malwarebytes.okta.com Open in urlscan Pro
13.248.168.94 Public Scan

Software

AmazonS3 /

Resource Hash

7bf9a051e4bf2079bcfe1d08dd3fe33f78c24113be904619eb58eb70866807a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: tXk4bjDOduN.J1o19xn5qvcPodL.q5sE
content-encoding: gzip
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 06:03:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 58330
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 31 Oct 2022 18:39:33 GMT
server: AmazonS3
etag: W/"d525acd89579a2005756b881d6dbe4e5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age: 300
vary: Accept-Encoding
x-amz-cf-id: 2NMOqwAchLUZZA5UE_5_em9SCfW1IDJFI_NF74mNX_We0N8xsh1WOg==

GET
H2 200 bb890a51f49b3be37b937e3f40174c7a8d836d36.svg
theme.zdassets.com/theme_assets/1306704/ 10 KB
4 KB 57ms
54ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/bb890a51f49b3be37b937e3f40174c7a8d836d36.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

764b5d33917641ef8822a59e8af31357805f49febd23256c46e12e4e1e0948a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: 4j6DAod1ijK1RZUzALNhGLTN4k0UTFY3
via: 1.1 64c57433dbc269a88f86e72ae54bfe36.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48690
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"f697a2777253c0d523681865a1edfbde"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlHtpnCpsdA%2FvaITcvhejYWYS4IGJk5AoQjLlv691BxtySlCswIUXXIOuPxiEYhIa1CIo%2Fq1F5sAFL4pUeneus5NpLbxUiyQHFb4zbSn6h%2BEWCVwjnzQJllSJUPG7UmsDKNm0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f85ef3913a-FRA
x-amz-cf-id: puEmBF1zfdYLqyphVsi1XG-XNSkk9JJCnkJheO5QiXgmsS10A9DSgg==

GET
H2 200 ca1fa00bb2777a5a37945e669d92986768ddc245.svg
theme.zdassets.com/theme_assets/1306704/ 267 B
856 B 54ms
51ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ca1fa00bb2777a5a37945e669d92986768ddc245.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7137b7d0fa94b8cc670a034c5b354a04c1ee0f100ffdfbcd1b9c679782922201

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: _sJRXmjRXeVSPh.fZqDop1RJMVdsQPMq
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"3761a145b319231174fff7c5665d69a3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL06oRx8aR22REiKUwDC9zI6wfr0RZ60P4ZD7bCfoXhPkWdRCVADGj5%2FCBtAN8fvnuBVNt%2B451VzGUZ9LjgkeYn5p4Vm8VfMxJ69laB5kGSHEGIj2Ffv3DnJwjTcM5Fh6%2Fuqvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b395f85eeb913a-FRA
x-amz-cf-id: oEmadA86tT34SHi9MUr6H5iMc5jp9r292Zpa_cEq1elZUt2X-pEVqA==

GET
H2 200 2d9b0f4dcdbe2b82e1a71a212a46dfeacadae199.js Show response
theme.zdassets.com/theme_assets/1306704/ 5 KB
2 KB 186ms
91ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/2d9b0f4dcdbe2b82e1a71a212a46dfeacadae199.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c2e45fe61df3692cd6887da910644a38eef8f21d159d14b9bf07b0f11263fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.malwarebytes.com/
Origin: https://support.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: _rcM8KTwy7pMHBsErwd2mOzBsKEIoU34
via: 1.1 acf9ad664f94bee3e3cf93077b65edea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: AMS54-C1
age: 66822
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 18:55:18 GMT
server: cloudflare
etag: W/"9bdbfbfdc72f25ce267a1f3ff6559041"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHxEit6qpebq5im6LTpg3AAjaF7bUCfUkYzP9%2FLfrvzl7QebW4q%2BGIBrtlzaWXtXHdDGimpxOx4KpcNjDi%2BVEjp2KSp9%2F5upjc6OZ5nnO5ofcHi73utiXktuuAeEjef8thL1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f8db6e9b86-FRA
x-amz-cf-id: 8-JKnGMOOovq0oWEjUT72xVXJxE2Hj4_zLbizcFg9FmFarZzkF6POw==

