www.malwarebytes.com Open in urlscan Pro
2600:9000:214f:4c00:8:d3fb:39c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.malwarebytes.com/mwb-download/thankyou/
Submission: On August 06 via manual (August 6th 2020, 11:47:50 am UTC) from US

Summary HTTP 98 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 35 domains to perform 98 HTTP transactions. The main IP is 2600:9000:214f:4c00:8:d3fb:39c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on December 6th 2018. Valid for: 2 years.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2600:9000:214... 2600:9000:214f:4c00:8:d3fb:39c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2600:1f18:21a... 2600:1f18:21ae:6701:726:c6db:c506:9489	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
3	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.206.235 143.204.206.235	16509 (AMAZON-02) (AMAZON-02)
3	52.17.148.237 52.17.148.237	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	23.21.126.66 23.21.126.66	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	143.204.202.73 143.204.202.73	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:382::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a02:26f0:10c... 2a02:26f0:10c:38c::10b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.210.248.238 23.210.248.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.202.60 143.204.202.60	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.193.31 52.49.193.31	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.202.42 143.204.202.42	16509 (AMAZON-02) (AMAZON-02)
1 2	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	34.244.62.180 34.244.62.180	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	34.203.128.80 34.203.128.80	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
98	39

38 2600:9000:214f:4c00:8:d3fb:39c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:21ae:6701:726:c6db:c506:9489 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f230.1e100.net

9812475.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.206.235 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-235.fra53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.148.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.126.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-126-66.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-73.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:38c::10b8 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

downloads.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.238 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-238.deploy.static.akamaitechnologies.com

data-cdn.mbamupdates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-60.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.193.31 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.42 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-42.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.232.32 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

udgrbq.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.244.62.180 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-244-62-180.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.128.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-128-80.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	malwarebytes.com 1 redirects www.malwarebytes.com genesis.malwarebytes.com downloads.malwarebytes.com udgrbq.malwarebytes.com	359 KB
5	doubleclick.net 2 redirects 9812475.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	adsrvr.org js.adsrvr.org insight.adsrvr.org	5 KB
4	google-analytics.com www.google-analytics.com	18 KB
3	facebook.com www.facebook.com	692 B
3	quora.com a.quora.com q.quora.com	15 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	320 B
3	google.com 1 redirects www.google.com	706 B
3	googleadservices.com www.googleadservices.com	24 KB
2	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com	2 KB
2	marketo.net munchkin.marketo.net	7 KB
2	yimg.com s.yimg.com	7 KB
2	avct.cloud 1 redirects ads.avct.cloud	750 B
2	facebook.net connect.facebook.net	166 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	809 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	reddit.com alb.reddit.com	372 B
2	crazyegg.com script.crazyegg.com	25 KB
2	bing.com bat.bing.com	8 KB
2	googletagmanager.com www.googletagmanager.com	82 KB
2	cookielaw.org cdn.cookielaw.org	26 KB
1	mktoresp.com 805-usg-300.mktoresp.com	304 B
1	yahoo.com sp.analytics.yahoo.com	857 B
1	avocet.io 1 redirects ads.avocet.io	156 B
1	mbamupdates.com data-cdn.mbamupdates.com
1	licdn.com snap.licdn.com	2 KB
1	demandbase.com scripts.demandbase.com	16 KB
1	twitter.com analytics.twitter.com	651 B
1	vimeo.com player.vimeo.com
1	ipify.org api.ipify.org	251 B
1	t.co t.co	448 B
1	redditstatic.com www.redditstatic.com	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
98	35

	Domain	Requested by
38	www.malwarebytes.com	www.malwarebytes.com www.googletagmanager.com
4	www.google-analytics.com	www.malwarebytes.com www.google-analytics.com
3	www.facebook.com
3	www.google.de	www.malwarebytes.com
3	www.google.com	1 redirects www.malwarebytes.com
3	www.googleadservices.com	www.googletagmanager.com www.malwarebytes.com www.googleadservices.com
3	insight.adsrvr.org	www.malwarebytes.com js.adsrvr.org
2	q.quora.com
2	munchkin.marketo.net	www.malwarebytes.com munchkin.marketo.net
2	s.yimg.com	www.malwarebytes.com s.yimg.com
2	ads.avct.cloud	1 redirects
2	connect.facebook.net	www.malwarebytes.com connect.facebook.net
2	s.amazon-adsystem.com	1 redirects www.malwarebytes.com
2	segments.company-target.com	1 redirects www.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	1 redirects www.malwarebytes.com
2	alb.reddit.com	www.malwarebytes.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	bat.bing.com	www.malwarebytes.com
2	9812475.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
2	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	sp.analytics.yahoo.com	s.yimg.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	ads.avocet.io	1 redirects
1	udgrbq.malwarebytes.com	www.malwarebytes.com
1	a.quora.com	www.malwarebytes.com
1	api.company-target.com	scripts.demandbase.com
1	data-cdn.mbamupdates.com	www.malwarebytes.com
1	downloads.malwarebytes.com	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.malwarebytes.com
1	scripts.demandbase.com	www.malwarebytes.com
1	analytics.twitter.com	static.ads-twitter.com
1	player.vimeo.com	www.malwarebytes.com
1	api.ipify.org	www.malwarebytes.com
1	t.co	www.malwarebytes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.redditstatic.com	www.malwarebytes.com
1	static.ads-twitter.com	www.malwarebytes.com
1	genesis.malwarebytes.com	www.malwarebytes.com
98	45

This site contains links to these domains. Also see Links.

Domain
onetrust.com
blog.malwarebytes.com
resources.malwarebytes.com
support.malwarebytes.com
www.youtube.com
press.malwarebytes.com
jobs.malwarebytes.com
my.malwarebytes.com
cloud.malwarebytes.com
estore.malwarebytes.com
downloads.malwarebytes.com
links.malwarebytes.com
forums.malwarebytes.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
de.malwarebytes.com
es.malwarebytes.com
fr.malwarebytes.com
it.malwarebytes.com
pt.malwarebytes.com
br.malwarebytes.com
nl.malwarebytes.com
pl.malwarebytes.com
ru.malwarebytes.com

Subject Issuer	Validity	Valid
*.malwarebytes.com DigiCert SHA2 High Assurance Server CA	`2018-12-06` - `2020-12-09`	2 years	crt.sh
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-05-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
www.redditstatic.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-23` - `2021-04-24`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2019-12-03` - `2020-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
quora.com Let's Encrypt Authority X3	`2020-08-02` - `2020-10-31`	3 months	crt.sh
udgrbq.malwarebytes.com DigiCert ECC Secure Server CA	`2019-11-26` - `2020-11-30`	a year	crt.sh
*.avct.cloud Let's Encrypt Authority X3	`2020-06-04` - `2020-09-02`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-07-02` - `2020-08-16`	a month	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2020-06-01` - `2020-08-30`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-04` - `2020-08-31`	6 months	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-08-02` - `2020-10-31`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://www.malwarebytes.com/mwb-download/thankyou/
Frame ID: 6144C405A11411F6B34F0381AFF389B9
Requests: 92 HTTP requests in this frame

Frame: https://9812475.fls.doubleclick.net/activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F
Frame ID: FD4D5066EEA735AD17893B2EA48ACB9F
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/365628270/
Frame ID: 1AEC83363E9060770EE4B4CAE9CBAC41
Requests: 1 HTTP requests in this frame

Frame: https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/MBSetup.exe
Frame ID: 9D29CF18A16045AD372B6130AE6FBDB4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D8085361280901%3Bp%3D9823D068-3BDC-BA67-BE66-EEF4DE1DDDD5&cb=553071982857789250&dcc=t
Frame ID: C3D52F9DF6E0003F1A53832E67FE02A8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
Frame ID: 86698AE2F88F18EE11CDA92A6C71F68F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
Frame ID: 1E03BC5CBD2933C8EB87BD665427DB6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

