forums.malwarebytes.com Open in urlscan Pro
18.245.46.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://forums.malwarebytes.com/
Effective URL:
https://forums.malwarebytes.com/
Submission: On April 29 via api (April 29th 2024, 12:54:17 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 21 domains to perform 64 HTTP transactions. The main IP is 18.245.46.103, located in United States and belongs to AMAZON-02, US. The main domain is forums.malwarebytes.com. The Cisco Umbrella rank of the primary domain is 695743.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 22nd 2023. Valid for: a year.

This is the only time forums.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.245.46.103 18.245.46.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2600:9000:225... 2600:9000:225e:6600:1e:ebe7:1480:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
13	18.66.147.42 18.66.147.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.245.46.44 18.245.46.44	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	18.66.102.98 18.66.102.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:8e00:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
64	26

2 18.245.46.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-103.fra56.r.cloudfront.net

forums.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:225e:6600:1e:ebe7:1480:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.invisioncic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.147.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-42.fra60.r.cloudfront.net

content.invisioncic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-98.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8e00:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	invisioncic.com content.invisioncic.com — Cisco Umbrella Rank: 59732	2 MB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 328 www.linkedin.com — Cisco Umbrella Rank: 613 px4.ads.linkedin.com — Cisco Umbrella Rank: 6223	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	335 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941	313 B
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1314 api.company-target.com — Cisco Umbrella Rank: 4071	2 KB
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 10132 tag-logger.demandbase.com — Cisco Umbrella Rank: 4914	23 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3820	6 KB
2	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10543	13 KB
2	malwarebytes.com forums.malwarebytes.com — Cisco Umbrella Rank: 695743	105 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7278	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	259 B
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 294839	318 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 783	98 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 825	395 B
1	t.co t.co — Cisco Umbrella Rank: 678	377 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 781	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 795	15 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
64	21

	Domain	Requested by
31	content.invisioncic.com	forums.malwarebytes.com content.invisioncic.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com forums.malwarebytes.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	forums.malwarebytes.com www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	munchkin.marketo.net	forums.malwarebytes.com munchkin.marketo.net
2	www.upsellit.com	www.googletagmanager.com www.upsellit.com
2	forums.malwarebytes.com	forums.malwarebytes.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	api.company-target.com	scripts.demandbase.com
1	www.google.de	forums.malwarebytes.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	id.rlcdn.com	forums.malwarebytes.com
1	s.company-target.com	scripts.demandbase.com
1	px4.ads.linkedin.com	forums.malwarebytes.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	forums.malwarebytes.com
1	t.co	forums.malwarebytes.com
1	scripts.demandbase.com	forums.malwarebytes.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	forums.malwarebytes.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	forums.malwarebytes.com
64	25

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
blog.malwarebytes.com
support.malwarebytes.com
service.malwarebytes.com
x.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com
www.invisioncommunity.com
cleantalk.org

Subject Issuer	Validity	Valid
forums.malwarebytes.com Amazon RSA 2048 M01	`2023-06-22` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
content.invisioncic.com Amazon RSA 2048 M01	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2023-09-11` - `2024-10-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-29` - `2024-06-27`	2 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.company-target.com R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://forums.malwarebytes.com/
Frame ID: 758B136C6176C4526017E718B6F188A3
Requests: 80 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 399172D044127E829429A25DC2B70523
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malwarebytes Forums

Page URL History Show full URLs

http://forums.malwarebytes.com/ HTTP 307
https://forums.malwarebytes.com/ Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

64
Requests

98 %
HTTPS

44 %
IPv6

21
Domains

25
Subdomains

26
IPs

3
Countries

2410 kB
Transfer

4707 kB
Size

32
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/for-home
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/premium/
Title: Malwarebytes for Windows

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mac/
Title: Malwarebytes for Mac

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/vpn
Title: Malwarebytes Privacy VPN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/browserguard
Title: Malwarebytes Browser Guard

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/adwcleaner
Title: Malwarebtyes AdwCleaner

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/chromebook
Title: Malwarebytes for Chromebook

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/android/
Title: Malwarebytes for Android

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ios/
Title: Malwarebytes for iOS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/
Title: Business

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpointprotection/
Title: Endpoint Protection

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-protection/server-security
Title: Endpoint Protection for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpointprotectionandresponse/
Title: Endpoint Protection & Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/edr/server-security
Title: Endpoint Detection & Response for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/incidentresponse/
Title: Incident Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-security
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business
Title: Business Modules

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/dns-filtering
Title: DNS Filtering

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/vulnerability-patch-management
Title: Vulnerability & Patch Management

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/crowdstrike
Title: Remediation for CrowdStrike®

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/managed-service-providers/
Title: Managed Service Providers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/techbench/
Title: Computer Repair

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/solution-providers
Title: Resellers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/integrations
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/what-is-vpn/
Title: VPN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/antivirus/
Title: Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/malware/
Title: Malware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/android-antivirus/
Title: Android Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mac-antivirus/
Title: Mac Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/hacker/
Title: Hacker

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/cybersecurity/
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/identity-theft/
Title: Identity Theft

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/what-is-password-manager/
Title: Password Manager

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ransomware/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/keylogger/
Title: Keylogger

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/adware/
Title: Adware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spyware/
Title: Spyware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/sql-injection/
Title: SQL Injection

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ddos/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/cryptojacking/
Title: Cryptojacking

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/data-breach/
Title: Data Breach

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/computer-virus/
Title: Computer Virus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/social-engineering/
Title: Social Engineering

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/malvertising/
Title: Malvertising

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/emotet/
Title: Emotet

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/trojan/
Title: Trojan

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/exploits/
Title: Exploit

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/backdoor/
Title: Backdoor

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/scam-call/
Title: Scam Call

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spam/
Title: Spam

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/phishing/
Title: Phishing

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spoofing/
Title: Spoofing

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://service.malwarebytes.com/
Title: Business Support

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/secure
Title: Vulnerability Disclosure

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/articles/4404023501459
Title: here

Search URL Search Domain Scan URL

URL: https://x.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.invisioncommunity.com/
Title: Powered by Invision Community

Search URL Search Domain Scan URL

URL: https://cleantalk.org/ips-cs-4-anti-spam-plugin
Title: IPS spam

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://forums.malwarebytes.com/ HTTP 307
https://forums.malwarebytes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1714395252731%26li_adsId%3D82dbb017-fc10-4c97-8489-a03f018382e8%26url%3Dhttps%253A%252F%252Fforums.malwarebytes.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKojWCmGckzWgAAAY8p64pCKgInoPMAg9KfUpLi6AXI7OUtlPeXUwsmiTKtl8e9L2004rK4