GET
H2 200 dfd1deb58d7d107b5884d0778f1fed8f8d961cc2.svg
theme.zdassets.com/theme_assets/1306704/ 10 KB
4 KB 55ms
52ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/dfd1deb58d7d107b5884d0778f1fed8f8d961cc2.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6abb09abc495eb06a7dbefdb055f2149a6d1c8d7123cc3d58c6f2d2aff74b98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: P.xA68_MuEKiAf54IH.o.C.5LCH8Vdzh
via: 1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48689
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"e556b851ec25b5c2b2e88c5deb26e405"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ounm5hyiGPdDxI90MgkkG%2FNGD6czYXtuFwQnJ4rt7SBI%2BAI7q%2BEXdxqTm8VRMrXE%2FadzfqGCZKcbBIozXkbz3msb6C%2Blhg3Cx1YmK3rmIxukymlaeMv0LocJllTUe6%2FVXGY2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f85eed913a-FRA
x-amz-cf-id: GQgLVqv0nC9K8UJCj2dFrYjYZtBbogkB92oVitmSjWaqA254sDgybA==

GET
H2 200 1dea628cf9c92bc1d9bfaab17d6f163bbf09c9e7.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1 KB 56ms
53ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/1dea628cf9c92bc1d9bfaab17d6f163bbf09c9e7.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b3a9bf6d6433900a722af0913e1a4869cbf5e069167ad283a36cf5d158664c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: _yytT7B1ey3GzCnZd8bEFlHd.3QdlQut
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: VIE50-P1
age: 16931
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"6808562e5d5bed94e93ab62ab8df2e88"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5QBfRd0bgZ2Ou0iPSBPVVagnClLGBoms8rhFc6yjtMiehQ7WDUDIdkH9zeV4nMzb5wEPAH20y%2BA8UWsbhaxrJsIrxF1L0jW4rM3F%2FE8SGvC2Cev5TR6iHpmQ%2FXVTNTqSl7a9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f85ef0913a-FRA
x-amz-cf-id: xqDljbxMRWFjvSH1-Tv7qZuhwoP9BX8AWWS_kLlKZr3HhGcXSAusGQ==

GET
H2 200 af3f18957a072c1e7c97f40a2a52cc98fbea1df0.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
1 KB 63ms
61ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/af3f18957a072c1e7c97f40a2a52cc98fbea1df0.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec9480818c7f7e71e780b52a6ba43077fa931c363f4efe5cd1ad30b743ccaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: DbGHfDSIiGmZVw7YCCVEWgEsIeQyMfqB
via: 1.1 6c080b1173adbaa14122fac10a76a7c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48690
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"4c37d656eb5fae0a18a6702d626e6767"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2O065e3JoVjjSFBt86qiqPDQc5I8fvgM25sEC%2BvesEwM%2BxG0%2BsKAJjXwTYGKFoQHoJM6Fn0OYFYwANyTyYs5VectMq8uCX0kysoSENzZ1WT5Ruc%2B0mzh5gdPHXaZFz1nhzRsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f85ef1913a-FRA
x-amz-cf-id: RmjGu0McbRXivw_va8uABavwcJ0LZv95T8nIp71UtxIW3jFA1NW3CA==

GET
H2 200 5c420d1cf5ee36d5003fc2324f5a79a09bb8a4e2.svg
theme.zdassets.com/theme_assets/1306704/ 373 B
876 B 66ms
66ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/5c420d1cf5ee36d5003fc2324f5a79a09bb8a4e2.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7c9f34ca735eb0217d7f4c75b9b6027b75e51ff0158cd5315949b4370233f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: lKRgwanTLBKQ6TeLKIqhfLkEyWzOazuG
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:30 GMT
server: cloudflare
etag: W/"d814cab8e4d98095cc20c445eecd9b73"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRB7yaKhbrTHAbQB4OEf%2FzFlEIxxMqGAS4Umh9siQJXSLpy%2FiC%2F9G9Tn31BfWI29OjYa5D3OXJsGME1ylRufBPLbGtBevRaPli1tn8jMFAzUqzvgZtcdJ9al7f0a6svF3P5Ikw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f89f71913a-FRA
x-amz-cf-id: aOEAOgd8kKAIu9YxJ2njQ2Dw38jQxN7LUKgi4zJ_dMNFARuL13-sjA==