98
Requests

100 %
HTTPS

44 %
IPv6

35
Domains

45
Subdomains

39
IPs

9
Countries

776 kB
Transfer

2323 kB
Size

17
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threats/
Title: Threat Center

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/tech-support-scams/
Title: Scams

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/mbtv/
Title: MBTV

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/authors/
Title: Contributors

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/glossary/
Title: Glossary

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/casestudies/
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#analyst-reports
Title: Analyst Reports

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/webinars/
Title: Webinars

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#infographics
Title: Infographics

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/
Title: View all

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7JQhkZpiyvGPufW2RPBoQ
Title: Training For Home Products

Search URL Search Domain Scan URL

URL: https://press.malwarebytes.com/
Title: News & Press

Search URL Search Domain Scan URL

URL: https://jobs.malwarebytes.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login/
Title: My Account

Search URL Search Domain Scan URL

URL: https://cloud.malwarebytes.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://estore.malwarebytes.com/order/checkout.php?PRODS=13395654&CART=1&CARD=1&DESIGN_TYPE=1&AUTO_PREFILL=1&SHORT_FORM=1&CLEAN_CART=all&ADDITIONAL_UC=1&OPTIONS13395654=1qty,1Y&SRC=ctry-DE_os-WINDOWS_flow-DOWNLOAD_cust-_cart-VARC_promo-25OFF2YEAR
Title: Buy Premium

Search URL Search Domain Scan URL

URL: https://downloads.malwarebytes.com/file/mb-windows
Title: click here

Search URL Search Domain Scan URL

URL: https://links.malwarebytes.com/docs/DOC-2388/
Title: Malwarebytes Support Tool

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/
Title: My Account

Search URL Search Domain Scan URL

URL: https://forums.malwarebytes.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/mwb-download/thankyou/?lr
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.malwarebytes.com/mwb-download/thankyou/?lr
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.malwarebytes.com/mwb-download/thankyou/?lr
Title: Français

Search URL Search Domain Scan URL

URL: https://it.malwarebytes.com/mwb-download/thankyou/?lr
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt.malwarebytes.com/mwb-download/thankyou/?lr
Title: Português (Portugal)

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/mwb-download/thankyou/?lr
Title: Português (Brazil)

Search URL Search Domain Scan URL

URL: https://nl.malwarebytes.com/mwb-download/thankyou/?lr
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.malwarebytes.com/mwb-download/thankyou/?lr
Title: Polski

Search URL Search Domain Scan URL

URL: https://ru.malwarebytes.com/mwb-download/thankyou/?lr
Title: Pусский

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F HTTP 302
https://9812475.fls.doubleclick.net/activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1056361%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fmwb-download%252Fthankyou%252F%26time%3D1596714450560%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560&liSync=true

Request Chain 70

https://downloads.malwarebytes.com/file/mb-windows HTTP 302
https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/MBSetup.exe

Request Chain 72

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw&verifyHash=b998d3aff01a55efa87a898ddfb1fcece18f905b

Request Chain 75

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D8085361280901%3Bp%3D9823D068-3BDC-BA67-BE66-EEF4DE1DDDD5&cb=553071982857789250 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D8085361280901%3Bp%3D9823D068-3BDC-BA67-BE66-EEF4DE1DDDD5&cb=553071982857789250&dcc=t

Request Chain 79

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007 HTTP 301
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007 HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007

Request Chain 89

https://sslwidget.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052 HTTP 302
https://widget.us.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://www.malwarebytes.com/mwb-download/thankyou/&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0-0rX_eqGLGB7_UP_OWDiA0&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.malwarebytes.com/mwb-download/thankyou/&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3964843956&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.malwarebytes.com/mwb-download/thankyou/&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3964843956&resp=GooglemKTybQhCsO&ipr=y

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.malwarebytes.com/mwb-download/thankyou/ 122 KB
28 KB 93ms
77ms Document
text/html 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

84b86dd6210bb7c5883f0899459871131a0c3884ef8a3e61e963f55811298a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /mwb-download/thankyou/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 27527
date: Thu, 06 Aug 2020 05:07:10 GMT
server: Apache
set-cookie: SSID=CAC29R1-AAAAAADQ7StfZYnCB9DtK18BAAAAAAAAAAAA0O0rXwBNNcvYAAEXhR4A0O0rXwEATNkAARWRHgDQ7StfAQCq0wABGNIdANDtK18BAJqqAAEFbhUA0O0rXwEAC9MAAd6_HQDQ7StfAQAtswABikEXANDtK18BAPLUAAG0Cx4A0O0rXwEAutYAAbQzHgDQ7StfAQBU0AABbCMdANDtK18BAA; path=/; domain=.malwarebytes.com; expires=Fri, 06-Aug-2021 11:47:28 GMT SSSC=551.G6857836335340882277.1|43674.1404421:45869.1524106:53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:55499.2000151:55628.2003221; path=/; domain=.malwarebytes.com SSRT=0O0rXwABAA; path=/; domain=.malwarebytes.com; expires=Fri, 06-Aug-2021 11:47:28 GMT
rtss: 1-2-31
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
vary: Accept-Encoding
via: 1.1 5d21561f8325da91dd79188f8c919b09.cloudfront.net (CloudFront), 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2 FRA53-C1
pragma: no-cache
expires: Sat, 08 Feb 2020 02:38:41 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-id: xl-509McgaYY6lCjgh_byVpR4xEFtZ2cMEkbUa0yWxgtN7zxmpC0Sg==
age: 24018

GET
H2 200 jquery-1.11.3.min.js Show response
www.malwarebytes.com/js/ 94 KB
33 KB 15ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 914EjDX3kCjiA96kCdmdTpPrGKNe7Ni2H7ejIROMFHVSHNsedZqp-g==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
cdn.cookielaw.org/consent/ 140 KB
20 KB 10ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) /
Resource Hash: b28678c51b4397abc7951fe8a69a8aec0fa299159d5eb4ced487aabbb89f44b5

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Aug 2020 11:47:28 GMT
content-encoding: gzip
content-md5: ufyNfC1IAg9j/Ir1yJGMGA==
age: 12878
x-cache: HIT
status: 200
content-length: 20612
x-ms-lease-status: unlocked
last-modified: Thu, 27 Feb 2020 21:48:10 GMT
server: ECAcc (frc/8F1E)
etag: 0x8D7BBCEBD00AC67
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 754e813e-b01e-006d-2ac9-6b72c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 06 Aug 2020 15:47:28 GMT

GET
H2 200 useragent.js Show response
www.malwarebytes.com/js/ 1 KB
909 B 15ms
13ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/useragent.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b29e1ec9f8d476c2dfed91412b9d3f101bd5c0e9c6b4b3de4f67fa48bb5e8f59

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:50 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: -3pNTmpR22AvpdrCpSQXIeaKTOo3N-QiyjXO5JelhVQFfYkOpKw9Ag==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 lang-select.js Show response
www.malwarebytes.com/js/ 511 B
833 B 14ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/lang-select.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d66ca54a00dfbd3f600ac0fbc499269b8c96465378a0558420f0336be34ee32

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:55:49 GMT
server: AmazonS3
age: 22
etag: "8cb2f187811e7a6892541f32e1d3d35a"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 511
x-amz-cf-id: j802qrZgz8OoWmJs1gXa8x9NpSOh11MAtq6T8K8zgwe6mqobO8a_Dw==

GET
H2 200 fonts.css
www.malwarebytes.com/css/ 7 KB
975 B 13ms
11ms Stylesheet
text/css 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts.css
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7fe274f0c2eef64fa0e218a743cac2e7a5d02b3497adafcf64f612e21f46660

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
content-encoding: gzip
last-modified: Thu, 30 Jul 2020 03:51:19 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: UWtx4xtoN0waarEG66Y4BRAJLdPRgVsMhIFb5_eGy90Od6OEYG8Fdw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 style.css
www.malwarebytes.com/css/ 220 KB
33 KB 383ms
381ms Stylesheet
text/css 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/style.css?d=2020-08-05-08-28-46--0700
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f39efc86119f8b9af75ddc7622c6dcd63e68a031b4cf170fb024c5430e59981d

