

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 33ms
33ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1549417
fly-request-id: 01FNZ44Y2VE2JFZD1E27NZ7J3J
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c0d58c11e4783ac-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10919923

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16af4bd1866a13a0d414d0a3f3ca2546d3e9b82b4a28f53b83e9ce07e3b624e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36018
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Dec 2021 01:30:42 GMT

GET
H2 200 a-06kg.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 61ms
13ms Script
application/javascript 2600:9000:2057:f600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06kg.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:f600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: c86a4ff5993b96a3a497952d1542fe93d46efdda55c98da63843694d4da41af7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 21:16:04 GMT
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
server: ZIO-Http
age: 15278
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: C3Q2osKwQ1IRBmkDGBQb4iGg1RxAzL7gqwPrOPaHFIiODF79TW7YKQ==

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 61ms
14ms Script
application/javascript 143.204.209.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01fcf88d0ee0ff3cc10a948024394b5a87004538985081ca233b7a95ff286a12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:06:22 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 14 Sep 2021 21:58:07 GMT
Server: AmazonS3
Age: 1462
ETag: "a3a9cba0964243c154ed1cbda397de87"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1960
X-Amz-Cf-Id: dFWHIz0ljlZcgnrm813Ae4yAoTdHaa46C62sqlamHYIN6tRU3XuBzw==

GET
H2 200 activityi;register_conversion=1;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
8019375.fls.doubleclick.net/ 0
0 88ms
24ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8019375.fls.doubleclick.net/activityi;register_conversion=1;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 123ms
101ms Script
application/javascript 2a02:26f0:7100:1b7::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: e6d9a75-104.126.36.205
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK 172061.js Show response
secure.perk0mean.com/js/ 16 B
304 B 151ms
22ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.perk0mean.com/js/172061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Dec 2021 01:30:42 GMT
Server: Kestrel
Content-Type: text/javascript
Expires: 0
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Length: 16
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 17ms
17ms Script
application/javascript 2600:9000:206f:8600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/remediationmap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: gzip
etag: W/"178b70bdbc7dd71:0"
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: ggTWNHb0nQYbfq85eI9vWmOP0DHQWhUOYdVwUlFVsIWDcBCWp9hTfA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b81603e28d5f8f7fd59531055fbb643f7b38a8df6b601af9fcac72c6f95c8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39622
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Dec 2021 01:30:42 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
421 B 422ms
103ms Image
image/gif 18.215.205.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.205.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-205-165.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,0ebfbbc25d0bba36bba6f9a1c25887e2,10.0.0.101,31434,194.36.108.18,,140391848342,1,1640050243.110,0.001,,.,0,0,0.000,0.000,-,0,0,197,89,44,10,26847,,,,,,-,
Content-Type: image/gif

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 35ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: KGArSjTkgPmT42N0Y6gziTLIhUUH7uhltTxUzNujNniAiocl+pFmzo5F04t+9xGBgA3J+jev32gUfP7MaOF3Fw==
x-frame-options: DENY
date: Tue, 21 Dec 2021 01:30:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 44ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23df2bae25ed81e5f500c9398b1f7920d394182a185f4baa1088de7f1c2cc8ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89755
x-xss-protection: 0
pragma: public
x-fb-debug: u4z/v1aU9qIbMeNEhfyxjI1DanrJiPbRFzXtv1CJrgddbPCsyM6rmT3JfhaNPvmVIx1/KJjHmcB/kmMsO6wkpQ==
x-frame-options: DENY
date: Tue, 21 Dec 2021 01:30:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 41ms
16ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Dec 2021 02:17:44 GMT

GET
H3

200

activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremedi... Show response
10919923.fls.doubleclick.net/ Frame 9CD1
Redirect Chain

https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Frem...
https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%...

421 B
367 B

29ms
29ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10919923

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

9d269f4104d9e3444a0f1d849c0485a0b2af5794a229b0235501a6b1960188ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:42 GMT
expires: Tue, 21 Dec 2021 01:30:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
10919923.fls.doubleclick.net/ 0
0 57ms
22ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10919923.fls.doubleclick.net/activityi;register_conversion=1;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1640050242862%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true&e_ipv6=AQJO0T3FzWO7hgAAAX3anLZxUptlILj22NIQUbZN9b4...

0
155 B

311ms
114ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true&e_ipv6=AQJO0T3FzWO7hgAAAX3anLZxUptlILj22NIQUbZN9b4dP0qnjgZqQAaRFEzc_kJCwSZAO7oh
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 22xi0QGhwhaAEdS+7ioAAA==

Redirect headers

date: Tue, 21 Dec 2021 01:30:42 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A3CBB47D7C7947AE8E0521FC6B593C65 Ref B: FRAEDGE1306 Ref C: 2021-12-21T01:30:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1640050242862&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&liSync=true&e_ipv6=AQJO0T3FzWO7hgAAAX3anLZxUptlILj22NIQUbZN9b4dP0qnjgZqQAaRFEzc_kJCwSZAO7oh
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTnfQoRiITNiuxhoV6Zg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3347303-10&cid=1467331049.1640050243&jid=1261557934&uid=968BDBC1-CF3E-4744-ABDE-5DD431EA20F9&gjid=1157916983&_gid=480629282.1640050243&_u=aGBAgEAjAAAAAE~&z=1394396602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Dec 2021 01:30:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=668858584&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&ul=en-us&de=UTF-8&dt=Remediation%20map&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=1261557934&gjid=1157916983&cid=1467331049.1640050243&uid=968BDBC1-CF3E-4744-ABDE-5DD431EA20F9&tid=UA-3347303-10&_gid=480629282.1640050243&gtm=2wgc10MKSKW3&z=2117073279