64 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
forums.malwarebytes.com/
Redirect Chain

http://forums.malwarebytes.com/
https://forums.malwarebytes.com/

229 KB
29 KB

67ms
10ms

Document
text/html

18.245.46.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-103.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

f92e9df909baa2226721d8d8795ae1bfb3138cb71e3bc12da6a1a069c0bccb82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 374
alt-svc: h3=":443"; ma=86400
cache-control: no-cache="Set-Cookie", max-age=900, public, s-maxage=900, stale-while-revalidate, stale-if-error
content-encoding: gzip
content-length: 28653
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Mon, 29 Apr 2024 12:47:58 GMT
expires: Mon, 29 Apr 2024 13:02:58 GMT
last-modified: Mon, 29 Apr 2024 12:47:58 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000
vary: Cookie,Accept-Encoding
via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-amz-cf-id: m6WEM78c1-7l5ld-pvcEwYeNu3nt_WV7zYx1kI0hj3L4NDJ9Q6WVAA==
x-amz-cf-pop: FRA56-P9
x-cache: Hit from cloudfront
x-content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ips-loggedin: 0
x-xss-protection: 0

Redirect headers

Location: https://forums.malwarebytes.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 fontawesome-webfont.woff2
forums.malwarebytes.com/applications/core/interface/font/ 75 KB
76 KB 11ms
10ms Font
text/plain 18.245.46.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.malwarebytes.com/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-103.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Origin: https://forums.malwarebytes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 06:39:31 GMT
via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 14:47:41 GMT
server: Apache
x-amz-cf-pop: FRA56-P9
age: 22481
etag: "12d68-6142cca097d40"
x-cache: Hit from cloudfront
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-amz-cf-id: f04-bvCiWkF9nar8pcbdLGxia3YWuv-qadcVkeaxvUsQbBInfEPLIg==

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 130ms
44ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 12:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 12:54:12 GMT

GET
H2 200 341e4a57816af3ba440d891ca87450ff_framework.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 323 KB
60 KB 43ms
16ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bfdaeb15e93857db647a5a3af0a72148b4b9a22fb290700b9b83a222e15e8c2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: qBvBnEXfAdHkjCuFEwrnCT72L5I92FJv
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 61281
last-modified: Tue, 26 Mar 2024 15:49:31 GMT
server: AmazonS3
etag: "1f275f8adb7c3d217c607fdea0f2c120"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8_R3N80a1U2lXwIXCTFpntgWF6WOrqSiUlcyyTfrXPQGuFJ8Isxlmw==

GET
H2 200 05e81b71abe4f22d6eb8d1a929494829_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 35 KB
7 KB 37ms
10ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/05e81b71abe4f22d6eb8d1a929494829_responsive.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5008d5e9bd10eea3c48217fc3a797895a56aadb808b04dda8381dd35e6544f22

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: oKWEIBQZ6F04ighrSiS0QDtUTTHPRjs1
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 6713
last-modified: Tue, 26 Mar 2024 15:49:27 GMT
server: AmazonS3
etag: "662c81ff9a5b04e3eec6773ca9dbad1d"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YMObrVJXBG_wKi7ELHpLfskLMIUo23YoHBX7Kwo-lMdmsHJnwU8m8g==

GET
H2 200 90eb5adf50a8c640f633d47fd7eb1778_core.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 24 KB
7 KB 35ms
9ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/90eb5adf50a8c640f633d47fd7eb1778_core.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ac232e1159b6d9f263158dbc5b85594af1d341fd5f221654f929b741984e26f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: TBa4IdLw4k0i495WKiN83RumUx_gXqmj
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 6640
last-modified: Tue, 26 Mar 2024 15:49:29 GMT
server: AmazonS3
etag: "90dc8246335539e7f2c465743178cc36"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2g-6jmrpP8_yO7pDUl3fwpcymSrJw3_HOo3iebgcIvNUSXrDjovp-Q==

GET
H2 200 5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 5 KB
2 KB 35ms
8ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae9d33c675a45f0263ac186920780ef9593f2f0fc05ce203a1ed786be7afe5e2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: 2FCbbNcJHYD7txa.c3RPQDGl2VZCpZYR
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 1212
last-modified: Tue, 26 Mar 2024 15:49:31 GMT
server: AmazonS3
etag: "3d62088babca9778cf21f3c4cc40957a"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jJavSTG3vJ9f-ZKW1znbxXC54dQx0wV6e7JHprlFwhKY2l7Nn5cl_Q==

GET
H2 200 62e269ced0fdab7e30e026f1d30ae516_forums.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 15 KB
4 KB 40ms
13ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/62e269ced0fdab7e30e026f1d30ae516_forums.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0c356b5f4faa7b2414c815d215d5b5b2078b4801a79bbd9f1d189b34cbb9c71

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: pL5sb7K0WT_HTbq6MEYIuHp.Q51uvbzP
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 3753
last-modified: Tue, 26 Mar 2024 15:49:31 GMT
server: AmazonS3
etag: "706fe1e41b54986ee75c962074e5f28a"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SV0rrctrqheD5pYxw5CsdG-pJeNZB-B0A4t1fLDNekP2Kbts05Ngtg==

GET
H2 200 76e62c573090645fb99a15a363d8620e_forums_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 6 KB
2 KB 36ms
10ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/76e62c573090645fb99a15a363d8620e_forums_responsive.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1099b3d49cec3d8e97ac307dd1db309dc9af5aa69c134db3cfd7d90eafb8df9c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: OL5yD6AIskQccxojFkhzGUoOEunjaUjk
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1408
last-modified: Tue, 26 Mar 2024 15:49:31 GMT
server: AmazonS3
etag: "f6b69720d18ae8c6c450207ae7812092"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YD6UTvFHW89d8xpps7QEGhyCYahfYeel-yqQ5DFYUoR_9qU2QNV54g==

GET
H2 200 258adbb6e4f3e83cd3b355f84e3fa002_custom.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 887 B
932 B 41ms
15ms Stylesheet
text/css 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/258adbb6e4f3e83cd3b355f84e3fa002_custom.css.gz?v=d815db93211711468165
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3001a3960df32de0715d410de98ec7a468c546e5c6ddf98b2bcaef28666e32af

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 15:49:51 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: xvwty3zcthNAWa1htGiOUvdnVrL8R5jb
x-amz-cf-pop: FRA60-P4
age: 2927062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 447
last-modified: Tue, 26 Mar 2024 15:49:31 GMT
server: AmazonS3
etag: "d4600f2fa1dbbd939fdb12b5e8a7b238"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -tfrBQMw_lTG3AzlO8MLC46ZrPKFZErbmclZo7vq6jUYT5QMKLPN2g==

GET
H2 200 CONS_PCmag_728x90.png.14a2528af4359a57b15c72130caf4590.png
content.invisioncic.com/Mmalware/monthly_2023_06/ 60 KB
60 KB 18ms
17ms Image
image/png 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2023_06/CONS_PCmag_728x90.png.14a2528af4359a57b15c72130caf4590.png
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d4c00cea7d26cd2f10e1885395216df960748bcae7026a030ffcd3c0fdb029