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 23:48:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: EHD2njlzqZduDOpd0sI2xWXA-eo2sQD1kHCXt9gF6iGII1LnuF3lMQ==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 mwb-download.css
www.malwarebytes.com/css/pages/ 7 KB
2 KB 13ms
11ms Stylesheet
text/css 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/pages/mwb-download.css?d=2020-08-05-08-28-46--0700
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac0e8739225ddb22b2b6e53c8ca4bc87db8fd66321f7459649855cb15a5ee0b3

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:54:01 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: cc7TRaiEsKukvMLq0hEUgiHB8H2i7eTZYwSWajvQa1YYulnmSUCd6g==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 14 KB
6 KB 558ms
556ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: dd2797a522f8b7b904f06923697aed314fb72d9ceae21628db7ebeb7a540ccfc

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
rtss: 1-2-19
content-length: 5759
sbss: 1
last-modified: Sun, 26 Jul 2020 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: tH8ISj3IM2GPVKiK5bHw5ANwS350JGgzz2xpSVsllRRRkkN3V0RSAA==
expires: Fri, 07 Aug 2020 11:47:29 GMT

GET
H2 200 ck.js Show response
www.malwarebytes.com/js/ 3 KB
2 KB 14ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/ck.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23572ae5ca7dd59065f859330c4f60af40e669cadbe0120c48d0e5967f8cafc

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 23:50:44 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: K2Mk03fsH_vjhmWQl36hATGi1UNLRRarTuolm_CNA01WuwQ22SVvtA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 appendHsh.js Show response
www.malwarebytes.com/js/ 244 B
567 B 14ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/appendHsh.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66f39afda157857decb630f6ae9eabe94cd36d4271ff8154b11337709c617ba8

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 22
etag: "0ff57bfbdb22bfe82792c56ad8b6876e"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 244
x-amz-cf-id: vAD6rmpPBcgEl0byQ0LAhDWgDas0fyasdDtlWUqWY3-aFzzL74qY4w==

GET
H2 200 global-nav.css
www.malwarebytes.com/css/ 9 KB
2 KB 434ms
433ms Stylesheet
text/css 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/global-nav.css
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7a32c550c2a99140f09c5c6109b609475e2479af31b4c1c2f1ac18b3422dc6c

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:53:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: 7ol3iKLhrstb6hpfTz8FoaFMRNMWJ1EPjh0WTNeKa5zkCaY8h7eqgw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 dl-ck.js Show response
www.malwarebytes.com/js/ 352 B
684 B 9ms
7ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/dl-ck.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc605a0d8bfeb133ce4314ca316dd16f6780678cb121dda620be73acd4f80da

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:07 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 21
etag: "424a6bc025bb40201db7a50b991ecaf5"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 352
x-amz-cf-id: ipxMWfdSbA5tHRS7i3hLVMjMIodVP0yObokFdBCH8PvURtUXvlLe_Q==

GET
H2 200 question-mark_black.svg
www.malwarebytes.com/images/brand/ 1 KB
951 B 13ms
11ms Image
image/svg+xml 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/brand/question-mark_black.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 954f8cc01c3eff935207625bb46c0e2c46348501a4d38c94c006c67fef17b8ce

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:54:11 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ltDwklbTfazUkYi_C8ZUXcrB71MRHmUqkvSxgOXLNQ6qXEUaa2GFDA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 checkmark_green.svg
www.malwarebytes.com/images/brand/ 753 B
1 KB 14ms
11ms Image
image/svg+xml 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/brand/checkmark_green.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6878c514a87204f608e8970bf4abb8ea2effbe3871a4e1709a68d25f5b4b6a1

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:54:10 GMT
server: AmazonS3
age: 22
etag: "7aea152e182681beee7f181c97dc3e7b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 753
x-amz-cf-id: XZWTQtoBhx2zNE1ItLzGyQLtcL6WdqW0hSSx9kjU1rGTEMW0_pms0A==

GET
H2 200 product-config.js Show response
www.malwarebytes.com/js/ 2 KB
960 B 8ms
8ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/product-config.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcf6c6c4a636f6c842c1fab247c6618f29d738fdd7a38bbea6ec01f7d63c6e9c

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:50 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6kGe3dwZcqhmXVOexXwdgGvp3Oa7z3YfoR9kP8ZQnq2GG76jyF3SYA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 vector_chathelp.png
www.malwarebytes.com/images/icons/ 760 B
1 KB 15ms
13ms Image
image/png 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/vector_chathelp.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 804617e666238c5083247ba14e819514c380d14450bfb7162659e095ddcc1e25

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:54:51 GMT
server: AmazonS3
age: 22
etag: "03241dba04f40693771eec3b58cab29c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 760
x-amz-cf-id: 8jLlrs3LqmOCHT6OcgaNblP9TjOTPj0E6X19m4w5WdPwMtk9GcJ7XQ==

GET
H2 200 vector_repair.png
www.malwarebytes.com/images/icons/ 737 B
1 KB 16ms
13ms Image
image/png 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/vector_repair.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6d4ee3f53d92ebb16829cf48220e87c58681170f731a7e7b11f84c44846f124

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:54:51 GMT
server: AmazonS3
age: 22
etag: "accdcb93b338b571f6d6d63cfa7ae605"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 737
x-amz-cf-id: _AXEkbOvhEz2yx6p7QUvxtMt2LMeV7t2MdbtuYPNPB83kqn7-CffdA==

GET
H2 200 web.svg
www.malwarebytes.com/images/icons/ 895 B
1 KB 15ms
13ms Image
image/svg+xml 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/web.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72daaff4737223b9fe83cf01777a56319a7c08ce6c6601c2dead6afedbc58ea6

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jul 2020 23:49:43 GMT
server: AmazonS3
age: 22
etag: "faa17eb456bd42683ffa7db1e6343e59"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 895
x-amz-cf-id: LKueUK-TNO00v_On9sADnD4W8o-zLRrvZaWDicegnUvkvzE_Q3GSBA==

GET
H2 200 business-solutions-outline.svg
www.malwarebytes.com/images/icons/ 7 KB
3 KB 16ms
14ms Image
image/svg+xml 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/business-solutions-outline.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 247b26c61e66a5dc2dc19bdaa07947410152b65656423e1d1e4cbb539ccfb4fb

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:54:49 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: RII6-H8OfD8eaoPl17n1GXBr4nuLUqSAF2fO8UDP_hGHMZF9m86Nag==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/modernizr.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:49 GMT
server: AmazonS3
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: TSQsUkVy2t5aJ348-YQ79E7jw1J2SHEANKnfrVBghYtiTio6e2dygw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.js Show response
www.malwarebytes.com/js/ 67 KB
14 KB 8ms
8ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/bootstrap.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: uMpzkrVvzwGLPpOWXgTTbuUDg9hpI_hBGESHufeunxhF7hXdtEkzQQ==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 respond.min.js Show response
www.malwarebytes.com/js/ie-fixes/ 4 KB
2 KB 11ms
11ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/ie-fixes/respond.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75f9768f79e42df5aa6183372a4b067f02682606cca5f242e06d1e07f3614c94

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 15FSxhvPNX9VZ0LprTepVklBhoY49-Rrn6jiLDYf0crHGeYGmOEtsA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 nav-resize.js Show response
www.malwarebytes.com/js/ 11 KB
4 KB 8ms
7ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/nav-resize.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527f5743db62b7f9d19fb4b1910eb56d63f76f50b0e0180b63eb67d374642099

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:26 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:49 GMT
server: AmazonS3
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: IifBzXTs51HYsb4Tus8KkOffIH7XF6txgG28P8mOnbH6LGmWt-O3Ig==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 nav.js Show response
www.malwarebytes.com/js/ 103 B
424 B 428ms
428ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/nav.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32cd67bac346e023991238642ab182ae3ff228d0b90d8de0a2456ab011a761a6