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 17:20:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 430 B
936 B 107ms
78ms XHR
application/json 143.204.209.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&page_title=Remediation%20map&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-129.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 0779fec5437dfc1e968ecd57953dcad82a2b2f3bedb724efcd66901720d93540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: 8a44f837-317c-4910-8ccc-2dddff4325b6
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i2onmUA1AASLoILh4vl4wcUdEJ9sICvkUPvC_0e2931ch3NXdBD-XQ==
expires: Mon, 20 Dec 2021 01:30:42 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ&verifyHash=629040e5d05448b6bf6a7929fce6f830dcd3c238

26 B
409 B

188ms
188ms

Image
image/gif

143.204.209.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ&verifyHash=629040e5d05448b6bf6a7929fce6f830dcd3c238
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: HTTP/1.1
Server: 143.204.209.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-60.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:43 GMT
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 3934d28810994c62
X-Amz-Cf-Id: H3HILB8i5bwnoD7rkNDKdlJTZ17G1rQWg6vyJrkOHIOD0-Ikq4wEtQ==

Redirect headers

Date: Tue, 21 Dec 2021 01:30:43 GMT
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=ACzlKk7Dgl0AAEs1jHsDFQ&verifyHash=629040e5d05448b6bf6a7929fce6f830dcd3c238
Connection: keep-alive
trace-id: 708bcf3a1ceb79b9
Content-Length: 0
X-Amz-Cf-Id: a8_vSKvjfgr8TSaoNSYd1TgkS5pqoTMzf824ta4_1BGXtHH-MM1hvA==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 41ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&rl=&if=false&ts=1640050242904&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1640050242903.1551994692&it=1640050242751&coo=false&tm=1&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 21 Dec 2021 01:30:42 GMT

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 112ms
112ms Script
application/javascript 2a02:26f0:7100:1b7::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: e6d9a8a-104.126.36.205
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 200 dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap Show response
adservice.google.com/ddm/fls/i/ Frame E3F1 503 B
865 B 66ms
44ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Requested by

Host: 8019375.fls.doubleclick.net
URL: https://8019375.fls.doubleclick.net/activityi;dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3967fd87a508b0a7afcae25fe7880b51dc856545b97f4d723c7de4f270fb095b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8019375.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 42ms
17ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 01:30:42 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 45ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=1467331049.1640050243&jid=1261557934&_u=aGBAgEAjAAAAAE~&z=844358728

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=1467331049.1640050243&jid=1261557934&_u=aGBAgEAjAAAAAE~&z=844358728

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap
adservice.google.com/ddm/fls/z/ Frame 9CD1 42 B
118 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Requested by

Host: 10919923.fls.doubleclick.net
URL: https://10919923.fls.doubleclick.net/activityi;dc_pre=CI-_kaHf8_QCFcTdEQgdcUADig;src=10919923;type=count;cat=malwa0;ord=1;num=1790632906416;gtm=2odc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10919923.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
2 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1640050242964&cv=9&fst=1640050242964&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&tiba=Remediation%20map&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc20dc90e7cf83fa6b9080c8ef5bad645042f47a8d2faad9f64536ec13242bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap Show response
adservice.google.de/ddm/fls/i/ Frame 5D27 194 B
870 B 69ms
45ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO3Gi6Hf8_QCFU474AodGkwCNw;src=8019375;type=conta0;cat=sitew0;ord=3611814316645;gtm=2wgc10;auiddc=1880916361.1640050243;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Dec 2021 01:30:43 GMT
expires: Tue, 21 Dec 2021 01:30:43 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=668858584&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&ul=en-us&de=UTF-8&dt=Remediation%20map&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAjAAAAAE~&jid=&gjid=&cid=1467331049.1640050243&uid=968BDBC1-CF3E-4744-ABDE-5DD431EA20F9&tid=UA-3347303-10&_gid=480629282.1640050243&gtm=2wgc10MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Berlin&cd12=BE&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&z=2113611727

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 17:20:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29424
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdGx...
https://rp4.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdG...

13 B
569 B

418ms
100ms

XHR
application/json

52.5.181.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdGxlPlJlbWVkaWF0aW9uIG1hcDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IldhdGNoIE1hbHdhcmVieXRlcyBjYXRjaCB0aHJlYXRzIHRoYXQgb3RoZXIgc2VjdXJpdHkgY29tcGFuaWVzIG1pc3MgaW4gcmVhbCB0aW1lIG9uIHRoaXMgcmVtZWRpYXRpb24gbWFwLiI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT4xLTk5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5Qcml2YWN5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48c3BhbiBzdHlsZT0iY29sb3I6ICMwODI4ODI7Ij5XZSBjYXRjaCB3aGF0IG90aGVycyBtaXNzPC9zcGFuPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Server

52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-6.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
x-pixel-event-id: 4994faf2-9b83-44d3-99cd-3f2c624ed5a2
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: b456691562c8bd4c