GET
H2 200 ab2e6ffb69cfbb8168ccbf381046704eedd2e09e.svg
theme.zdassets.com/theme_assets/1306704/ 639 B
926 B 63ms
63ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ab2e6ffb69cfbb8168ccbf381046704eedd2e09e.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6ed4cf96f734075af4b9b7023f27d59daf90ed7b2bf2c1d4e96904161b7569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: BhZ7X8a4PoBc8Yg5dl5.AIPfPbYJuc.c
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48690
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"cdea8ccee43f9d09d1251a903669da8c"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ckWn7suRFqsyEBg%2FlaznKzFMbfbe0nG18nemBbtKVIhF6tv2T2T3xdUTE2W%2BzwlJ3un%2FXx3F1fkbtRbN%2BO3EWwIzUzSvmF7%2BvCgg0dgX1sn8JF7flXQi1t%2Fe7VB7iHgBR2qPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f89f72913a-FRA
x-amz-cf-id: ggMRsSss9EfPBBIaBeH_4hp18PXM9wGPfJVkp-EcscdpNurX9V1VYQ==

GET
H2 200 c9d35990920d51735cd96dfe3b3f071f438c40ee.svg
theme.zdassets.com/theme_assets/1306704/ 816 B
907 B 65ms
65ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/c9d35990920d51735cd96dfe3b3f071f438c40ee.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81a123d692f2d0b1503b11b396af915f5e842c6552552b619cf7fb6773a1aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: .fQiM.05jQkxX3KYyrFUEFFa.nAy6P_w
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"408ab5d8b9161afc3192d07e80d8bbe2"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y34EwgkqbgwKxF6yo8y%2Bu%2B4QGnxGhQfXGWqFrRZr7wotDW5dexvsHFdPJWSq%2FvdIYXIcpQTHstvaqB4rvdGjXJ8fk5v%2FMpV44K%2BzJ981tktZxWumMTTROUmP4hwNaCfb9a4kng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b395f89f6e913a-FRA
x-amz-cf-id: _L3d3wk5QdE_YyZW8temJVH_04QHYxSMJuYkL2ZmCqv0-3REzZ_l_A==

GET
H2 200 d63ff9ed68741d7fb9263cd750eb46cad4b1a8ba.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
1 KB 78ms
77ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/d63ff9ed68741d7fb9263cd750eb46cad4b1a8ba.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05145770dedfd2cab271c46d59ee781aa028140c23857b8770d9f5812d959f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: a_w2s76Ve3wwVP5z_3ghUw9YfIK2m2WJ
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"40fc37a25397adcb2b95d7782773e6f3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KYcTkiQZ%2F%2BvnYfQqVS3EKqKtRqu%2FhtfJDx%2FSsBgxrtbLBsisWvGF4wPUSRjdRbotWl4CvH%2FibBzGT8LfdmYulP%2FDOs9EEV88pJoFzaNmAuhCkfgR3UIJrfm0FntpjXPxT2b5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f89f6d913a-FRA
x-amz-cf-id: hIa2SNVLAGb8WS1SvtEsbMeu5iNIPJopuuDpNIWm5ZMk9o5nsWRIdg==

GET
H2 200 0ed8920761e1e49b7e9b73507a0c9273c0f642bc.svg
theme.zdassets.com/theme_assets/1306704/ 9 KB
4 KB 51ms
50ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/0ed8920761e1e49b7e9b73507a0c9273c0f642bc.svg

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb162d965fb72fd7af19a1c53dfad1dd773f06ba6816fcd3975a0eadfeff75b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: mx5sgOB03Ics1GZ1LqqYjpHYYdbleRGX
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"ab584db4b3ee841a5e75b1edf3aba651"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tanJwQZmbLEMVRetOoOgKaP5Fm6vBLWolRvDIjj99eKY%2FUTZ6sQ%2F7ToKa9Kdja2w5eX0udASVebeD57h%2BZDu18TALZA%2FZ8J5o92To9CACyTCjd10UW%2FjOvLXLUPzrULUBDCPlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f8e842913a-FRA
x-amz-cf-id: U21s-7syIuVR1A60TIZeJ1TLSeREtwuRplru0YpaqCVcnxiDd-r2gg==