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 20:55:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "8ff48c568bfe5bfcd185b48bb4147c9b"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 103
x-amz-cf-id: IvM1bgy674iEvE50QMtzOPmv4nTgxRk1xL828ei5fE-0Og8fYi3M0Q==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 19 KB
8 KB 15ms
15ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 23:50:45 GMT
server: AmazonS3
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 9r7mwXVAImcZAHIZ1qsCrMgT77VtOc32Y2J50pyDBTfWsTvW5n6s-Q==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 global-phone.js Show response
www.malwarebytes.com/js/ 2 KB
1 KB 16ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global-phone.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95f9128fcfef1d602d85a74355fe059cf07fe7cdc0833682123ef6b960a53ebc

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: LNwbQR_oSHdpcyFnojApgpS0fbxcfMkQ_jnTRfMC0O6A2ot_DQ-5yw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 xs.js Show response
www.malwarebytes.com/js/ 9 KB
3 KB 15ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/xs.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a182e45f051c3b540f4e10ea2b38b08db2ba43d38ff33686de11b23e56df7a1b

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:50 GMT
server: AmazonS3
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: u1Mw4NdgOGxwQGz52-1-N5OL5Qm5ZHxa2V33mb-8cjGQENd_d1y60Q==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 techspecs.js Show response
www.malwarebytes.com/js/ 1 KB
751 B 396ms
393ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/techspecs.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab3fe6c518178c0eb56a21f6089a7a4697d6f17149823b55354fc0b0983853e0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: EOCAuJZTSpd_N7q7rMr3VQP-QtJh1p_h-1A3rAveVQYARnO0UnoSRA==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 utilities.js Show response
www.malwarebytes.com/js/ 25 KB
7 KB 15ms
12ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/utilities.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c9728a9a986b998a3f987f5c4d498f978d2725fbc50b62225ee53aab9573c73

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
content-encoding: gzip
last-modified: Tue, 04 Aug 2020 21:20:12 GMT
server: AmazonS3
age: 22
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: q7hviin8HgJLoSa2vlmLVCU30KjypCkPRW7A_1Zd3qAmehVvFMYdVQ==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/5.12.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 10ms
9ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/5.12.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F78) /
Resource Hash: 8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
content-md5: Z4rsumi9rT/2HntFCbwLpA==
age: 12434
x-cache: HIT
status: 200
content-length: 5561
x-ms-lease-status: unlocked
last-modified: Fri, 21 Feb 2020 20:12:28 GMT
server: ECAcc (frc/8F78)
etag: 0x8D7B70A5FCD741F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 80c3c4a4-f01e-0043-43ca-6bf20f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 06 Aug 2020 15:47:29 GMT

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 396 B
617 B 293ms
88ms XHR
application/json 2600:1f18:21ae:6701:726:c6db:c506:9489
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6701:726:c6db:c506:9489 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: b9d8e51ffd9da1d06ec0405452ac38723cddd71b1028542b6112b27931506bbc

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
server: Apache-Coyote/1.1
status: 200
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
48 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4a394548b21a5f2c8018bffb2f6e49ad4d0d24b63d9b027f37a19ffb134526c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48859
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Aug 2020 11:47:29 GMT

GET
H2 200 Locator-Medium.woff
www.malwarebytes.com/css/fonts/ 29 KB
29 KB 14ms
13ms Font
binary/octet-stream 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Locator-Medium.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a52bbdb7b132e850fdaf5740012fcc0bc3f6ef0be520bc4b987d8761d40d015a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/css/fonts.css
Origin: https://www.malwarebytes.com

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
age: 22
x-cache: Hit from cloudfront
status: 200
content-length: 29516
last-modified: Wed, 22 Jul 2020 20:53:55 GMT
server: AmazonS3
etag: "7e2d6198253a408d8f529b5a085ec222"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: HF-w4z_aaxcxSRBR1cAy5UG96Ldtbg3LRd9aUgjVsY6RoFj7gMB7rQ==

GET
H2 200 Locator-Light.woff
www.malwarebytes.com/css/fonts/ 29 KB
29 KB 14ms
14ms Font
binary/octet-stream 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Locator-Light.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/css/fonts.css
Origin: https://www.malwarebytes.com

Response headers

date: Thu, 06 Aug 2020 11:47:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
age: 22
x-cache: Hit from cloudfront
status: 200
content-length: 29488
last-modified: Tue, 28 Jul 2020 21:21:12 GMT
server: AmazonS3
etag: "109ebe99a41270d5a5595e12367dda75"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: kmUOV_Btvn98UarZI4P7qs6Vwul2bnal-scI175wzMb3L6pCaxX4Cw==

GET
H2 200 DE_AVN-MBHS-CON.json Show response
www.malwarebytes.com/js/json/pricing/ 3 KB
868 B 8ms
7ms XHR
application/json 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/json/pricing/DE_AVN-MBHS-CON.json
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d673d5f68b389f053737094c02d335fdef8c6ce8475a4ff9b0fa1caefa56ddc8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/mwb-download/thankyou/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 19:14:43 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 22:54:38 GMT
server: AmazonS3
age: 59567
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QIynUF4puJheaEgPRJjX1NmoxCUL_hH-YNpISay61PSX0RjUHBjqIg==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 chrome.svg
www.malwarebytes.com/images/icons/ 1 KB
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/chrome.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1b2b5e6a22d2417cc78422492773fc1a3679160d5c63f5fc5e12ba31d9dbc3d

Request headers

Referer: https://www.malwarebytes.com/css/pages/mwb-download.css?d=2020-08-05-08-28-46--0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:09 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:54:49 GMT
server: AmazonS3
age: 21
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: UnRTvHFzwEebY5BhBcSxHy1_H-C-Xnot8BnpbcKxATVmdhaMQdpQ3Q==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 200 socicon.woff
www.malwarebytes.com/css/fonts/ 20 KB
20 KB 10ms
9ms Font
binary/octet-stream 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/css/fonts.css
Origin: https://www.malwarebytes.com

Response headers

date: Thu, 06 Aug 2020 11:47:02 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
age: 28
x-cache: Hit from cloudfront
status: 200
content-length: 20472
last-modified: Wed, 22 Jul 2020 20:53:55 GMT
server: AmazonS3
etag: "1657c09e2f39e574d79de040639def87"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: jTfGvcpRjl-6d_8TC9DXMbEQPARrfD-9Dzo-HGFMcBp25K4GQOPGlg==

GET
H2 200 Locator-Light.otf
www.malwarebytes.com/css/fonts/ 100 KB
101 KB 11ms
11ms Font
binary/octet-stream 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Locator-Light.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87bb81be8a21994264fa70d27a46b604df22e631f56ffe66221e39bbe69def18

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/css/fonts.css
Origin: https://www.malwarebytes.com

Response headers

date: Thu, 06 Aug 2020 11:47:09 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
age: 21
x-cache: Hit from cloudfront
status: 200
content-length: 102760
last-modified: Wed, 22 Jul 2020 20:53:55 GMT
server: AmazonS3
etag: "bdf8f15bed5c8067ba43bac38842e523"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: c2L1umoorWK-samDtMtUAAK6cnuVL5DlBkR3eKUcgN2UtQOG3rJ0xA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4428
date: Thu, 06 Aug 2020 10:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 06 Aug 2020 12:33:41 GMT

GET
H2

200

activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-downl...
9812475.fls.doubleclick.net/ Frame FD4D
Redirect Chain

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-dow...
https://9812475.fls.doubleclick.net/activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2...