Redirect headers

date: Tue, 21 Dec 2021 01:30:43 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1640050243009&aid=a-06kg&se=e30&duid=ff3668206ce6--01fqd9sdacztddn15txv2v3dkj&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&wpn=lc-bundle&c=PHRpdGxlPlJlbWVkaWF0aW9uIG1hcDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IldhdGNoIE1hbHdhcmVieXRlcyBjYXRjaCB0aHJlYXRzIHRoYXQgb3RoZXIgc2VjdXJpdHkgY29tcGFuaWVzIG1pc3MgaW4gcmVhbCB0aW1lIG9uIHRoaXMgcmVtZWRpYXRpb24gbWFwLiI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT4xLTk5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5CbHVlIGFycm93PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PHRpdGxlPkJsdWUgYXJyb3c8L3RpdGxlPjx0aXRsZT5Qcml2YWN5PC90aXRsZT48dGl0bGU-Qmx1ZSBhcnJvdzwvdGl0bGU-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48c3BhbiBzdHlsZT0iY29sb3I6ICMwODI4ODI7Ij5XZSBjYXRjaCB3aGF0IG90aGVycyBtaXNzPC9zcGFuPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.malwarebytes.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: a19f16620dcf59d7
request-time: 1
content-length: 0
x-content-type-options: nosniff

GET
H3 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
64 B 38ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1640050242964&cv=9&fst=1640048400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&tiba=Remediation%20map&async=1&fmt=3&is_vtc=1&random=862329590&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
64 B 35ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1640050242964&cv=9&fst=1640048400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&tiba=Remediation%20map&async=1&fmt=3&is_vtc=1&random=862329590&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 520 B
862 B 51ms
34ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Atrue%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&cb=1640050243029

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.896656b8.1640050243.201b026
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1337954661059002
pin-unauth: dWlkPU9URm1PREUwWTJRdE0yVmlZUzAwT1RJMExXRTBNekV0TjJZek9XVmtOVEEzWXprMQ
access-control-allow-origin: https://www.malwarebytes.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 375
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 56ms
39ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Atrue%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1640050243030

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:43 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.896656b8.1640050243.201b027
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 9497719881479853
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 75ms
43ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:43 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.896656b8.1640050243.201b037
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4587320395659447
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 application-33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672.css
trace.malwarebytes.com/assets/ Frame 7AC8 203 KB
34 KB 177ms
175ms Stylesheet
text/css 35.164.247.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trace.malwarebytes.com/assets/application-33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672.css

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/tap4/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.247.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-247-24.us-west-2.compute.amazonaws.com

Software

Resource Hash

33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trace.malwarebytes.com/tap4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 19 Jul 2021 20:06:31 GMT
content-length: 34719
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css

GET
H2 200 application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js Show response
trace.malwarebytes.com/assets/ Frame 7AC8 1 MB
410 KB 504ms
502ms Script
application/javascript 35.164.247.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/tap4/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.247.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-247-24.us-west-2.compute.amazonaws.com

Software

Resource Hash

282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trace.malwarebytes.com/tap4/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:43 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 19 Jul 2021 20:06:31 GMT
content-length: 419555
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DE7E 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.malwarebytes.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 21 Dec 2021 01:30:43 GMT

GET
DATA 200
OK truncated
/ Frame 7AC8 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 rtconn Show response
trace.malwarebytes.com/api/ Frame 7AC8 63 B
358 B 174ms
174ms XHR
application/json 35.164.247.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trace.malwarebytes.com/api/rtconn

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.247.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-247-24.us-west-2.compute.amazonaws.com

Software

Resource Hash

caf9a3d4972a1e3153bbd01c6143c9cbd45816c97174ac1011f8162b20461cce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.malwarebytes.com
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://trace.malwarebytes.com/tap4/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-runtime: 0.001055
date: Tue, 21 Dec 2021 01:30:44 GMT
etag: W/"caf9a3d4972a1e3153bbd01c6143c9cb"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: frame-ancestors https://*.malwarebytes.com
x-request-id: 9126bb20-bfb0-464a-a96b-5993aa92130c

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 66ms
19ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

123 B
479 B

30ms
30ms

Script
application/javascript

34.240.2.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
Protocol: H2
Server: 34.240.2.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-2-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d9f9f0f1daa43e1487f38e39320a4377a74de2c34e00bf1709aa488cc6833570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 123
content-type: application/javascript

Redirect headers

location: /s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
date: Tue, 21 Dec 2021 01:30:44 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 100
content-type: text/html; charset=utf-8

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 1227
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

206ms
205ms

Document
text/html

104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b1ca84753ddde2732642dcaf44f69c9a85ae478691fa2df7f560aea71874dd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-fc0b48f6263f556d820cb45403fab0e5' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7817364861450900; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-fc0b48f6263f556d820cb45403fab0e5' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7817364861450900; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-fc0b48f6263f556d820cb45403fab0e5' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 111
pinterest-generated-by: coreapp-webapp-prod-0a03870a
content-encoding: gzip
pinterest-version: f2bf91b
referrer-policy: origin
x-pinterest-rid: 7817364861450900
date: Tue, 21 Dec 2021 01:30:44 GMT
content-length: 280
akamai-grn: 0.896656b8.1640050244.201b1b5
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 104
pinterest-generated-by: coreapp-webapp-prod-0a03a331
content-encoding: gzip
pinterest-version: f2bf91b
referrer-policy: origin
x-pinterest-rid: 1380207593704892
date: Tue, 21 Dec 2021 01:30:44 GMT
akamai-grn: 0.896656b8.1640050244.201b184
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 5 KB
2 KB 82ms
25ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 909765
cf-polished: origSize=4899
cf-ray: 6c0d58cbdf4359b9-MXP
ce-version: 11.1.376
last-modified: Fri, 10 Dec 2021 12:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57469
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 41ms
18ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000048-IAD, cache-hhn11551-HHN