GET
H2 200 en-us.1aa110d50fb14b022739.js Show response
static.zdassets.com/hc/assets/ 202 KB
36 KB 55ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.1aa110d50fb14b022739.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372074b34b354c7360be23a5684b8e9dcf89f810b24637e601473f01985da169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: BnXEgOIw.XDwPTs4asChxczkA2hA1WKR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FHEJXDPW8ESJHKA1
age: 115376
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OWlmtXlMylwTJ8rHPo7TywM9WOj3tZHWyU7p1qflb0/OejUJeZNXXXquCJxQG2b5iUzxypKTaDk=
last-modified: Tue, 08 Nov 2022 14:09:45 GMT
server: cloudflare
etag: W/"1aa110d50fb14b022739063fc27e8f94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tg%2BEhqSOmHwvdT2hYF1J3J0kUikKgE1QDvIKOrZgsVbMDggGDvgBd47x4jxt74heEwmXmjV8xQaynDfLShjfAoRCfW4mFN6BXUHtLUXmgiCxf3wT0%2FR1AcQghxRuYMWPd%2Fyob4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395f84fbe9975-FRA

GET
H2

200

host-without-iframe.js Show response
static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/
Redirect Chain

https://mwb.zendesk.com/auth/v2/host/without_iframe.js
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js

3 KB
2 KB

56ms
55ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159ad8459806fc6e00855f4dc62cc8ac58d5f8576e15d7bf5140a46559f7488a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-amz-version-id: Pp00bZly1xtaGmxxq_Hlrtwd.qkQOUAZ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JM2Z74S09FKNF89T
age: 6084
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nTVsVbppW4X4+aVcdaRPcv2VKwxPRisCuYT9ydPTx0A1j2o5qYHTtuUNGxuVgYKRI0Sk7+pdEE8=
last-modified: Mon, 31 Oct 2022 19:00:02 GMT
server: cloudflare
etag: W/"ecba7efa978de71c61c182c70b3f0189"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O74OFhKclTEtoWCJBmrDoMH4KmvZK%2BmiaXkJ%2FNsSLkp0aPSpX5XZlvCDsWEoQt3Oqs8Kitr00ED9FWXj1wRbtDhSbvonT06hfpoZdoz0X4dqi9raqpvdjTGIyTrZYRkXaASq4CY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 76b395f96a519975-FRA

Redirect headers

date: Wed, 16 Nov 2022 22:15:32 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25955
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-65cd588db4-95fqh
content-length: 165
x-xss-protection: 1; mode=block
x-request-id: 76b11c4d58d67160-FRA, 76b11c4d58d67160-FRA
x-runtime: 0.085746
server: cloudflare
x-zendesk-zorg: yes
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJdChtYp%2FEPBdj7yPHowRuzKgvO5LO%2FD9yHW0j15MGVsniDQlrfvOOuXOo6r4DQqHsUZQjqbYzl2eArPxHmR6LNb%2By8knxQky611W5rOK7bARaANJ%2B9fIlpV6kcqxFuBIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js
cache-control: max-age=86400, public
cf-ray: 76b395f8d97068f5-FRA

GET
H2 200 hc_enduser-13ca0793af61939deca4a0d051c3615f.js Show response
static.zdassets.com/hc/assets/ 557 KB
176 KB 76ms
73ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8e74b88209618b507ef84a510078aa73ca3303ab660de05b06fab9f788bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: 7IQu_NQAHx6DtjTlUJCLh0SrMeQ2Z2zk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7SRS6GZEXASWGZF7
age: 116638
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Sn4T8tVfiqs2CUkiA8bGLg4gtgfviUix/fDM1Dhmg2LIy8WkEnpZWSaOqJhXkVa7sPUgYkwRlCw=
last-modified: Tue, 15 Nov 2022 13:49:29 GMT
server: cloudflare
etag: W/"18a1d776c0ed25babbb96eb8e7b40063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBYQh%2BTWmlNZG3A2Xb2w0lAvZfinD%2BWhpVh3JwoEg7ifVyPO5Ibn%2F%2B2Oq%2FdQgqTnTNhWD2cz3VRvxRbiGn0JNikteM1KEHUcTFOU3sZhfP9T72N4ODJsuzOdTOMUXoFHV0Pe880%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395f85fee9975-FRA