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 04 Dec 2023 13:05:46 GMT
x-amz-version-id: 42Kp1rFTXg4J5aCSkHlQ_aWDCVNMPDk8
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 12700107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 61119
last-modified: Wed, 07 Jun 2023 21:30:50 GMT
server: AmazonS3
etag: "f462d14a7ea6d2ced8164f13df4c67db"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jxzarXeAivPjuvS8XgZsJJctx2SW1IhkXyp4NO_k75I4lFDrKUSfjg==

GET
H2 200 root_library.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 346 KB
115 KB 17ms
17ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_library.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a422773a794729cf98ce172eec6df5c82174cef1021174af4fd71dddb65d86a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: ScfMCTbe37cDo5CrjxdaqDxRW.UGiYvC
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 117638
last-modified: Fri, 26 Apr 2024 20:29:08 GMT
server: AmazonS3
etag: "7637f9e611f3e9b9408dc0e12ce79c90"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qZ-scERE-r1JUd66cdmXX3IIpEaiz2idhvhphpV2f5iJVJtv2fWnzQ==

GET
H2 200 root_js_lang_1.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 103 KB
33 KB 17ms
17ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_js_lang_1.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 981740cc49e88fb417f41baf26a5d4b6135deb86b0caa67570f435f569268096

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: _buzXGptxQ1OYmljcIP4qfC58yg9rJn1
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 32838
last-modified: Fri, 26 Apr 2024 20:29:08 GMT
server: AmazonS3
etag: "a7bc6de9868f27b41454f754ea62b3c9"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GrhfXIR3OE2Zo0QobU0iaja7yTDXkFKqJdFt_JYE9NHjE_yQTLyPIQ==

GET
H2 200 root_framework.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 437 KB
101 KB 20ms
20ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_framework.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64fe54474a0a550d67be83ea1096e1655ceca9fc359c10716f5a267b2135ab19

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: yOaw.q6hzrSIbAfidykteSBOrDVE54pP
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 102400
last-modified: Fri, 26 Apr 2024 20:29:09 GMT
server: AmazonS3
etag: "ec997b074216690e461f7bfc2ea2f00f"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pAaUDHd9XG6SL7lma6HRLReZavs0l08WmkAzbyJdAcB5xFZMd5a2_Q==

GET
H2 200 global_global_core.js.gz Show response
content.invisioncic.com/Mmalware/javascript_core/ 38 KB
10 KB 21ms
20ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_core/global_global_core.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a12a1a9b6bc08ddf4ba7527cda03faab69d3feb0fe57b99d7773ead29ed5da88

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: H_sVcXcF.eNFleKI33oNcKhKpOWfVY26
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 9645
last-modified: Fri, 26 Apr 2024 20:29:09 GMT
server: AmazonS3
etag: "53537c1517d588cd25d79b97504a000b"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ael1icI-CeFEJeQpIPSKIwOjeS_x9qQ5cJj4nwJNxQ5_Gcrhi_w6ZA==

GET
H2 200 root_front.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 103 KB
23 KB 21ms
20ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_front.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d9afe48e38658ee24b52cd488679afb67451fd930aa0173eca77436338f6818

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: 9Rq079SkCE3DvNOl4C_AV6WTJtYG2Xtz
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 23096
last-modified: Fri, 26 Apr 2024 20:29:09 GMT
server: AmazonS3
etag: "20897540d29a4e2383b2a0d9dd255a62"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dxfEE5Qww3E2YhG3YTJX9O3rk3krgvKA3HtgypGqt1jLS-wGb9rsjA==

GET
H2 200 front_front_core.js.gz Show response
content.invisioncic.com/Mmalware/javascript_core/ 37 KB
9 KB 21ms
21ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_core/front_front_core.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a48c050993c56f2e508657e6c0669110ce1621ab59bdbf08c40e87aeff63a9c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: V9OUIZsPXBzBC1orcJhbZa6GzXv9d1D5
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 8940
last-modified: Mon, 29 Apr 2024 11:27:48 GMT
server: AmazonS3
etag: "c3b647da4b069b905e23540de1b10654"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vjNSoz5ZRxnhKbN4ps4M462s0T6feDbsFKi954yaWmgEoMrm96SDvg==

GET
H2 200 front_front_forum.js.gz Show response
content.invisioncic.com/Mmalware/javascript_forums/ 7 KB
2 KB 21ms
21ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_forums/front_front_forum.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38c93a1675e592e7ff8709d4932e7c235a6f809996431e2685443d763e06d6c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:45 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: VwVbbiTELxI8IfYRKMBp94OZa9iJ4WOv
x-amz-cf-pop: FRA60-P4
age: 4768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2027
last-modified: Mon, 29 Apr 2024 11:27:51 GMT
server: AmazonS3
etag: "96eaeb057ae4adc1f02df8e70bc122d2"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uooo_Gmz3xeMWICWq8cce1XPQq1JwbTGoCZv_NN4kkKA3bZymsx8pg==

GET
H2 200 front_app.js.gz Show response
content.invisioncic.com/Mmalware/javascript_cloud/ 5 KB
2 KB 22ms
22ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_cloud/front_app.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9acfaa323a82f2dc08ff9efd846a21c0b7df4e137c6dcfb3acb9a80b79bac3aa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: UzQhovDI3tQzNWLtk3GIeCiCI3rZovxL
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1752
last-modified: Mon, 29 Apr 2024 11:27:50 GMT
server: AmazonS3
etag: "e790e2d2caea8bcba1147d0936da70b2"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cUwjI-9UdPkSomRV-hB8UDFKK_T8Eo34fHDkFqww5dCO1k1-xkS1jQ==

GET
H2 200 front_front_realtime.js.gz Show response
content.invisioncic.com/Mmalware/javascript_cloud/ 13 KB
4 KB 23ms
22ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_cloud/front_front_realtime.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6a71720c5526094905d7cc750d84e3a17154a848eb706c7b56b772b7dab9c04

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: S_.7hmZVvh4XZHl.I6afdgRxCrKVc6K1
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3407
last-modified: Mon, 29 Apr 2024 11:27:49 GMT
server: AmazonS3
etag: "42cf7fce3b67076da0be9d8cb73ce47f"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FD0zQbj1RJi0hF15f8lB6xRE47a4EaWs1nClUSEp8DTLYDaWUs_hJA==

GET
H2 200 root_map.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 1 KB
757 B 33ms
32ms Script
text/javascript 2600:9000:225e:6600:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_map.js.gz?v=d815db93211714390468
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 880f073e157d11a784c83533fd689699963f1206a592304bb3ab2ea86425af5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:34:39 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-version-id: 7d.Xnpdb_nDqSn8KhM2PEhvibT3McQBK
x-amz-cf-pop: FRA60-P4
age: 4774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 261
last-modified: Mon, 29 Apr 2024 11:34:29 GMT
server: AmazonS3
etag: "1fa7d8b50cc0d10b5ebc59bcc5d98aee"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qBwQKdLi7TrLSvB2o-qJbGm9Ya6Byl5sBFWw_ZPDpnDdlf6VhW-RQg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 492 KB
145 KB 171ms
92ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b57925244778ba04e8072a21ae68ca8de251d26a16739e398ca3e895f0a231e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148090
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 12:54:12 GMT