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 108ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=jtuxrxn&ct=0:fyckj1z&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Dec 2021 01:30:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=668858584&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&ul=en-us&de=UTF-8&dt=Remediation%20map&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=25&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1467331049.1640050243&uid=968BDBC1-CF3E-4744-ABDE-5DD431EA20F9&tid=UA-3347303-10&_gid=480629282.1640050243&gtm=2wgc10MKSKW3&z=1439440455

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 17:20:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 20ms
20ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 31 Mar 2022 01:30:44 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 144ms
125ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a2b8ad7a-5719-4cd1-9943-16709b5936c1&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Tue, 21 Dec 2021 01:30:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 64a0491e788aa6011a79a0d18fbcf3bf3640fe6b033e56c554b994b15f418d2d
x-transaction: 8a253319a6f307b1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 148ms
130ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a2b8ad7a-5719-4cd1-9943-16709b5936c1&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Tue, 21 Dec 2021 01:30:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3aebde511d8a041ee46f9265601c92564bd0be992ed942c21258cd19381edc8d
x-transaction: babe4851934a3102
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
311 B 486ms
95ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1640050244451&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1640050244450-53937&_mchHo=www.malwarebytes.com&_mchPo=&_mchRu=%2Fremediationmap&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 11dfddbb-e911-4590-9f1b-5ef5c549de1b

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/data-scripts/0081/ 752 B
604 B 60ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b60574ddf13a8930c1feafa39c2a973670900c0145237ed9a29ed5e92c71ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 909784
ce-version: 11.1.376
content-length: 258
timing-allow-origin: *
last-modified: Fri, 10 Dec 2021 12:47:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6c0d58cc48da3754-MXP

GET
H2 200 fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
trace.malwarebytes.com/assets/ Frame 7AC8 75 KB
76 KB 173ms
173ms Font
application/font-woff2 35.164.247.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trace.malwarebytes.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.164.247.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-247-24.us-west-2.compute.amazonaws.com

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://trace.malwarebytes.com/assets/application-33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672.css
Origin: https://trace.malwarebytes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
last-modified: Mon, 19 Jul 2021 20:06:31 GMT
content-length: 77160
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/font-woff2

GET
H/1.1 200
OK ckpzri5qm050g17u6lex1whxj Show response
api.mapbox.com/styles/v1/mwb-dse-is/ Frame 7AC8 134 KB
10 KB 149ms
121ms Fetch
application/json 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mapbox.com/styles/v1/mwb-dse-is/ckpzri5qm050g17u6lex1whxj?access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.8.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-8-140.fra6.r.cloudfront.net

Software

Resource Hash

d5ae31de99077e81960ef25a492e9bf7f16ab1316cbda66c3fd99695391adb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Origin: mbx-styles
X-Amz-Cf-Pop: FRA6-C1
X-DNS-Prefetch-Control: off
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Referrer-Policy: origin
X-Frame-Options: DENY
ETag: W/"21642-MzS49ylxNC1uNXJvhoSAn8x2NuQ"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: Link
Cache-Control: max-age=900
Transfer-Encoding: chunked
X-Amz-Cf-Id: IPe4w5tJYe2EmT7KS3D582Ev9huw1jrWJyANJyIXP_fT3ODgzH0fqg==

GET
DATA 200
OK truncated
/ Frame 7AC8 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e701baee8f76f0869b1b47a1bc5595f6e0f17615a5a6be939c39be3c1cf9e2a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 603f142c-ee83-4a85-bfc5-c86af12f2149
https://trace.malwarebytes.com/ Frame 7AC8 394 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trace.malwarebytes.com/603f142c-ee83-4a85-bfc5-c86af12f2149
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f9fa3062a12300c447d885343ca0b51372826613f4669f00b65250f0c3e207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 403948
Content-Type: text/javascript

GET
BLOB 200
OK 603f142c-ee83-4a85-bfc5-c86af12f2149
https://trace.malwarebytes.com/ Frame 7AC8 394 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trace.malwarebytes.com/603f142c-ee83-4a85-bfc5-c86af12f2149
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1f9fa3062a12300c447d885343ca0b51372826613f4669f00b65250f0c3e207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 403948
Content-Type: text/javascript

GET
H2

204

69aff686-f570-4c40-a23d-0bb6cd639bb3
dmx.districtm.io/s/10009/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=59&user_group=2&user_id=9c36421f-fdea-4a64-95cc-5165ebf99852
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_group=2&user_id=9c36421f-fdea-4a64-95cc-5165ebf99852
https://dmx.districtm.io/s/10009/69aff686-f570-4c40-a23d-0bb6cd639bb3

0
268 B

40ms
14ms

Image
text/plain

104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmx.districtm.io/s/10009/69aff686-f570-4c40-a23d-0bb6cd639bb3
Protocol: H2
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6c0d58cd296e0eab-FRA
access-control-allow-headers: Content-Type, Origin

Redirect headers

Location: //dmx.districtm.io/s/10009/69aff686-f570-4c40-a23d-0bb6cd639bb3
Date: Tue, 21 Dec 2021 01:30:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK mapbox.mapbox-traffic-v1.json Show response
api.mapbox.com/v4/ Frame 7AC8 1 KB
1 KB 46ms
46ms Fetch
application/json 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/v4/mapbox.mapbox-traffic-v1.json?secure&access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-140.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 6f8499fd4cff6401fe4ec3841790c588076b5d520a5152dbf02ecc246212f435