0
0

41ms
41ms

Document
text/html

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9812475.fls.doubleclick.net/activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f230.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9812475.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/mwb-download/thankyou/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 06 Aug 2020 11:47:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 408
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Aug-2020 12:02:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 06 Aug 2020 11:47:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9812475.fls.doubleclick.net/activityi;dc_pre=CIW62OzAhusCFYeIdwod74ABdQ;src=9812475;type=conve0;cat=forms000;ord=1;num=5296633106590;gtm=2wg7v1;auiddc=1057346093.1596714450;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 45ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 32D729926441451CA2FE5F88FEE9D17C Ref B: FRAEDGE1413 Ref C: 2020-08-06T11:47:29Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 94ms
32ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a2684adb4b431902ef03f7959757f5163ed2ddc548e216654fa7858b1f4fd9b

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
age: 51327
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1942
x-served-by: cache-hhn4043-HHN
last-modified: Wed, 05 Aug 2020 19:10:28 GMT
x-timer: S1596714450.760628,VS0,VE0
etag: "1d9536984a3ff7a629eda3f70ceadd20+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
34 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55aff931cf4bc615ee7e9e6a84c19970264253550e541eabac6046209fe40023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34822
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Aug 2020 11:47:29 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 17 KB
6 KB 182ms
59ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 17:04:46 GMT
server: snooserv
etag: "85ee817cda81317b49d1d3056f6bdf95"
vary: Accept-Encoding,Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 5809
via: 1.1 varnish, 1.1 varnish

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 4 KB
2 KB 49ms
16ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84a003d63e9cb1f4020cecc6a7dd03f87792c96e3a5acc04ba4a682668ef22df

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.68
age: 139248
cf-polished: origSize=4066
status: 200
cf-request-id: 046532133800006443d430f200000001
last-modified: Tue, 04 Aug 2020 21:06:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: max-age=300
cf-ray: 5be885fecbeb6443-FRA
cf-bgj: minify

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
4 KB 143ms
47ms Script
application/x-javascript 143.204.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-206-235.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 00:56:25 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
Last-Modified: Mon, 13 Jan 2020 19:16:48 GMT
Server: AmazonS3
Age: 39065
ETag: "45bb7a1f2878be0c29077f7329fca766"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 4091
X-Amz-Cf-Id: kNECnHfqAHnW6MxNzxofNHQfgDcOGgUN68t5VJAp58mNYJKUEji-Gg==

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 169ms
55ms Image
image/gif 52.17.148.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=8mirph5&ct=0:2vgiy8z&fmt=3
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
90 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j83&a=245289167&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&ul=en-us&de=UTF-8&dt=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABAAAAAC~&jid=556728830&gjid=37560667&cid=937294754.1596714450&tid=UA-3347303-10&_gid=1589969285.1596714450&_r=1&z=1161522180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 103ms
41ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11323
x-xss-protection: 0
server: cafe
etag: 17153042000983114910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Aug 2020 11:47:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-3347303-10&cid=937294754.1596714450&jid=556728830&gjid=37560667&_gid=1589969285.1596714450&_u=IEBAAMAAAAAAAC~&z=578099203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 Aug 2020 11:47:29 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&Ver=2&mid=08c03927-497e-f45d-2cb5-cb54859d84c8&sid=929f6cad69fea61dadb4eed2296e6128&vid=86c96429cf68e3a144acbb49922b6ad8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&kw=free%20anti%20malware,%20malware%20detection,%20free%20malware%20removal,%20free%20malware%20software,%20free%20antivirus&p=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=259697
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 902A5793EEE8435586FA3B87D1F0D7F5 Ref B: FRAEDGE1413 Ref C: 2020-08-06T11:47:29Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.68.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 70 KB
23 KB 19ms
19ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.68.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d02d1758575a3ee0e7ba8a0a1c29666b4f55a00d1bf15fd1703897febf4cdb

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 562132
cf-polished: origSize=71592
status: 200
cf-request-id: 046532136100006443d4311200000001
last-modified: Fri, 17 Jul 2020 16:40:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5be885ff0c136443-FRA
cf-bgj: minify

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
121 B 18ms
17ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j83&tid=UA-3347303-10&cid=937294754.1596714450&jid=556728830&_u=IEBAAMAAAAAAAC~&z=2071550389

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j83&tid=UA-3347303-10&cid=937294754.1596714450&jid=556728830&_u=IEBAAMAAAAAAAC~&z=2071550389

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 252ms
160ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 06 Aug 2020 11:47:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 91a9c3b17cb4ad2196bd5641315bc92d
x-transaction: 00863cca00d85dc7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1596714449865&cv=9&fst=1596714449865&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

493571e6d98e95a61ff12899cce2278225bbd756577e1882298ae70234395def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
212 B 274ms
153ms Image
image/gif 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1596714449874&id=t2_4u5qw&event=PageVisit&uuid=08bfb00e-3339-4fea-a686-45fd35a1ecf7&s=h7f6wg9tJRdqQxvTgwLGdgqhp94RmQNQK%2FG046CN4J0%3D
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
160 B 282ms
161ms Image
image/gif 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1596714449875&id=t2_4u5qw&event=ViewContent&uuid=08bfb00e-3339-4fea-a686-45fd35a1ecf7&s=C47nJXNJdbr9w4SckyteYex0m9t3Uit4tBtzDONw3zY%3D
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
143 B 22ms
22ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1596714449865&cv=9&fst=1596711600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=144782621&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
107 B 23ms
22ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1596714449865&cv=9&fst=1596711600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=144782621&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 67 B
251 B 525ms
132ms Script
application/javascript 23.21.126.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery111306906156736939648_1596714449003&_=1596714449004
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.126.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-126-66.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: bb209c54fe3e66001aab122dbf0980067815d6f7e5166d3c5f97fd6053d0d0a6

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:30 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 67
Vary: Origin
Content-Type: application/javascript

GET
H2 200 ard.png
www.malwarebytes.com/__ssobj/ 0
462 B 532ms
531ms Image
text/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/__ssobj/ard.png?6857836335340882277_1-551-1596714448&n=1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
rtss: 1-2-55
content-length: 0
sbss: 1
pragma: no-cache
last-modified: Thu, 18 Jun 2020 07:18:25 GMT
server: Apache
content-type: text/javascript
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: e_PTdIYev7VGhPJ0WbVVk9xOvGErnBpBaNABaxh_GnbATuHQYWESpw==
expires: -1

GET
H/1.1 200
OK /
player.vimeo.com/video/365628270/ Frame 1AEC 0
0 328ms
262ms Document
text/html 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/365628270/

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/mwb-download/thankyou/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/mwb-download/thankyou/

Response headers

Connection: keep-alive
Content-Length: 4925
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-5
X-Vimeo-DC: ge
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 06 Aug 2020 11:47:30 GMT
Age: 0
X-Served-By: cache-hhn4072-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1596714450.022927,VS0,VE229
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 253ms
160ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Thu, 06 Aug 2020 11:47:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 18607a6c01b31f4bd7892de11b5bc26b
x-transaction: 00d785e200b4dfe5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 565ms
565ms Script
application/javascript 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 20:55:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: j7bQN8NsmQMkcRk2LXhKaR_IJ1gvKExnknf_xV6rzEChd2d3R4NHWw==
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)

GET
H2 204 track Show response
www.malwarebytes.com/__ssobj/ 0
361 B 587ms
586ms XHR
text/plain 2600:9000:214f:4c00:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/track?event=ssPageloadTimer&value=0.012&x=1596792529241-1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:4c00:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.malwarebytes.com/mwb-download/thankyou/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:30 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2020 07:17:57 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 204
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 1-2-59
x-amz-cf-id: kzJ_HKRMzRCRb94DBEUfneAVPVdMsDSz9NvvpSjG3Nu2wqO5Z0Wrgg==
sbss: 1
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=245289167&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&ul=en-us&de=UTF-8&dt=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hash&ea=13c95182fa54910d24c52217209e8dd3&el=0&_u=aEBAAMABAAAAAC~&jid=&gjid=&cid=937294754.1596714450&tid=UA-3347303-10&_gid=1589969285.1596714450&cd19=13c95182fa54910d24c52217209e8dd3&z=1017417951

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 21:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1778096
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 59 KB
16 KB 127ms
44ms Script
application/javascript 143.204.202.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-73.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c016b45a43dc83a578f6d3dfd2f7746392c21f544ae89d22e25964a938c8c51f