GET
H3 200 d0e70b4cbb9ab8afb1bc1065a3f8487a_subitem_stem.png
content.invisioncic.com/Mmalware/set_resources_28/ 102 B
474 B 8ms
8ms Image
image/png 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/set_resources_28/d0e70b4cbb9ab8afb1bc1065a3f8487a_subitem_stem.png
Requested by: Host: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211711468165
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ee1c3288716972defe598729ab8f3f9131964ae925025ce82633ec9887c413d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211711468165
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Sep 2023 05:22:22 GMT
x-amz-version-id: o6Ca.JiMPtbeRxPW1hQJbMzjp850eyWy
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 19121511
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 102
last-modified: Wed, 13 Sep 2023 09:04:08 GMT
server: AmazonS3
etag: "e28e9e36d826ba6037b42e0608862211"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: b_BHz99Jer5Bo_AVH36RJzbbdJEEjH1yObqRcNspYpi22V4RDgEY1w==

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c22f6a5e054bc066a101d2a9a2b07fa058435c4eb4be10b3ccc2a8a45e60c06e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 118ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://forums.malwarebytes.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:11:39 GMT
x-content-type-options: nosniff
age: 225753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:11:39 GMT

GET
H3 200 17553968_10154550599667055_2818850751442369414_n.thumb.jpg.f89e5d73fd34a20327a34d773f00c0cc.jpg
content.invisioncic.com/Mmalware/monthly_2017_08/ 8 KB
8 KB 8ms
8ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2017_08/17553968_10154550599667055_2818850751442369414_n.thumb.jpg.f89e5d73fd34a20327a34d773f00c0cc.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 596a6ea502b65ce687b275910424914828ab23d79943756ea4acda513d2d8267

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 18 Sep 2023 07:53:27 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 19371646
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 8158
last-modified: Tue, 29 May 2018 23:03:09 GMT
server: AmazonS3
etag: "e5b97178b85035c407a64730bc0fdd3d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VMaTXiT69EOvVIY6OB4EE1mBjg6hr3Q1tcW8DeK-bal_tLswg_xjqw==

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110a9de468f488fea92f7008a350050c1b687e10809f4f6a6990bb1802670b65

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc0f0ea6481ffd1b97c51632dc4020f4e1c1932ecab6b986dec509f056f2c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a146e0570d202a4e71c24394106409d1b37bce2248ecd1e18f24ae4416191833

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4510b427a4910ac04ebaf7ae425dc47043b9559520709970f5985becead059a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 img667950018.jpeg.f555eecd941b66dfb3a2b8194ae8b736.thumb.jpeg.5dda69eb4aff988410b3d12d151be20f.jpeg
content.invisioncic.com/Mmalware/monthly_2016_03/ 2 KB
2 KB 11ms
10ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2016_03/img667950018.jpeg.f555eecd941b66dfb3a2b8194ae8b736.thumb.jpeg.5dda69eb4aff988410b3d12d151be20f.jpeg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02a8c27fe9b82dcb04c0061373b64d0a90a20834a486c3942d339b015d97edae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 18 Nov 2023 18:41:07 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 14062386
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2156
last-modified: Tue, 29 May 2018 13:13:14 GMT
server: AmazonS3
etag: "3a4de91c9b5474b0eb6f1ccb4ed4ff1c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: M28DobUr7m6Ty3XlHUvyOR1d1F9iiPxyJYHsjMFKhwSs3n1paxa-QA==

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dce0fe4f8e59fb1c9eb2183410e9f94f8898cb27b5de1a01b203cee1be6b894d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Ukraine_Flag.thumb.jpg.d091566dc884a8a36c724829ade129f1.jpg
content.invisioncic.com/Mmalware/monthly_2022_03/ 459 B
783 B 16ms
15ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2022_03/Ukraine_Flag.thumb.jpg.d091566dc884a8a36c724829ade129f1.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ed3b52e9195afb8f4e5a02f95c16f9ee6d5f796093aab6ed7de1f29ccaf78b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 08 Oct 2023 14:42:02 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 17619130
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 459
last-modified: Thu, 03 Mar 2022 19:56:27 GMT
server: AmazonS3
etag: "51275234add347521e6a08a43b65513d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VAnFdep6JcxbhhF9klIkQZjVeMBhi-U-vC-gBLj65jKclUgiNySbDw==

GET
H3 200 2021-06-25_13h42_15.thumb.png.1335d6a99dcf0633d1032d96ce48bdfc.png
content.invisioncic.com/Mmalware/monthly_2021_06/ 42 KB
42 KB 27ms
26ms Image
image/png 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2021_06/2021-06-25_13h42_15.thumb.png.1335d6a99dcf0633d1032d96ce48bdfc.png
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0adac79eeb001dfe7a4f034ccec64d24aed78d14ef830e142c5a66033fb3c73d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 03 Dec 2023 20:42:02 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 12759131
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 42571
last-modified: Fri, 25 Jun 2021 18:46:07 GMT
server: AmazonS3
etag: "26a283f2670dc7cd88113c6595abc8ff"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hW4ZM3vSOc8M78nbO5hbUkESibBDwfZvS5ejGRs8jmAeZIlVDKKCCg==

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2a682e5c433d43d8d1a53958f8fd5b1fa501c1260856fad15cf97143f873e2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 matrix-4-cambio-genero.thumb.jpg.f6f908691b134b273f79da962a6b53b4.jpg
content.invisioncic.com/Mmalware/monthly_2020_10/ 7 KB
7 KB 18ms
17ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_10/matrix-4-cambio-genero.thumb.jpg.f6f908691b134b273f79da962a6b53b4.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d364833ce428251528510038014b5e34c5190602325d53f8b678060391272fc5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 15 Oct 2023 22:23:42 GMT
x-amz-version-id: uCtUMijYP_S1W1HYR2abC9He5t79f3Cv
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 16986631
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 6814
last-modified: Mon, 12 Oct 2020 11:47:38 GMT
server: AmazonS3
etag: "51856b04485d054ef2952cf2945bf615"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4QxusiWw6Mrd4iB4a9Y3q7V2jWsO2Vixh1MN6Njnt-Dn7AJqTzOeVA==