Request headers

Accept: application/json
Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
X-Rate-Limit-Limit: 100000
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 07 Jul 2020 20:31:32 GMT
ETag: "b46f310e74171e83cce490637f9217e3"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
X-Rate-Limit-Interval: 60
Access-Control-Expose-Headers: Link
Cache-Control: max-age=300,s-maxage=300
X-Rate-Limit-Reset: 1640050304
X-Amz-Cf-Id: pmv3dsztl_xlmFabeEjoOCpcx3y-Hn6gXRgM9bCvVC2OazdS1XLFTQ==

GET
H/1.1 200
OK mapbox.mapbox-terrain-v2,mapbox.mapbox-streets-v8.json Show response
api.mapbox.com/v4/ Frame 7AC8 16 KB
4 KB 61ms
45ms Fetch
application/json 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/v4/mapbox.mapbox-terrain-v2,mapbox.mapbox-streets-v8.json?secure&access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-140.fra6.r.cloudfront.net
Software: / Express
Resource Hash: a143b7c314d64e17dccf357bedad86b3abddd44a26a6f37395dfa163a046061b

Request headers

Accept: application/json
Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Content-Encoding: gzip
X-Rate-Limit-Limit: 100000
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 30 Mar 2021 19:18:46 GMT
ETag: "76f6d15cce96f080e70d013e6657b9f4"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
X-Rate-Limit-Interval: 60
Access-Control-Expose-Headers: Link
Cache-Control: max-age=43200,s-maxage=300
X-Rate-Limit-Reset: 1640050304
X-Amz-Cf-Id: YZjHby4C1bSbpsN5ieSezrfJDuirzLVIKgcTkZUakhsRBq_8TWinmg==

GET
H/1.1 200
OK sprite.json Show response
api.mapbox.com/styles/v1/mwb-dse-is/ckpzri5qm050g17u6lex1whxj/ck2u8j60r58fu0sgyxrigm3cu/ Frame 7AC8 2 B
729 B 28ms
12ms Fetch
application/json 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mapbox.com/styles/v1/mwb-dse-is/ckpzri5qm050g17u6lex1whxj/ck2u8j60r58fu0sgyxrigm3cu/sprite.json?access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q

Requested by

Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.8.140 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-8-140.fra6.r.cloudfront.net

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 16:29:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Origin: mbx-styles
Age: 3747671
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Referrer-Policy: origin
X-Frame-Options: DENY
ETag: "sprite-4.5.8-v1/ck2u8j60r58fu0sgyxrigm3cu"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: Link
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: Hj4-S-wNFb-VMgHeKAxNq2Hj4WfXyi4vLTXlRe_lU0gyUAXGsfdVoA==

GET
H/1.1 200
OK sprite.png Show response
api.mapbox.com/styles/v1/mwb-dse-is/ckpzri5qm050g17u6lex1whxj/ck2u8j60r58fu0sgyxrigm3cu/ Frame 7AC8 68 B
564 B 68ms
53ms Fetch
image/png 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/styles/v1/mwb-dse-is/ckpzri5qm050g17u6lex1whxj/ck2u8j60r58fu0sgyxrigm3cu/sprite.png?access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-140.fra6.r.cloudfront.net
Software: /
Resource Hash: c740138699c3ed8df4012bbff838cb8e5ea6c6a0fb5b03944a76ab781687c3ed

Request headers

accept: image/webp,*/*
Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 21 Dec 2021 01:30:44 GMT
Via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
X-Origin: mbx-styles
X-Amz-Cf-Pop: FRA6-C1
ETag: "sprite-4.5.8-v1/ck2u8j60r58fu0sgyxrigm3cu"
X-Cache: Miss from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 68
X-Amz-Cf-Id: z1MC2cmnIJX5h_dy8EL1u29OWJqcMLS9KGD73Pw4NmYIpGx_UiR_LA==

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 1227 0
4 KB 167ms
166ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=7817364861450900

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-f7053f14dd673807b16acf28d4ae26aa' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8819347244663533; frame-ancestors 'self' , script-src 'nonce-f7053f14dd673807b16acf28d4ae26aa' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8819347244663533
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-f7053f14dd673807b16acf28d4ae26aa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8819347244663533; frame-ancestors 'self' , script-src 'nonce-f7053f14dd673807b16acf28d4ae26aa' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8819347244663533
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.896656b8.1640050244.201b1fc
content-security-policy-report-only: script-src 'nonce-f7053f14dd673807b16acf28d4ae26aa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 71
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 8819347244663533
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 21 Dec 2021 01:30:45 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03bd24

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 1227 0
4 KB 127ms
126ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-a6d3767717c672111cabd9296b5d35d6' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8642936318070038; frame-ancestors 'self' , script-src 'nonce-a6d3767717c672111cabd9296b5d35d6' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8642936318070038
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a6d3767717c672111cabd9296b5d35d6' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=8642936318070038; frame-ancestors 'self' , script-src 'nonce-a6d3767717c672111cabd9296b5d35d6' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=8642936318070038
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.896656b8.1640050244.201b1fd
content-security-policy-report-only: script-src 'nonce-a6d3767717c672111cabd9296b5d35d6' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 27
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 8642936318070038
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 21 Dec 2021 01:30:44 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a038240