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 1PO9cRc5aUC36JySSTk84v06NmDu.vZL
content-encoding: gzip
last-modified: Sat, 11 Jul 2020 16:48:00 GMT
server: AmazonS3
age: 3590
date: Thu, 06 Aug 2020 10:47:41 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2IcD8xc7GMZjEsE0bDMWZxUXtMc3rYpY8nWTsyRfVhMtakSPhBnxmA==
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 29ms
9ms Script
application/x-javascript 2a02:26f0:10c:382::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=32080
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1056361%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fmwb-download%252Ftha...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560&liSync=true

0
81 B

169ms
169ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560&liSync=true
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: ujMFWlWrKBZg9IwltSoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: NEskU1WrKBbACtYPeSsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 29DBE95D11E641CCA552708ABF0F1489 Ref B: FRAEDGE1113 Ref C: 2020-08-06T11:47:30Z
x-frame-options: sameorigin
date: Thu, 06 Aug 2020 11:47:30 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&time=1596714450560&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

MBSetup.exe
data-cdn.mbamupdates.com/web/mb4-setup-consumer/ Frame 9D29
Redirect Chain

https://downloads.malwarebytes.com/file/mb-windows
https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/MBSetup.exe

0
0

171ms
71ms

Document
application/octet-stream

23.210.248.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/MBSetup.exe
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.238 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: data-cdn.mbamupdates.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/mwb-download/thankyou/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/mwb-download/thankyou/

Response headers

Accept-Ranges: bytes
Content-MD5: DppsI403Jffeiallz7i6WA==
Content-Type: application/octet-stream
ETag: "620014-1f2448-5ac2612f9f54b"
Last-Modified: Wed, 05 Aug 2020 19:06:50 GMT
Server: Apache
Content-Length: 2040904
Cache-Control: public, max-age=26455
Expires: Thu, 06 Aug 2020 19:08:26 GMT
Date: Thu, 06 Aug 2020 11:47:31 GMT
Connection: keep-alive

Redirect headers

Cache-Control: max-age=300, public
Content-Type: text/html; charset=iso-8859-1
Location: https://data-cdn.mbamupdates.com/web/mb4-setup-consumer/MBSetup.exe
X-Frame-Options: SAMEORIGIN
Content-Length: 251
Date: Thu, 06 Aug 2020 11:47:30 GMT
Connection: keep-alive

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 439 B
949 B 148ms
73ms XHR
application/json 143.204.202.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&page_title=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&key=5527c2aa519592df7d44a24d0105731b&src=tag
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-60.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 6647bef5797b46447dcbeb44a211929c28694200a7e6b83fb25f8df9ee67bb97

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:30 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
request-id: edfff58a-eda2-4443-a02d-77f30fe54987
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _DU9OFOOtASWC5tfAXyuVTcLFHbrVb6sWLsqP9y4mnHnP-NlK7E4RQ==
expires: Wed, 05 Aug 2020 11:47:30 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw&verifyHash=b998d3aff01a55efa87a898ddfb1fcece18f905b

26 B
409 B

123ms
123ms

Image
image/gif

143.204.202.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw&verifyHash=b998d3aff01a55efa87a898ddfb1fcece18f905b
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-42.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 3b78d4981e8bd0d8
X-Amz-Cf-Id: G6gJOZ9XXDSxHnyR7ZPpmD2n6vXpF5K7wP4tFb2GdX1qJZw_maaulA==

Redirect headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAKbq06-V9wAAA_vzoFSjw&verifyHash=b998d3aff01a55efa87a898ddfb1fcece18f905b
Connection: keep-alive
trace-id: 2bd53e909404d8d3
Content-Length: 0
X-Amz-Cf-Id: fj94Gc6xD-w0x0opgJT-GH5YBYWDTGpfs0yJ7DarTgQNjd77xYkfTA==

GET
H2 200 collect
www.google-analytics.com/ 35 B
90 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=245289167&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&ul=en-us&de=UTF-8&dt=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAMABAAAAAC~&jid=&gjid=&cid=937294754.1596714450&tid=UA-3347303-10&_gid=1589969285.1596714450&cd19=13c95182fa54910d24c52217209e8dd3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Prague&cd12=10&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=CZ&cd18=(Non-Company%20Visitor)&z=708590714

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 21:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1778096
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 41ms
41ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js?_=1596714449005

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

427a645b2c3f1ae078c503ab2b85f29d113fbc5f4d8a097d2956d35b211e9996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11430
x-xss-protection: 0
server: cafe
etag: 6415704758985844507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Aug 2020 11:47:31 GMT

GET
H/1.1

200
OK

Cookie set iu3
s.amazon-adsystem.com/ Frame C3D5
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D80853...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D80853...

0
0

156ms
156ms

Document
text/html

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D8085361280901%3Bp%3D9823D068-3BDC-BA67-BE66-EEF4DE1DDDD5&cb=553071982857789250&dcc=t
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/mwb-download/thankyou/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A3LNFzJl-kkhuUI4eIY66r4|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/mwb-download/thankyou/

Response headers

Server: Server
Date: Thu, 06 Aug 2020 11:47:31 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 425
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A3LNFzJl-kkhuUI4eIY66r4; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 11:47:31 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 11:47:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Thu, 06 Aug 2020 11:47:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9823d068-3bdc-ba67-be66-eef4de1dddd5%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.malwarebytes.com/&ex-hargs=v%3D1.0%3Bc%3D8085361280901%3Bp%3D9823D068-3BDC-BA67-BE66-EEF4DE1DDDD5&cb=553071982857789250&dcc=t
Set-Cookie: ad-id=A3LNFzJl-kkhuUI4eIY66r4|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 11:47:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: R67b2FC6JB62PcBYbOSOLyY8ul9fRJupGgKwj+hx/Z8OX/B32GYekNDb+HjIxulM+mqo8NFbngQKwKdVnrj+eQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 06 Aug 2020 11:47:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 109ms
36ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 1385
x-cache: HIT, HIT
status: 200
content-length: 13681
x-amz-id-2: Y4fwrjl9NV8cdPAsF6Zq5jwQu3SjQdFDM/3EBX4ZDqHLewJZMiTHrOdgI/j9ZHBaLI8oY1nfDVI=
x-served-by: cache-bwi5127-BWI, cache-hhn4043-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1596714451.421075,VS0,VE0
date: Thu, 06 Aug 2020 11:47:31 GMT
vary: Accept-Encoding
x-amz-request-id: 55CA7E9080C07B3D
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 471

GET
H2 200 ld.js Show response
udgrbq.malwarebytes.com/js/ld/ 30 KB
10 KB 76ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://udgrbq.malwarebytes.com/js/ld/ld.js?_=1596714449006
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c728f8c1196adabf887e86ec68010aa3ece634dfd662a63c3fdb690b7823e83

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 09:50:45 GMT
server: nginx
etag: W/"5efdadf5-774d"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 07 Aug 2020 11:47:31 GMT

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007

0
336 B

56ms
56ms

Script
application/javascript

34.244.62.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.244.62.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-244-62-180.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 06 Aug 2020 11:47:31 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

status: 302
date: Thu, 06 Aug 2020 11:47:31 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 107
location: /s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j&_=1596714449007
content-type: text/html; charset=utf-8

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 14 KB
6 KB 53ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

a3ce11e17464ae96ee2f1245fbf3c6cffa1aa6e7f6460fb6f8cbe95cfe1874cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 06 Aug 2020 10:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3004
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5540
x-amz-id-2: R6Ng9lBK4RnHhrQ4iTvebBmBplUXCGtFoMFTLTV06aTWPcQyWRsTnqhJ1Cwy9bxuDRMCZgqRL9c=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 18 Aug 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 13 Jul 2020 09:52:56 GMT
server: ATS
etag: "c83019cecf523f1903b97d476c683822-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 3CCC1187FC402270
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: ANdKZB5CZM6v65L5sAW33.1KG2ruBZ8a
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 112ms
35ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/mwb-download/thankyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 up
insight.adsrvr.org/track/ Frame 8669 0
0 163ms
162ms Document
text/html 52.17.148.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/mwb-download/thankyou/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/mwb-download/thankyou/