GET
H3 200 what_kirk.thumb.gif.70b2b23aa23a2941e8842dad5086b144.gif
content.invisioncic.com/Mmalware/monthly_2020_11/ 1 MB
1 MB 32ms
32ms Image
image/gif 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_11/what_kirk.thumb.gif.70b2b23aa23a2941e8842dad5086b144.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e53518089ad9ea0906b7df8cbf6b0434f8d33e62e8be8cef079ce87d790977c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 Nov 2023 00:18:36 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 13178137
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1293557
last-modified: Wed, 25 Nov 2020 03:58:09 GMT
server: AmazonS3
etag: "e5dacb932304aa23c6430e1c1e695834"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AxWKLh4IDpga1kbLVMgSPCvSHdezJXdHDUA9dtaejLBTmaBrCm4Wcw==

GET
H3 200 ua-barms.thumb.gif.5ae42cc8bdb653f77c8f955df566e204.gif
content.invisioncic.com/Mmalware/monthly_2023_02/ 22 KB
23 KB 17ms
16ms Image
image/gif 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2023_02/ua-barms.thumb.gif.5ae42cc8bdb653f77c8f955df566e204.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b842bd5b2c27864b197d56fd3f39f854a21e3710a663a15145a7c24afc4023d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Sep 2023 00:08:22 GMT
x-amz-version-id: mQrZm7vjS.yB9OAehZTptjBUbNEN42XE
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 18362751
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 22994
last-modified: Sun, 05 Feb 2023 17:27:29 GMT
server: AmazonS3
etag: "0ba676f00be76978dc58835e8c4b74d0"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YfZDk1RSrTI4I7Yx-ZjPsP-3_TMmBNzjmslPjBMVycEKC0nqmkHI0g==

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 074ee4b9c9e4104e15a718b281f20bf4cfeee76257ef5301dd4a0cf6d03b7e31

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdd750a43aba5d0ca4ea2a760cda93a193d770edf1be61b686e4dfd8ab8afcf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1564a8927cd5134b15050acad127b3923c6b46cd4f2289512b8a4f352b963afd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c16d94a9b7692ac9cbcd53dcaf6ee84b7f42752fb8fe4974fe24023f664771a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8449bdfbd3fc11bf3de00bb75413eb19e165eb4bb7a4384cdc17e1ce0b1254c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5730ff1b4543267909aa205e35deb8b2203e7eb230143b068671868453a1c046

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e467a6473897a635a3943a6587988396c5628d3dfeacc1e88c941b19e18552f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96969b6bf2b21f7b05822bd644b894e8ba7e05f5c553b442bd9c3f0e36a6cfb3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63c6f5132a910d99d3dfb3583468dd53505b7ffd1f486a3fb521869e9a1319fc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 lp.thumb.jpg.b80650749534f8c3001872606a807170.jpg
content.invisioncic.com/Mmalware/monthly_2022_03/ 4 KB
4 KB 30ms
29ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2022_03/lp.thumb.jpg.b80650749534f8c3001872606a807170.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e57dca86233a79a1fe34867ded09880f62051f75c9e1a9da21332e685aafa539

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 04 Oct 2023 16:31:39 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 17958154
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 4168
last-modified: Tue, 01 Mar 2022 15:03:47 GMT
server: AmazonS3
etag: "f628bd5b0288150482e3519d5fe288d9"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: U8mkAN7mGvTjFrlVTU-jfuIVbhBrDX_OnarUV_d3gGJIuLa5qwDGkw==

GET
H3 200 PinkPantherpeeking.thumb.jpg.20d3deb5245a63136c612164a9d012d0.jpg
content.invisioncic.com/Mmalware/monthly_2024_04/ 3 KB
3 KB 29ms
28ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2024_04/PinkPantherpeeking.thumb.jpg.20d3deb5245a63136c612164a9d012d0.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7af4749612af13ee2a84da2217d216a2b97acc83cb7166c4932c4df98a6256d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 12:20:23 GMT
x-amz-version-id: U3ejiyEXtW2yTmr1n.t.2Sd_6B7o.zrO
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 1989230
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 2793
last-modified: Sat, 06 Apr 2024 12:20:17 GMT
server: AmazonS3
etag: "b80f2e1f5b0740a26971fd62a7ee551b"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -K1WONLj76GB6Xv2h2_3b0dhikbkWcQJGOf4_pUwLA8zWqERGhvXKw==

GET
H3 200 av-3886.jpg
content.invisioncic.com/Mmalware/ 2 KB
2 KB 31ms
30ms Image
image/jpeg 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/av-3886.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d050ecaf5864a8667ebb0b243c182671887e207afa903d65fc2bb886b9e62446

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Sep 2023 04:30:13 GMT
x-amz-version-id: null
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 18606240
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1993
last-modified: Tue, 29 May 2018 13:21:09 GMT
server: AmazonS3
etag: "65282bfc1b4569f6ea62a8d21d8c88da"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1pIWEKjaN7KjLW7iPXfwLh7rw5OMHz7F85vzNuem4QzQE1GxiUG-9Q==

GET
DATA 200
OK truncated
/ 283 B
283 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 860ce2f811148fa0ba6a9908ddb3b15a4c0ddfdcd253f20ef60d4b3843ca4340

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
103 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ca40f3bb4f6bf7fc1a82b2712e326b88afd2c66bed7fabcbdf0d40631700fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Apr 2024 12:54:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Apr 2024 11:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3964
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Apr 2024 13:48:08 GMT

GET
H2 200 malwarebytes.jsp Show response
www.upsellit.com/active/ 45 KB
13 KB 53ms
15ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/malwarebytes.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a4860b1679a8a0b5905d326334584cfcd16342c846f1ea18545890b4d1d225b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Mon, 29 Apr 2024 01:33:28 GMT
server: nginx
age: 40844
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13170
expires: Tue, 30 Apr 2024 01:33:28 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 43ms
9ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 12:54:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 43ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220107-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47e168b0017fab44d029358161e05974a04ed1c1e7067730d3bc7bcb2e9e39a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89295
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Apr 2024 12:54:12 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 48ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 07:42:51 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=59671
accept-ranges: bytes
content-length: 17238

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 85ms
67ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 29 Apr 2024 12:54:11 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F448F6DC2FB743F59502C0445C31A618 Ref B: FRAEDGE1515 Ref C: 2024-04-29T12:54:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 80 KB
23 KB 50ms
14ms Script
application/javascript 18.245.46.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-44.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

14909eae504ef8da264a30f5ee085886a4eca73a78a2552fd78d6e94108addbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: T5H5opdOQ691hsMKut7Z74NWL1pY8uXT
content-encoding: gzip
via: 1.1 5a2cb96a37aeca3f9626798c4e9dab28.cloudfront.net (CloudFront)
date: Mon, 29 Apr 2024 12:09:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 2697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 16 Apr 2024 11:45:24 GMT
server: AmazonS3
etag: W/"ffb86ffc8185b36cbdec0c8d1936bb31"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: c5U7gFcwHsj3APTp9TAOsrU2aAfQP3x5wJ0IV3eD1VYbI5isNiApYg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 8ms
7ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 12:54:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 07 Aug 2024 12:54:12 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 220ms
193ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=9f03e059-8af2-463a-ad23-56cf13505dc0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54ceac50-f4ed-4bba-9a67-3184b70a9d78&tw_document_href=https%3A%2F%2Fforums.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.30

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 184
date: Mon, 29 Apr 2024 12:54:12 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1f3be02ee6037729
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d168d3872dfdf2e9ddef6a3674512fb77298d6f636b84c7f9f7c98872516d8f0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 226ms
192ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9f03e059-8af2-463a-ad23-56cf13505dc0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54ceac50-f4ed-4bba-9a67-3184b70a9d78&tw_document_href=https%3A%2F%2Fforums.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.30

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 185
date: Mon, 29 Apr 2024 12:54:12 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a0f8179816fc4616
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: c8f2a96e0d98a47a9718a88ebd83422f81e67719ac28972fbf859daebff8955b
content-length: 43

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1714395252731%26li_adsId%3D82dbb017-fc10-4c97-8489-a03f018382e8%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=tru...