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 1227 0
4 KB 128ms
128ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/remediationmap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-2aa63a595115bf503e2304918db76248' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1761708998717439; frame-ancestors 'self' , script-src 'nonce-2aa63a595115bf503e2304918db76248' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1761708998717439
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-2aa63a595115bf503e2304918db76248' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1761708998717439; frame-ancestors 'self' , script-src 'nonce-2aa63a595115bf503e2304918db76248' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1761708998717439
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.896656b8.1640050244.201b1fe
content-security-policy-report-only: script-src 'nonce-2aa63a595115bf503e2304918db76248' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1761708998717439
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 21 Dec 2021 01:30:44 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a039926

POST
H2 204 v2 Show response
events.mapbox.com/events/ Frame 7AC8 0
76 B 120ms
46ms Fetch 54.154.155.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.mapbox.com/events/v2?access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.155.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-155-224.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 21 Dec 2021 01:30:44 GMT
x-powered-by: Express

POST
H2 204 v2 Show response
events.mapbox.com/events/ Frame 7AC8 0
75 B 44ms
44ms Fetch 54.154.155.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.mapbox.com/events/v2?access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.155.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-155-224.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 21 Dec 2021 01:30:45 GMT
x-powered-by: Express

GET
H/1.1 200
OK v1 Show response
api.mapbox.com/map-sessions/ Frame 7AC8 0
428 B 45ms
45ms Fetch 99.86.8.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/map-sessions/v1?sku=101RzM9fnfvmZ&access_token=pk.eyJ1IjoibXdiLWRzZS1pcyIsImEiOiJjajhnNm1zMTcwOTNrMnduNmtkcmh5bjluIn0.XmyTeyi861ns5nwZWyqs1Q
Requested by: Host: trace.malwarebytes.com
URL: https://trace.malwarebytes.com/assets/application-282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-140.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trace.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 21 Dec 2021 01:30:45 GMT
Via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
X-Origin: mbx-styles
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Cache-Control: max-age=300
Connection: keep-alive
X-Amz-Cf-Id: r7YFdv1s9yVlrnJuqkv9b0Jd4Ck6sAy3qlRIF0dl7ISBzQWPiUZSXg==

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
985 B 624ms
263ms XHR
image/gif 44.236.11.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getblueshift.com/unity.gif?t=1640050245&e=pageload&r=&z=587224&x=8739733907f9c067f09a89f919ba4a7d&k=c140c6a7-b779-f147-186e-82bf99e3199b&u=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap

Requested by

Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.11.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-11-46.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 01:30:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
content-transfer-encoding: binary
content-disposition: inline; filename="unity.gif"
x-xss-protection: 1; mode=block
x-request-id: 2d9c5aa5-e54a-498b-8588-95ae83a22666
x-runtime: 0.089876
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS, HEAD
content-type: image/gif
pragma: no-cache
access-control-expose-headers: ETag
cache-control: no-cache, no-store
access-control-allow-headers: *,x-requested-with,Content-Type,If-Modified-Since,If-None-Match
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malwarebytes.com/	1970-01-20 01:43:46	Name: _gcl_au Value: 1.1.1880916361.1640050243
.malwarebytes.com/	1970-01-20 08:19:46	Name: gaUserID Value: 968BDBC1-CF3E-4744-ABDE-5DD431EA20F9
.malwarebytes.com/	1970-01-23 05:59:16	Name: original_referral_url Value: malwarebytes.com
.malwarebytes.com/	1969-12-31 23:59:59	Name: most_recent_referral_url Value: malwarebytes.com
.malwarebytes.com/	1970-01-20 17:05:22	Name: _ga Value: GA1.2.1467331049.1640050243
.malwarebytes.com/	1970-01-19 23:35:36	Name: _gid Value: GA1.2.480629282.1640050243
www.malwarebytes.com/	1970-01-19 23:35:36	Name: over100 Value: false
.malwarebytes.com/	1970-01-19 23:34:10	Name: _dc_gtm_UA-3347303-10 Value: 1
.malwarebytes.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .malwarebytes.com
.malwarebytes.com/	1970-01-20 17:05:22	Name: _lc2_fpi Value: ff3668206ce6--01fqd9sdacztddn15txv2v3dkj
.malwarebytes.com/	1970-01-20 01:43:46	Name: _fbp Value: fb.1.1640050242903.1551994692
.doubleclick.net/	1970-01-20 08:55:46	Name: IDE Value: AHWqTUkrf8SS4Uzvy6ZTzXpc5soDMXNWZjntE7u91A9M6JB3tExJgDlNcufqOARTW34
.linkedin.com/	1970-01-20 00:17:22	Name: UserMatchHistory Value: AQIg6jCiSZZDggAAAX3anLV_aKBtTfysCpWMrBqceZ8IuRJ-5bfC6_IFarU83h9PNyW0Jd3PubkQVw
.linkedin.com/	1970-01-20 00:17:22	Name: AnalyticsSyncHistory Value: AQIlUvwBC7QL-AAAAX3anLV_4osJNcc9wu8MzJ9kjXBiGECfRfrTb9J9iM9Muz_T4FLrFjpwKeRrE_NhpoCcag
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:06:04	Name: bcookie Value: "v=2&f14818cf-17ea-4a07-8a22-8a4b39416442"
.linkedin.com/	1970-01-19 23:35:36	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2378:u=1:x=1:i=1640050242:t=1640136642:v=2:sig=AQEHu2ABUeY1BC0GloKMmclVTnS_OFR1"
.bidr.io/	1970-01-20 09:02:40	Name: bito Value: ACzlKk7Dgl0AAEs1jHsDFQ
.bidr.io/	1970-01-20 09:02:40	Name: bitoIsSecure Value: ok
.malwarebytes.com/	1970-01-20 08:19:46	Name: _pin_unauth Value: dWlkPU9URm1PREUwWTJRdE0yVmlZUzAwT1RJMExXRTBNekV0TjJZek9XVmtOVEEzWXprMQ
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:06:04	Name: bscookie Value: "v=1&20211221013043f3146d01-9c03-4337-8fde-904473c48187AQEdfWbVaLmIjCwpR8aj1DRfAR1S3qyT"
.linkedin.com/	1970-01-20 17:01:21	Name: li_gc Value: MTswOzE2NDAwNTAyNDM7MjswMjFjFH3K89bkdVqOIlx4ET29EGSC5gNC3sVWuwNyamuWLA==
trace.malwarebytes.com/	1969-12-31 23:59:59	Name: _valyrian_session Value: V1lDb3NPeENzZ01QWFIxc0UwWGFsNElGanVzWkNFSlBESmxlQ3JOWTJhKy9CL250MDV0MmJjQnNaU1FmRm50NHhOL3hTdWM0VERDUVZYQVRtSDZ4dFE1Rmt5eFR3ZzIyL1YrakZpaXpsdHd1Z3pyRlZjcnQ2Wi9zMHhHWEx6b1NldGk4OEswalE0VVNGSzZJS3FkNTdRPT0tLS9oZVB4TytOdFJXU01NcTJ4akhZa3c9PQ%3D%3D--4793ddfe96a813b9e3cc0ecf50207d350846e22e
.company-target.com/	1970-01-20 17:05:22	Name: tuuid Value: bb995de2-a41b-487b-a772-5511cd9a573e
.company-target.com/	1970-01-20 17:05:22	Name: tuuid_lu Value: 1640050243
.liadm.com/	1970-01-20 17:05:22	Name: lidid Value: 94611d71-ac33-4b3c-a942-d1fdc81f1a3a
.malwarebytes.com/	1970-01-20 08:19:46	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Dec+21+2021+01%3A30%3A44+GMT%2B0000+(GMT)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Fremediationmap&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.malwarebytes.com/	1970-01-20 17:05:22	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1640050244450-53937
ads.avct.cloud/	1970-01-20 08:19:46	Name: uuid Value: 9c36421f-fdea-4a64-95cc-5165ebf99852
.twitter.com/	1970-01-20 17:05:22	Name: personalization_id Value: "v1_Z9xfI5Bc0Bv6zheSnReBnQ=="
.bidswitch.net/	1970-01-20 08:19:46	Name: tuuid Value: 69aff686-f570-4c40-a23d-0bb6cd639bb3
.bidswitch.net/	1970-01-20 08:19:46	Name: c Value: 1640050244
.bidswitch.net/	1970-01-20 08:19:46	Name: tuuid_lu Value: 1640050244
www.pinterest.de/	1970-01-20 08:12:34	Name: _pinterest_sess Value: TWc9PSYzYTVVNngxVFFqTnIvYU5VelR4bE0rRWRmeS9sUWQvRGpHVW5xSldiKzEzYWVvbytrenh0bWNmRWlLRnFLbWFqbUw4czg5dUF4QS9rK0ZKWi8vMFRZckxGRFBYWjBYeVZaU3hYZWxrMlpvU3RKVi82Ni9oVlJQVk5xMjFUMXF5NCZ3U2hscXVFWDQ5Q2lmWWVOOHAxK1B6K0lSaFE9
.malwarebytes.com/	1970-01-20 08:19:46	Name: _bs Value: c140c6a7-b779-f147-186e-82bf99e3199b