Response headers

status: 200
date: Thu, 06 Aug 2020 11:47:31 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up
insight.adsrvr.org/track/ Frame 1E03 0
0 55ms
55ms Document
text/html 52.17.148.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&upid=r8yigtp&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/mwb-download/thankyou/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/mwb-download/thankyou/

Response headers

status: 200
date: Thu, 06 Aug 2020 11:47:31 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f49907138587c1b6eda90470bd052d859ff044d99ba51466a144f3e66cfcc439

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134622
x-xss-protection: 0
pragma: public
x-fb-debug: Zv5q21boyj86Iv4T3WFo8hk3U49RDDuxVK2isyK85pgAoVgI12NN0n8MyvvcPr2GTYSNS50tmzbbJNAnHXDuBg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 06 Aug 2020 11:47:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1036980325/ 2 KB
1 KB 41ms
41ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1036980325/?random=1596714451376&cv=9&fst=1596714451376&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js?_=1596714449005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

03d04d25cedf9a4cb9f0ca9b0deb927673cd2f025fdc0e1260b753f4909ef477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1124
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10110317.json Show response
s.yimg.com/wi/config/ 46 B
690 B 52ms
18ms XHR
application/octet-stream 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10110317.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:45:08 GMT
x-content-type-options: nosniff
age: 144
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: F4881438B061BF4A
x-amz-id-2: RvXo1NIW0/YA76vthYxHgwlZCZgkqumjded7IxhnNc2Dp9kEsWzrR0cMf5HVhEbsMVlhreJq4u4=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 23 Jun 2020 16:15:29 GMT
server: ATS
etag: "cc3d0e0815ad7ef45a521c2a63b65393"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: wXZ_nu_nu9aA6v9PTivxO9CdOpSassoA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 /
www.facebook.com/tr/ 44 B
379 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&rl=&if=false&ts=1596714451418&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596714451416.943945524&it=1596714451369&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 Aug 2020 11:47:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 19ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Lead&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&rl=&if=false&ts=1596714451419&cd[content_name]=Download_windows&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1596714451416.943945524&it=1596714451369&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 Aug 2020 11:47:31 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052
https://widget.us.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052

1 KB
1 KB

405ms
143ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:31 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
server-processing-duration-in-ticks: 28169
content-type: application/x-javascript
content-length: 863
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:31 GMT
status: 302
location: https://widget.us.criteo.com/event?a=53449&v=5.6.1&p0=e%3Dvp%26p%3D1&p1=e%3Dexd%26ui_downloaded%3D1%26si%3D2&p2=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=28052
cache-control: no-cache
server-processing-duration-in-ticks: 1448
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

/
www.google.de/pagead/1p-user-list/1036980325/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=12...
https://www.google.com/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_hi...
https://www.google.de/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...

42 B
107 B

22ms
22ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.malwarebytes.com/mwb-download/thankyou/&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3964843956&resp=GooglemKTybQhCsO&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Aug 2020 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1036980325/?random=709806917&cv=9&fst=*&num=1&value=0&label=aG4LCMvEqwIQ5aC87gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https://www.malwarebytes.com/mwb-download/thankyou/&tiba=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&random=3964843956&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 199ms
67ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2006%20Aug%202020%2011%3A47%3A31%20GMT&n=-2d&b=Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes&.yp=10110317&f=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 06 Aug 2020 11:47:31 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 37ms
37ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 14 Nov 2020 11:47:31 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
422 B 514ms
129ms Image
image/gif 34.203.128.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?j=1&u=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tag=ViewContent&ts=1596714451457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.128.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-128-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,e933f211edb55c8409c666e0128c2324,10.0.0.10,16198,89.238.186.243,,25939082564,1,1596714451.904,0.001,,.,0,0,0.004,0.004,-,0,0,197,213,106,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
421 B 524ms
132ms Image
image/gif 34.203.128.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?j=1&u=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&tag=GenerateLead&ts=1596714451457

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.128.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-128-80.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 11:47:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,1702a5c915271feaa64e4976749b9ce2,10.0.0.10,42680,89.238.186.243,,26357446972,1,1596714451.915,0.003,,.,0,0,0.000,0.004,-,0,0,197,183,91,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK visitWebPage Show response
805-usg-300.mktoresp.com/webevents/ 2 B
304 B 803ms
128ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1596714451493&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1596714451492-89813&_mchHo=www.malwarebytes.com&_mchPo=&_mchRu=%2Fmwb-download%2Fthankyou%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 06 Aug 2020 11:47:32 GMT
Content-Encoding: gzip
Server: akka-http/10.1.11
Transfer-Encoding: chunked
X-Request-Id: 2359ede0-a082-49b0-bd73-05d02362e5ae
Content-Type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&rl=&if=false&ts=1596714451920&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%20%20%7C%20Malwarebytes%22%2C%22meta%3Adescription%22%3A%22Malwarebytes%20free%20anti-malware%20software%20uses%20industry-leading%20technology%20to%20detect%20and%20remove%20worms%2C%20Trojans%2C%20rootkits%2C%20rogues%2C%20dialers%2C%20spyware%2C%20and%20more.%22%2C%22meta%3Akeywords%22%3A%22free%20anti%20malware%2C%20malware%20detection%2C%20free%20malware%20removal%2C%20free%20malware%20software%2C%20free%20antivirus%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F%22%2C%22og%3Asite_name%22%3A%22Malwarebytes%22%2C%22og%3Adescription%22%3A%22Malwarebytes%20free%20anti-malware%20software%20uses%20industry-leading%20technology%20to%20detect%20and%20remove%20worms%2C%20Trojans%2C%20rootkits%2C%20rogues%2C%20dialers%2C%20spyware%2C%20and%20more.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fimages%2Fsc%2Fgeneric.png%22%2C%22og%3Atitle%22%3A%22Thank%20you%20for%20downloading%20Malwarebytes%20for%20Windows%20%7C%20Malwarebytes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=2&o=30&fbp=fb.1.1596714451416.943945524&it=1596714451369&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/mwb-download/thankyou/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 11:47:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 Aug 2020 11:47:31 GMT

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vimeo.com/	1970-01-20 05:03:06	Name: vuid Value: pl223442732.2037039964
.malwarebytes.com/	1970-01-19 20:17:30	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Aug+06+2020+13%3A47%3A31+GMT%2B0200+(Central+European+Summer+Time)&version=5.12.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Fmwb-download%2Fthankyou%2F&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.malwarebytes.com/	1970-01-19 20:17:30	Name: SSRT Value: 0u0rXwADAA
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSOC Value: 89.238.186.243
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSResetOC Value: true
.www.malwarebytes.com/	1970-01-19 13:41:30	Name: _rdt_uuid Value: 1596714449873.08bfb00e-3339-4fea-a686-45fd35a1ecf7
.malwarebytes.com/	1970-01-19 11:55:18	Name: _uetvid Value: 86c96429cf68e3a144acbb49922b6ad8
.malwarebytes.com/	1970-01-19 11:33:20	Name: _gid Value: GA1.2.1589969285.1596714450
.malwarebytes.com/	1970-01-19 11:33:20	Name: _uetsid Value: 929f6cad69fea61dadb4eed2296e6128
.malwarebytes.com/	1970-01-19 12:15:06	Name: dld Value: true
.malwarebytes.com/	1970-01-19 11:31:54	Name: _gat Value: 1
.malwarebytes.com/	1970-01-20 05:03:06	Name: _ga Value: GA1.2.937294754.1596714450
.doubleclick.net/	1970-01-19 20:53:30	Name: IDE Value: AHWqTUm23s88xqRwuY2lTVaeW1KzrMvxKZxDIURsr9EIwbu8J0yMBpVsZThELUzu
.malwarebytes.com/	1970-01-19 20:17:54	Name: SSID Value: CAC29R1-AAAAAADQ7StfZYnCB9DtK18BAAAAAAAAAAAA0O0rXwBNNcvYAAEXhR4A0O0rXwEATNkAARWRHgDQ7StfAQCq0wABGNIdANDtK18BAJqqAAEFbhUA0O0rXwEAC9MAAd6_HQDQ7StfAQAtswABikEXANDtK18BAPLUAAG0Cx4A0O0rXwEAutYAAbQzHgDQ7StfAQBU0AABbCMdANDtK18BAA
.malwarebytes.com/	1970-01-19 13:41:30	Name: _gcl_au Value: 1.1.1057346093.1596714450
.malwarebytes.com/	1970-01-19 11:33:20	Name: visited Value: true
.malwarebytes.com/	1969-12-31 23:59:59	Name: SSSC Value: 551.G6857836335340882277.1\|43674.1404421:45869.1524106:53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:55499.2000151:55628.2003221