0
482 B

184ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKojWCmGckzWgAAAY8p64pCKgInoPMAg9KfUpLi6AXI7OUtlPeXUwsmiTKtl8e9L2004rK4
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 30E096C8EE4F49A59BA62AFCCD9390FB Ref B: FRAEDGE1907 Ref C: 2024-04-29T12:54:13Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXO8AW9r1MEyLLb26SQg==

Redirect headers

date: Mon, 29 Apr 2024 12:54:12 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D0C0F58CF52F4CA28E7EF9811A184473 Ref B: FRAEDGE1409 Ref C: 2024-04-29T12:54:13Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1714395252731&li_adsId=82dbb017-fc10-4c97-8489-a03f018382e8&url=https%3A%2F%2Fforums.malwarebytes.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKojWCmGckzWgAAAY8p64pCKgInoPMAg9KfUpLi6AXI7OUtlPeXUwsmiTKtl8e9L2004rK4
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXO8AT9sZruj1/Xs71yQ==

GET
H2 200 sync
s.company-target.com/s/ Frame 3991 0
0 153ms
103ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://forums.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 12:54:12 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 78ms
27ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 696ms
98ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1714395252771&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1714395252770-74592&_mchHo=forums.malwarebytes.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 12:54:13 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 8baa9384-2b3c-4c42-bab7-b0b2b9344103

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je44o0v872204243z86688972za200&_p=1714395252200&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=470789297.1714395253&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&sid=1714395252&sct=1&seg=0&dt=Malwarebytes%20Forums&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_group=Homepage&tfd=761
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 12:54:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 61ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=470789297.1714395253&gtm=45je44o0v872204243z86688972za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 12:54:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 110ms
62ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=470789297.1714395253&gtm=45je44o0v872204243z86688972za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1393808119

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 12:54:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
2 KB 86ms
55ms XHR
application/json 18.66.102.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fforums.malwarebytes.com%2F&page_title=Malwarebytes%20Forums
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-98.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 37d8914a7b4d887e4bad945883b534160c014b8806492f775f085df6ce394206

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 29 Apr 2024 12:54:12 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 4840a121-ffe1-433a-8504-d5ab5bde6ba2
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://forums.malwarebytes.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6kcnimy4yFHIlKgJWNXhNAEaPoGzDaQmSpLJXk0OpBIBxqFscGfdVA==
expires: Sun, 28 Apr 2024 12:54:12 GMT

GET
H2 204 4072696.js Show response
bat.bing.com/p/action/ 0
116 B 36ms
36ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 29 Apr 2024 12:54:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B1C529D334E4EC68AB87BDA2090E770 Ref B: FRAEDGE1515 Ref C: 2024-04-29T12:54:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
284 B 40ms
40ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=679a8a15-8856-4e72-8a2a-af5f72033bb7&sid=9407ec40062711efb9ac77ba9ac9d656&vid=9407f270062711ef852fa7d989c2e4ef&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20Forums&p=https%3A%2F%2Fforums.malwarebytes.com%2F&r=&lt=425&evt=pageLoad&sv=1&rn=636984

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 29 Apr 2024 12:54:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C6FF6C01C944272922098088B0E0F49 Ref B: FRAEDGE1515 Ref C: 2024-04-29T12:54:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 Apr 2024 13:01:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 46ms
43ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2144212254&t=pageview&_s=1&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ul=de-de&de=UTF-8&dt=Malwarebytes%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjBAAAACAAIg~&cid=470789297.1714395253&uid=136E113F-0971-4A8B-B71C-0A022E5C1772&tid=UA-3347303-10&_gid=723098774.1714395253&_slc=1&gtm=45He44o0n71MKSKW3v6688972za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=537117864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 12:54:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je44o0v872204243za200&_p=1714395252200&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=470789297.1714395253&ul=de-de&sr=1600x1200&ir=1&pscdl=noapi&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=BA&_s=2&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&sid=1714395252&sct=1&seg=0&dt=Malwarebytes%20Forums&en=demandbase_event&_ee=1&epn.2=9105622&ep.3=Enterprise%20Business&ep.4=Software%20%26%20Technology&ep.5=Qiagen%20Lake%20Constance%20GmbH&ep.6=Qiagen%20Lake%20Constance&ep.7=Software%20%26%20Technology&ep.8=Imaging%20%26%20Optics&ep.9=%241B%20-%20%242.5B&ep.10=Enterprise&ep.11=Stockach&ep.12=BW&ep.13=(Non-Company%20Visitor)&ep.14=(Non-Company%20Visitor)&ep.15=(Non-Company%20Visitor)&ep.16=(Non-Company%20Visitor)&ep.17=DE&ep.18=qiagen.com&epn.24=6200&ep.content_group=Homepage&_et=115&tfd=891
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 29 Apr 2024 12:54:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 408ms
379ms XHR
text/html 2600:9000:2156:8e00:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=6kcnimy4yFHIlKgJWNXhNAEaPoGzDaQmSpLJXk0OpBIBxqFscGfdVA==&api-version=v2
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8e00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Mon, 29 Apr 2024 02:52:15 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 36181
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 63KZEzyBkfXdGt94sdLuHls_RqUCKHEea8I6xz8ZefzO5AWT0RdftA==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 155ms
155ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://forums.malwarebytes.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:13 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 25C8521FDF6B4E55A72A6916D0EF6AB4 Ref B: FRAEDGE1409 Ref C: 2024-04-29T12:54:13Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
access-control-allow-origin: https://forums.malwarebytes.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYXO8AZZstusdRGQe02hg==

GET
H2 200 customer_ip.jsp Show response
www.upsellit.com/utility/ 118 B
195 B 488ms
487ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/utility/customer_ip.jsp?companyID=11657&si=uub7xk_1714395254

Requested by

Host: www.upsellit.com
URL: https://www.upsellit.com/active/malwarebytes.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