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=572605605 Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-fc0b48f6263f556d820cb45403fab0e5' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10919923.fls.doubleclick.net
8019375.fls.doubleclick.net
805-usg-300.mktoresp.com
ads.avct.cloud
ads.avocet.io
adservice.google.com
adservice.google.de
analytics.twitter.com
api.company-target.com
api.demandbase.com
api.getblueshift.com
api.mapbox.com
b-code.liadm.com
cdn.cookielaw.org
cdn.getblueshift.com
connect.facebook.net
ct.pinterest.com
dmx.districtm.io
events.mapbox.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
insight.adsrvr.org
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
script.crazyegg.com
scripts.demandbase.com
secure.perk0mean.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trace.malwarebytes.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
www.pinterest.com
www.pinterest.de
x.bidswitch.net
104.111.234.67
104.16.68.69
104.244.42.133
104.244.42.67
104.75.88.209
108.174.10.14
13.32.21.115
13.35.253.66
142.250.184.198
142.250.186.34
143.204.209.129
143.204.209.60
143.204.209.62
15.197.193.217
18.157.95.55
18.215.205.165
192.28.144.124
199.232.136.157
2600:1f18:21ae:6701:3334:1bf4:2185:fae6
2600:1f18:730:b150:54c0:d5f0:3e0a:5e72
2600:9000:2057:f600:8:8845:1500:93a1
2600:9000:206f:8600:16:26c7:ff80:93a1
2606:4700:10::6814:b844
2606:4700::6810:7baf
2606:4700::6810:9440
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a02:26f0:6c00::210:ba20
2a02:26f0:7100:1b7::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.240.2.137
35.164.247.24
35.244.174.68
44.236.11.46
51.11.20.152
52.212.206.16
52.5.181.6
54.154.155.224
99.86.8.140
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
01fcf88d0ee0ff3cc10a948024394b5a87004538985081ca233b7a95ff286a12
05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
0779fec5437dfc1e968ecd57953dcad82a2b2f3bedb724efcd66901720d93540
0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
142020e9bf314b129033474a108af0b535b950359063d66f46b0d76c5d445385
16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d
16af4bd1866a13a0d414d0a3f3ca2546d3e9b82b4a28f53b83e9ce07e3b624e4
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b1ca84753ddde2732642dcaf44f69c9a85ae478691fa2df7f560aea71874dd9
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
23df2bae25ed81e5f500c9398b1f7920d394182a185f4baa1088de7f1c2cc8ca
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
282e78a62000c5496cafa16d9e3c2d11c815c16f173d59128c59dd0ffef39733
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc
3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c
33cfaef266ad0c06ab6a4a2b5a23e92431c2c11c7323f995f43fb6b759484672
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610
390635099fc3397ccc6404a6544eb153b75bc85a23e7b6699472088f433af2a2
392eb72c9a1d265ef3890cab75b08424e3b3bf9542f390dc8f86aea57d83e63a
3967fd87a508b0a7afcae25fe7880b51dc856545b97f4d723c7de4f270fb095b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840
4cfd2d069a86c0f29ca567ca09f5d4eb8467374a60d6e5d5a9fe05c8fb29ecba
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b60574ddf13a8930c1feafa39c2a973670900c0145237ed9a29ed5e92c71ae
59990b59b55892f39f6fab071288b350d082a1040016080048b029d6d4ebdf48
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac
69e4e947bf39a57382ef464b40055f60edc494c35b4503880b40d5d1a5cb1e54
6b81603e28d5f8f7fd59531055fbb643f7b38a8df6b601af9fcac72c6f95c8b5
6f8499fd4cff6401fe4ec3841790c588076b5d520a5152dbf02ecc246212f435
7260b856730759db4623e6636409edc4ddfcd173b178bcb2eceb3a52b66061ba
728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774
801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b
80d5ae1a01fdb5f49ae01065252eaca0450a30266defebae04a6cf671629bc08
82dd3077aedc1dc7221e3e5213e2728db90f833af6419a1304cbfaa2108f373d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93
8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9d269f4104d9e3444a0f1d849c0485a0b2af5794a229b0235501a6b1960188ab
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a143b7c314d64e17dccf357bedad86b3abddd44a26a6f37395dfa163a046061b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
a94b87209cd778af6e2ca89866c8f4576d8f4ca1aed831c29fd9a17e4c224f27
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b84225085a21f4908f8a9a17b8a8049e0b7fcb4205167ad87b57469e124aac4b
bb5b02252ab511b3f0f93b2f469823ad6cfb87c0f3955227c648e9db7e5f28aa
bc20dc90e7cf83fa6b9080c8ef5bad645042f47a8d2faad9f64536ec13242bf3
c00e723f5fe4c763c6ccfc38a8a7fc17db82048cd28d598c97e465dbad0070b0
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef
c740138699c3ed8df4012bbff838cb8e5ea6c6a0fb5b03944a76ab781687c3ed
c86a4ff5993b96a3a497952d1542fe93d46efdda55c98da63843694d4da41af7
cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a
caf9a3d4972a1e3153bbd01c6143c9cbd45816c97174ac1011f8162b20461cce
cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f
cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a
d1f9fa3062a12300c447d885343ca0b51372826613f4669f00b65250f0c3e207
d5ae31de99077e81960ef25a492e9bf7f16ab1316cbda66c3fd99695391adb33
d5dbdf92525679908490a5d29c6fc62f8129163b935a882b29bb7fb2b14558c8
d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a
d973d9d1e6d810204036caca830beadbf4ad6c8a6d9f7a1604cfcd7c9d26e79c
d9f9f0f1daa43e1487f38e39320a4377a74de2c34e00bf1709aa488cc6833570
da209c9ed474b489cb1ac7817915dddfc761b2f188d6b418bf2dc709e4e1eeca
dd7998adcd0cf9d176473e259390063512c418d38d074e1e42c238ae28840d0e
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e39a61e62de49ec594437288cb8f6cfd581f14212f9782b5dec6ece2a685ad87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e701baee8f76f0869b1b47a1bc5595f6e0f17615a5a6be939c39be3c1cf9e2a5
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da
f67f68bb780a0534178a5c576ce451fc5efb952a23855b9bab48ca0d4133e6d3
fa768d10a5e8996fe11bff78a19363f7486f47226f762f1b17f0f664a3affc2a
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.malwarebytes.com Open in urlscan Pro 2600:9000:206f:8600:16:26c7:ff80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

93 %HTTPS

44 %IPv6

37 Domains

53 Subdomains

45 IPs

6 Countries

1583 kBTransfer

5618 kBSize

36 Cookies

26 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:206f:8600:16:26c7:ff80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

93 %
HTTPS

44 %
IPv6

37
Domains

53
Subdomains

45
IPs

6
Countries

1583 kB
Transfer

5618 kB
Size

36
Cookies

121 HTTP transactions
7 data transactions