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.malwarebytes.com/js/utilities.js(Line 136) Message: %cMBPricing() already declared as object color: orange
console-api	log	URL: https://www.malwarebytes.com/js/utilities.js(Line 301) Message: %cgenerateCartLink() already declared as function color: orange
console-api	log	URL: https://www.malwarebytes.com/js/nav-resize.js(Line 268) Message: There is no hero section
console-api	log	URL: https://www.malwarebytes.com/mwb-download/thankyou/(Line 3020) Message: setSSOC:89.238.186.243

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
9812475.fls.doubleclick.net
a.quora.com
ads.avct.cloud
ads.avocet.io
alb.reddit.com
analytics.twitter.com
api.company-target.com
api.ipify.org
bat.bing.com
cdn.cookielaw.org
connect.facebook.net
data-cdn.mbamupdates.com
downloads.malwarebytes.com
genesis.malwarebytes.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
match.prod.bidr.io
munchkin.marketo.net
player.vimeo.com
px.ads.linkedin.com
q.quora.com
s.amazon-adsystem.com
s.yimg.com
script.crazyegg.com
scripts.demandbase.com
segments.company-target.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
udgrbq.malwarebytes.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
www.redditstatic.com
104.109.95.62
104.244.42.133
104.244.42.195
143.204.202.42
143.204.202.60
143.204.202.73
143.204.206.235
151.101.112.157
151.101.112.217
151.101.113.2
172.217.18.2
172.217.21.230
178.250.0.163
192.28.144.124
199.232.53.140
212.82.100.181
23.21.126.66
23.210.248.238
2600:1f18:21ae:6701:726:c6db:c506:9489
2600:9000:214f:4c00:8:d3fb:39c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:400c:c00::9a
2a02:2638::1c
2a02:26f0:10c:382::25ea
2a02:26f0:10c:38c::10b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.203.128.80
34.244.62.180
52.17.148.237
52.49.193.31
52.94.232.32
74.119.119.150
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
03d04d25cedf9a4cb9f0ca9b0deb927673cd2f025fdc0e1260b753f4909ef477
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a2684adb4b431902ef03f7959757f5163ed2ddc548e216654fa7858b1f4fd9b
247b26c61e66a5dc2dc19bdaa07947410152b65656423e1d1e4cbb539ccfb4fb
2d66ca54a00dfbd3f600ac0fbc499269b8c96465378a0558420f0336be34ee32
32cd67bac346e023991238642ab182ae3ff228d0b90d8de0a2456ab011a761a6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd
427a645b2c3f1ae078c503ab2b85f29d113fbc5f4d8a097d2956d35b211e9996
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
48d02d1758575a3ee0e7ba8a0a1c29666b4f55a00d1bf15fd1703897febf4cdb
493571e6d98e95a61ff12899cce2278225bbd756577e1882298ae70234395def
4c9728a9a986b998a3f987f5c4d498f978d2725fbc50b62225ee53aab9573c73
51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659
527f5743db62b7f9d19fb4b1910eb56d63f76f50b0e0180b63eb67d374642099
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
55aff931cf4bc615ee7e9e6a84c19970264253550e541eabac6046209fe40023
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7
6647bef5797b46447dcbeb44a211929c28694200a7e6b83fb25f8df9ee67bb97
66f39afda157857decb630f6ae9eabe94cd36d4271ff8154b11337709c617ba8
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
72daaff4737223b9fe83cf01777a56319a7c08ce6c6601c2dead6afedbc58ea6
75f9768f79e42df5aa6183372a4b067f02682606cca5f242e06d1e07f3614c94
804617e666238c5083247ba14e819514c380d14450bfb7162659e095ddcc1e25
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d
84a003d63e9cb1f4020cecc6a7dd03f87792c96e3a5acc04ba4a682668ef22df
84b86dd6210bb7c5883f0899459871131a0c3884ef8a3e61e963f55811298a6c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87bb81be8a21994264fa70d27a46b604df22e631f56ffe66221e39bbe69def18
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
954f8cc01c3eff935207625bb46c0e2c46348501a4d38c94c006c67fef17b8ce
95f9128fcfef1d602d85a74355fe059cf07fe7cdc0833682123ef6b960a53ebc
9c728f8c1196adabf887e86ec68010aa3ece634dfd662a63c3fdb690b7823e83
a182e45f051c3b540f4e10ea2b38b08db2ba43d38ff33686de11b23e56df7a1b
a23572ae5ca7dd59065f859330c4f60af40e669cadbe0120c48d0e5967f8cafc
a3ce11e17464ae96ee2f1245fbf3c6cffa1aa6e7f6460fb6f8cbe95cfe1874cc
a52bbdb7b132e850fdaf5740012fcc0bc3f6ef0be520bc4b987d8761d40d015a
a7a32c550c2a99140f09c5c6109b609475e2479af31b4c1c2f1ac18b3422dc6c
ab3fe6c518178c0eb56a21f6089a7a4697d6f17149823b55354fc0b0983853e0
ac0e8739225ddb22b2b6e53c8ca4bc87db8fd66321f7459649855cb15a5ee0b3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b28678c51b4397abc7951fe8a69a8aec0fa299159d5eb4ced487aabbb89f44b5
b29e1ec9f8d476c2dfed91412b9d3f101bd5c0e9c6b4b3de4f67fa48bb5e8f59
b9d8e51ffd9da1d06ec0405452ac38723cddd71b1028542b6112b27931506bbc
bb209c54fe3e66001aab122dbf0980067815d6f7e5166d3c5f97fd6053d0d0a6
c016b45a43dc83a578f6d3dfd2f7746392c21f544ae89d22e25964a938c8c51f
c4a394548b21a5f2c8018bffb2f6e49ad4d0d24b63d9b027f37a19ffb134526c
d673d5f68b389f053737094c02d335fdef8c6ce8475a4ff9b0fa1caefa56ddc8
dcf6c6c4a636f6c842c1fab247c6618f29d738fdd7a38bbea6ec01f7d63c6e9c
dd2797a522f8b7b904f06923697aed314fb72d9ceae21628db7ebeb7a540ccfc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfc605a0d8bfeb133ce4314ca316dd16f6780678cb121dda620be73acd4f80da
e1b2b5e6a22d2417cc78422492773fc1a3679160d5c63f5fc5e12ba31d9dbc3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d4ee3f53d92ebb16829cf48220e87c58681170f731a7e7b11f84c44846f124
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f39efc86119f8b9af75ddc7622c6dcd63e68a031b4cf170fb024c5430e59981d
f49907138587c1b6eda90470bd052d859ff044d99ba51466a144f3e66cfcc439
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f6878c514a87204f608e8970bf4abb8ea2effbe3871a4e1709a68d25f5b4b6a1
f7fe274f0c2eef64fa0e218a743cac2e7a5d02b3497adafcf64f612e21f46660
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.malwarebytes.com Open in urlscan Pro 2600:9000:214f:4c00:8:d3fb:39c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

44 %IPv6

35 Domains

45 Subdomains

39 IPs

9 Countries

776 kBTransfer

2323 kBSize

17 Cookies

37 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:214f:4c00:8:d3fb:39c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

44 %
IPv6

35
Domains

45
Subdomains

39
IPs

9
Countries

776 kB
Transfer

2323 kB
Size

17
Cookies

98 HTTP transactions
0 data transactions