GET
H2 200 script.js Show response
p19.zdassets.com/hc/theming_assets/1306704/3186088/ 70 KB
14 KB 59ms
56ms Script
text/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p19.zdassets.com/hc/theming_assets/1306704/3186088/script.js?digest=10759195594515

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fb8eecaa0cd8aa1d4a1c580bfbf08d5f51322b004b2a99ac17dd6e8f5b84afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66371
x-zendesk-origin-server: help-center-unicorn-7778ddff55-5wml8
protocol: HTTP/1.1 always
x-request-id: 760d6b2ff95bf762-ISU
x-ua-compatible: IE=edge
x-runtime: 0.018068
server: cloudflare
etag: W/"7fb8eecaa0cd8aa1d4a1c580bfbf08d5"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow7txBXboD6UU6zM9mRLWVzV3xCnD9%2B5tESRi9LqJzrsy%2BCuAWsjfl%2FNtp5198pxiazKed61GzGNHzu5fgaLTQk%2Bwq%2FYjVGcSJwDJt0eFxYlHv7w1rCPTajtKiyizl6BJvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: p19.zdassets.com
cf-ray: 76b395f85eea913a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
103 KB 130ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dae75b90f4d95e58e4a4f09db5845e545b026c95c10000ebde64a722ec69abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104684
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 21:00:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 22:15:31 GMT

GET
H2 200 embed-manifest.json Show response
static.ada.support/ 136 B
727 B 117ms
40ms Fetch
application/json 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed-manifest.json

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e5ef94ab2dae231cf5c076628a48715104c19bed2ec701006fc7bfad3ea6692

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FAg02I09tegSHWBAo5dwnC5P_Z2s1r_s
date: Wed, 16 Nov 2022 20:50:17 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 5115
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 136
last-modified: Tue, 08 Nov 2022 20:50:04 GMT
server: AmazonS3
etag: "6bed121369bf0d590cbd5754e949d833"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: sElzTtgucYVIQIq17EkYqVuuTT-3qyJb8Ji3cwDaU2F25mYwCbHoRg==

GET
H2 200 f50cbbe785978027bc26e8a1842b4e5ef001269e.svg
theme.zdassets.com/theme_assets/1306704/ 381 B
685 B 73ms
73ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/f50cbbe785978027bc26e8a1842b4e5ef001269e.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/3186088/style.css?digest=10759195594515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06e8fc7b9022f7dd0e98ae732df351282e18a35581605a22ce1602f8e4cd84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: wSkq9KyygAvBovwT9aRKiT2kUPAj64rl
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44934
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:30 GMT
server: cloudflare
etag: W/"f50732226434dbcf99be7c9431af9e3a"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yI4FxtaeMYEefojUh3Vw8ePqRAXLIj6LkdINXCSPuRp%2BHueuX0QSRc1BlO57zCes36mpLdpFo5Kmbp2tTszchLHtvLUH8BnwFqdKWeyfJF2%2Bm3XSOeg4voFG2pjowAE27k4V4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b395f89f6c913a-FRA
x-amz-cf-id: Mt8ug3v19_WH0d0FcaNvX0nhsJGqOvC0-2BKBDiBdgOcItKmoAjL8A==

GET
H2 200 641b95867ceac946733395b533d9ce0e02c1f131.otf
theme.zdassets.com/theme_assets/1306704/ 131 KB
132 KB 127ms
53ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/641b95867ceac946733395b533d9ce0e02c1f131.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/3186088/style.css?digest=10759195594515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://support.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: drU3pc9DX9snuyRiNhWUwuX5JUYVKHG2
via: 1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: AMS54-C1
age: 66822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 133776
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "8a604ed5e935d80f28a6434813ca6ac3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzTIYzk3E%2FFeObjtRYAV%2Bipn0o%2B1eQOpEXcm%2BBbSHy%2Fr5sIBV8u1DnHUVDvhVKEp6t9iTU6qWcHwb%2BYzDvelaPk7zgDm085tL5LDESwaFfpiJ1NxrxCSmMNSBrAWmMIQf%2FQ18Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 76b395f8db699b86-FRA
x-amz-cf-id: dCYQqzJHGEgNQc739yDvGMXWRkHC7RwVcK1qAMFqmnVa9VaQcWF-5w==