91a21f6676ffbdcc18292a03ef7d95d195af3cdcf35d52831059a8906dbe315c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 12:54:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
content-type: application/x-javascript;charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118
expires: Tue, 30 Apr 2024 12:54:13 GMT

GET
H3 200 MB_ICON_48x48.png
content.invisioncic.com/Mmalware/monthly_2020_09/ 1 KB
2 KB 9ms
9ms Other
image/png 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_09/MB_ICON_48x48.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed669d880bfe36e13ffba538ba7323db5bfb4df31c5bccae8969684d401c18fb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 09 Dec 2023 02:09:14 GMT
x-amz-version-id: i39QIaK_RZrhg29tNoOHnMasgInqGqBZ
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 12307500
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1486
last-modified: Wed, 02 Sep 2020 16:26:54 GMT
server: AmazonS3
etag: "f10e68edb240c1871c51c7847ee61e47"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UGOGzO05ZWJ8SrIuOZwNLj71Ki2WI-lKwcyvNabGnMFwGIwIi3UdRQ==

GET
H3 200 android-chrome-36x36.png
content.invisioncic.com/Mmalware/monthly_2020_09/ 1 KB
2 KB 9ms
9ms Other
image/png 18.66.147.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_09/android-chrome-36x36.png?v=1711468003
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.147.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4da6cea5ac5ab333420ff44ce371b00a77ad5128c569a3565a8c427d9e712e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://forums.malwarebytes.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 16:00:47 GMT
x-amz-version-id: pjCBxxxpn1ZdKRGl3T6pjmxCBV8kd_4Y
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
age: 2926407
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1234
last-modified: Wed, 02 Sep 2020 16:28:01 GMT
server: AmazonS3
etag: "8e8533bab114834080e1a04266ae7724"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zP9WVC_ODEQgF-r7hmkwh8vp_1uN5SWifmRAl2BXiCOPB1KOI1Ti6g==

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forums.malwarebytes.com/	1970-01-20 20:23:20	Name: AWSALB Value: wouHRsNrUkPBmTbSwVYtuedNjBZU544RAYfdC/i4y7LSSoaaHm370U6FWj9LinHU7BTqY+u1GN4AOPws2ZIhNBJSb7IlZuPw6EGuwJD2nKyVR9beiHLzE6ddGoXY
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1714395252
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
forums.malwarebytes.com/	1970-01-20 20:14:41	Name: ips4_hasJS Value: true
.malwarebytes.com/	1970-01-21 04:58:51	Name: gaUserID Value: 136E113F-0971-4A8B-B71C-0A022E5C1772
.malwarebytes.com/	1970-01-21 05:49:15	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1714395252770-74592
.malwarebytes.com/	1970-01-20 22:22:51	Name: _gcl_au Value: 1.1.1085338033.1714395253
.malwarebytes.com/	1970-01-20 20:14:41	Name: _uetsid Value: 9407ec40062711efb9ac77ba9ac9d656
.malwarebytes.com/	1970-01-21 05:34:51	Name: _uetvid Value: 9407f270062711ef852fa7d989c2e4ef
.malwarebytes.com/	1970-01-21 05:49:15	Name: _ga Value: GA1.2.470789297.1714395253
.malwarebytes.com/	1970-01-20 20:14:41	Name: _gid Value: GA1.2.723098774.1714395253
.linkedin.com/	1970-01-20 22:22:51	Name: li_sugr Value: 1feb00e4-8117-49ed-8711-6ffff6ff41c4
.linkedin.com/	1970-01-21 04:58:51	Name: bcookie Value: "v=2&18a2cd7d-807a-47a4-885f-92ad1b4ad98a"
.linkedin.com/	1970-01-20 20:14:41	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3181:u=1:x=1:i=1714395252:t=1714481652:v=2:sig=AQH8a2WhtPNofCYd8IrrqQTer3BdOF9n"
.bing.com/	1970-01-21 05:34:51	Name: MUID Value: 381079B61B2F6F4B1ABE6DC61A446E77
.company-target.com/	1970-01-21 05:49:15	Name: tuuid Value: e32b2eaf-927b-456b-aebb-fcd3befaf526
.company-target.com/	1970-01-21 05:49:15	Name: tuuid_lu Value: 1714395252\|ix:0\|mctv:0\|rp:0
.t.co/	1970-01-21 05:49:15	Name: muc_ads Value: be882b12-63b2-43ea-ab61-fc50798c7669
.twitter.com/	1970-01-21 05:49:15	Name: personalization_id Value: "v1_YSv3Z90FuvaLQK7BZRr2Gg=="
.casalemedia.com/	1970-01-21 04:58:51	Name: CMID Value: Zi.YdFVbLZEAAB.zBAH3uAAA
.casalemedia.com/	1970-01-20 22:22:51	Name: CMPS Value: 5231
.casalemedia.com/	1970-01-20 22:22:51	Name: CMPRO Value: 5231
.malwarebytes.com/	1970-01-21 05:49:15	Name: _ga_K8KCHE3KSC Value: GS1.1.1714395252.1.0.1714395252.60.0.0
.linkedin.com/	1970-01-20 20:56:27	Name: UserMatchHistory Value: AQIIwV4-rod7qAAAAY8p64kIc0VMECpw5yeBoelcs1d2jG0cbTXWnVWZvrYYM1BNenqGtDm6cTk02w
.linkedin.com/	1970-01-20 20:56:27	Name: AnalyticsSyncHistory Value: AQJBWFmU-h4QrAAAAY8p64kI6Nfv7cXODGZdtRq7UCCYpBGfgRRVvl3KdmD0aATEWy8gZYvQATFrR05Z52wSmw
.www.linkedin.com/	1970-01-21 04:58:51	Name: bscookie Value: "v=1&20240429125413cc154c5d-a795-4e46-8d98-b3d08677103aAQGR4DRGRj0Cja6Jgbxb1N_EY9BOqEOq"
.linkedin.com/	1970-01-21 00:32:27	Name: li_gc Value: MTswOzE3MTQzOTUyNTM7MjswMjGyMpL0A+SuJnfd1v8a8F/rxhCBPc27u6zghB9wPg0viw==
.tremorhub.com/	1970-01-21 04:59:12	Name: tvid Value: 4057a264cac04a508aa89c04ae93a2e8
.tremorhub.com/	1970-01-21 05:49:15	Name: tv_UIDM Value: e32b2eaf-927b-456b-aebb-fcd3befaf526
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_checkjs Value: 338181ef16c473e3bf6ba9748e230978
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_timezone Value: 2
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5D