GET
H2 200 27e4354c63c53eb441e6cd0946194d986b617c1e.otf
theme.zdassets.com/theme_assets/1306704/ 123 KB
123 KB 164ms
91ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/27e4354c63c53eb441e6cd0946194d986b617c1e.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/3186088/style.css?digest=10759195594515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://support.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: Ua6fL2hUVA6zvPlshxEN1GWsYfP2INKL
via: 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: AMS54-C1
age: 66822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 125772
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "e2a1876e68b3885d03062214bc6016e9"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU6RwzTbSk%2BXqM2XOyz7LtIUcSbU2iZLqMbPPoZK16qTJxqVmrFhN5yoP5TXm8MzYnhLq9Jnz2VZ%2BmIPrXWxicV1%2FhyAstD50mW9Zu7Vy1xK2znPhZby4qARKGhHEcafxOnxcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 76b395f8db6a9b86-FRA
x-amz-cf-id: ESs0toioJcdATLnxp6eFCa4f_Mj5Olc4TCR9n4h1xw6RZysFsE5jUw==

GET
H2 200 1d0e0a6bb4f76a9f55fd18f607e24fca4a2b569a.otf
theme.zdassets.com/theme_assets/1306704/ 129 KB
130 KB 151ms
92ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/1d0e0a6bb4f76a9f55fd18f607e24fca4a2b569a.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/3186088/style.css?digest=10759195594515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://support.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:31 GMT
x-amz-version-id: x2IuTWW4700zDVCYCIbi8tIm5xQz35nj
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: AMS54-C1
age: 66822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 132168
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "4a127c955329def8ac32316e4c6b55a5"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91F3%2B9kh2ZEoz9eDJ8Wp0T2zGMAhMxm%2BD4IF5x7bWxwWawKd%2FTpkuirgEaeSwp4y6EYeIU6vyfkNEY82uLhCXtdr4x6%2BuVmy%2Bi9C2QEVc%2FJN229ClH7n0VZdA1DhPtaoIZArqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 76b395f8db6d9b86-FRA
x-amz-cf-id: NJXk2K94ImlEX3PPiJJNSwKN_QoKIojEIhW0k4THPvQ_rcxJjToxnA==

GET
H2 200 embed2.5459dcd.js Show response
static.ada.support/ 212 KB
64 KB 45ms
44ms Script
application/javascript 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed2.5459dcd.js

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebe0d9bf7ac96db88d6ad62c5492f6a0a682b1ddbe8b6e4f25d6752c301416ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ofZA_ZRfWTCrr6RdW4dFtEoJvyAIZ.7T
content-encoding: gzip
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 08:16:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 50337
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
etag: W/"9f11810bb4c901aea431acfabc800437"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: 172800
vary: Accept-Encoding
x-amz-cf-id: laqdpbLCzx74JqMbzqjARD_5tRSYfFaaoFi9WG6VkTcEHleEi_G8Bw==

GET
H2 200 js
www.googletagmanager.com/gtag/ 235 KB
78 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Nov 2022 22:15:32 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 103 KB
28 KB 126ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H/jfuKmhAuAF2u8kb4OOxKQn7tqP7scUBATCjM1LBDzhJymZe/Q9ToGaUmuv5KQeuT483fTlA2Uu3/LdaoUd7w==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 21:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3578
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 23:15:54 GMT

GET
H2 200 web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 168ms
68ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25539658
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT83NDPQFX8B0WQTE0BKN3C5
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76b395fa8d329bbe-FRA

GET
H2 200 react-56493a1793e64505e8e4058de58a1cef.js
static.zdassets.com/hc/assets/ 135 KB
43 KB 61ms
60ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/react-56493a1793e64505e8e4058de58a1cef.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-amz-version-id: XJZIUpZcPvLSeMXjb7myDJm7ihoZt0VA
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MS21XYY6Q6YNYWHS
age: 45112
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: rTBNG8nxq2ZOx0SMFLs/LV6j3J1VD9RLf25LXUn7EgSlfMpT6NU+hHfMk52N4t0Ke9J2Uoo84UE=
last-modified: Wed, 31 Aug 2022 09:40:22 GMT
server: cloudflare
etag: W/"ef0668e9329c77e1544e80d861258de8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6vnV5pRzzuM8H3idV5FFMv7V0Zt9Yt6jwdKFHl5EAdw1afKTkPTI9wPuDC1zr9BTnEv9QsCOyKEaHSNUVGib20WND3uR%2B%2Ft4W0%2FF1E97sdqzqzzTI8g%2Fl6YQmgZv%2FrcjsbHeW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395fa3c2a9975-FRA