51 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://forums.malwarebytes.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
analytics.twitter.com
api.company-target.com
bat.bing.com
content.invisioncic.com
fonts.googleapis.com
fonts.gstatic.com
forums.malwarebytes.com
id.rlcdn.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.company-target.com
scripts.demandbase.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.upsellit.com
104.244.42.131
104.244.42.5
13.107.42.14
142.250.185.195
146.75.120.157
18.245.46.103
18.245.46.44
18.66.102.98
18.66.147.42
192.28.144.124
2001:4860:4802:34::36
2600:9000:2156:8e00:1d:8d6d:3b40:93a1
2600:9000:225e:6600:1e:ebe7:1480:93a1
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:148d
34.117.39.58
34.96.71.22
35.244.174.68
88.221.60.75
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
02a8c27fe9b82dcb04c0061373b64d0a90a20834a486c3942d339b015d97edae
074ee4b9c9e4104e15a718b281f20bf4cfeee76257ef5301dd4a0cf6d03b7e31
0adac79eeb001dfe7a4f034ccec64d24aed78d14ef830e142c5a66033fb3c73d
1099b3d49cec3d8e97ac307dd1db309dc9af5aa69c134db3cfd7d90eafb8df9c
110a9de468f488fea92f7008a350050c1b687e10809f4f6a6990bb1802670b65
14909eae504ef8da264a30f5ee085886a4eca73a78a2552fd78d6e94108addbe
1564a8927cd5134b15050acad127b3923c6b46cd4f2289512b8a4f352b963afd
1ca40f3bb4f6bf7fc1a82b2712e326b88afd2c66bed7fabcbdf0d40631700fc2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bfdaeb15e93857db647a5a3af0a72148b4b9a22fb290700b9b83a222e15e8c2
3001a3960df32de0715d410de98ec7a468c546e5c6ddf98b2bcaef28666e32af
37d8914a7b4d887e4bad945883b534160c014b8806492f775f085df6ce394206
38c93a1675e592e7ff8709d4932e7c235a6f809996431e2685443d763e06d6c1
3ac232e1159b6d9f263158dbc5b85594af1d341fd5f221654f929b741984e26f
47e168b0017fab44d029358161e05974a04ed1c1e7067730d3bc7bcb2e9e39a5
4c16d94a9b7692ac9cbcd53dcaf6ee84b7f42752fb8fe4974fe24023f664771a
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5008d5e9bd10eea3c48217fc3a797895a56aadb808b04dda8381dd35e6544f22
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5730ff1b4543267909aa205e35deb8b2203e7eb230143b068671868453a1c046
596a6ea502b65ce687b275910424914828ab23d79943756ea4acda513d2d8267
5a48c050993c56f2e508657e6c0669110ce1621ab59bdbf08c40e87aeff63a9c
5d9afe48e38658ee24b52cd488679afb67451fd930aa0173eca77436338f6818
63c6f5132a910d99d3dfb3583468dd53505b7ffd1f486a3fb521869e9a1319fc
64fe54474a0a550d67be83ea1096e1655ceca9fc359c10716f5a267b2135ab19
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
6e53518089ad9ea0906b7df8cbf6b0434f8d33e62e8be8cef079ce87d790977c
7af4749612af13ee2a84da2217d216a2b97acc83cb7166c4932c4df98a6256d5
7ee1c3288716972defe598729ab8f3f9131964ae925025ce82633ec9887c413d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8449bdfbd3fc11bf3de00bb75413eb19e165eb4bb7a4384cdc17e1ce0b1254c3
860ce2f811148fa0ba6a9908ddb3b15a4c0ddfdcd253f20ef60d4b3843ca4340
880f073e157d11a784c83533fd689699963f1206a592304bb3ab2ea86425af5d
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
91a21f6676ffbdcc18292a03ef7d95d195af3cdcf35d52831059a8906dbe315c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96969b6bf2b21f7b05822bd644b894e8ba7e05f5c553b442bd9c3f0e36a6cfb3
981740cc49e88fb417f41baf26a5d4b6135deb86b0caa67570f435f569268096
9acfaa323a82f2dc08ff9efd846a21c0b7df4e137c6dcfb3acb9a80b79bac3aa
a12a1a9b6bc08ddf4ba7527cda03faab69d3feb0fe57b99d7773ead29ed5da88
a146e0570d202a4e71c24394106409d1b37bce2248ecd1e18f24ae4416191833
a2a682e5c433d43d8d1a53958f8fd5b1fa501c1260856fad15cf97143f873e2b
a422773a794729cf98ce172eec6df5c82174cef1021174af4fd71dddb65d86a4
a4860b1679a8a0b5905d326334584cfcd16342c846f1ea18545890b4d1d225b7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9d33c675a45f0263ac186920780ef9593f2f0fc05ce203a1ed786be7afe5e2
b57925244778ba04e8072a21ae68ca8de251d26a16739e398ca3e895f0a231e2
b842bd5b2c27864b197d56fd3f39f854a21e3710a663a15145a7c24afc4023d5
c22f6a5e054bc066a101d2a9a2b07fa058435c4eb4be10b3ccc2a8a45e60c06e
d050ecaf5864a8667ebb0b243c182671887e207afa903d65fc2bb886b9e62446
d364833ce428251528510038014b5e34c5190602325d53f8b678060391272fc5
d4510b427a4910ac04ebaf7ae425dc47043b9559520709970f5985becead059a
d4ed3b52e9195afb8f4e5a02f95c16f9ee6d5f796093aab6ed7de1f29ccaf78b
dce0fe4f8e59fb1c9eb2183410e9f94f8898cb27b5de1a01b203cee1be6b894d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467a6473897a635a3943a6587988396c5628d3dfeacc1e88c941b19e18552f3
e57dca86233a79a1fe34867ded09880f62051f75c9e1a9da21332e685aafa539
ed669d880bfe36e13ffba538ba7323db5bfb4df31c5bccae8969684d401c18fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c356b5f4faa7b2414c815d215d5b5b2078b4801a79bbd9f1d189b34cbb9c71
f4da6cea5ac5ab333420ff44ce371b00a77ad5128c569a3565a8c427d9e712e9
f5d4c00cea7d26cd2f10e1885395216df960748bcae7026a030ffcd3c0fdb029
f6a71720c5526094905d7cc750d84e3a17154a848eb706c7b56b772b7dab9c04
f92e9df909baa2226721d8d8795ae1bfb3138cb71e3bc12da6a1a069c0bccb82
fdbc0f0ea6481ffd1b97c51632dc4020f4e1c1932ecab6b986dec509f056f2c2
fdd750a43aba5d0ca4ea2a760cda93a193d770edf1be61b686e4dfd8ab8afcf0

forums.malwarebytes.com Open in urlscan Pro 18.245.46.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

44 %IPv6

21 Domains

25 Subdomains

26 IPs

3 Countries

2410 kBTransfer

4707 kBSize

32 Cookies

66 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forums.malwarebytes.com Open in urlscan Pro
18.245.46.103 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

44 %
IPv6

21
Domains

25
Subdomains

26
IPs

3
Countries

2410 kB
Transfer

4707 kB
Size

32
Cookies

64 HTTP transactions
17 data transactions