GET
H2 200 Notifications-c3ead3acc6739af34739b80cf1366af1.js
static.zdassets.com/hc/assets/ 7 KB
3 KB 57ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/Notifications-c3ead3acc6739af34739b80cf1366af1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-amz-version-id: ZOSFPmAymyBoAfqhqzElrvQqsjMVvI0K
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 6MNRBRAW31ERVYZK
age: 16186
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bpE8N9Ep1TCeyDm8K7GgRUwx3xHEqGFSNa/v0YXOYZvDcbe7IuTuXwMQrXIEERGLMhTEoytyH9s=
last-modified: Wed, 02 Nov 2022 13:40:35 GMT
server: cloudflare
etag: W/"f236403223cbdfa3292dec411b19d4d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDk7M5iqzHFW5iqYeTvcEgdmvC2ve64eWHJa7Ke8XL%2FKB2Kzfk0mFzsesJbf8V%2BAGu%2FJLV3SDk6ziW3d4WNw8ARX78Tl%2B7MttRmMMyLiOFoGw6Mits%2B001eAPfrNjqa5kxRnKH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395fa3c2e9975-FRA

GET
H2 200 71320-790a469460dfe0b7ff45386112c363a5.js
static.zdassets.com/hc/assets/ 24 KB
9 KB 63ms
62ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/71320-790a469460dfe0b7ff45386112c363a5.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-amz-version-id: 0HSXuadzXujtZsPg5GlETTfQ2qTNrR1e
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: G5SYWA0WV75G48P6
age: 45107
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: spwmCO87g5fbXbMLZryHxSOyDWuQ9WBzqKHAbyKBaVcB2Xsb8Amnswkqmd8tk6cTYVib5JqohJw=
last-modified: Wed, 31 Aug 2022 09:40:04 GMT
server: cloudflare
etag: W/"b90b9cc5cd34a981d7c011e5472f41be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1NmLQX9rHyvR2kCHxu%2F%2Fbvn6OE5HUCNjFM2JKYa5LRL%2BACHvzCQ4cNgFeL2YwmpEcdsPByscDGSLl7ugP%2Bld7RVRYVZmJSanLbXY3ZgR%2BTuV%2BLZca6JDvWjdRhFaFxu%2BJzYeFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395fa3c3b9975-FRA

GET
H2 200 subscribe-8fcbb35799e52775feeb18c8224da99c.js
static.zdassets.com/hc/assets/ 13 KB
4 KB 69ms
69ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/subscribe-8fcbb35799e52775feeb18c8224da99c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-amz-version-id: Y4rTfvkVWMhixmu_5_sdNttM_KTy2QDq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: G5SS827D69EWMH4N
age: 45107
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: JfHtxGF8+G4b8UakaPjF15f3Ib96fLrrsaKJ5gmnspeaEVgGaK3KBTBXPL4b68yLrdUJG76hzTU=
last-modified: Wed, 31 Aug 2022 09:40:23 GMT
server: cloudflare
etag: W/"bbadc43554abbd834220e80bf361b21a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGpsNNZlYcO%2BAwxwP%2Fp6htsBzEq%2BLL0tUevRkmctVOWORb7F8q9To%2Ba9HGfUvwCeNVbgs%2B25VFNx3uee0V%2FhDMyFc30PLqLVm8rXTD3lSiJOF0Fr0cBfOXkCSi7YmoAgzrMbh8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b395fa3c3c9975-FRA

GET
BLOB 200
OK e9cde564-e01e-404c-8868-2db57e5ee0cc
https://support.malwarebytes.com/ 819 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://support.malwarebytes.com/e9cde564-e01e-404c-8868-2db57e5ee0cc
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 819

GET
H2 200 client.json
rollout.ada.support/mwb-b2c/ 9 KB
10 KB 121ms
45ms XHR
application/json 18.64.103.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollout.ada.support/mwb-b2c/client.json?ada_request_origin=embed
Requested by: Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-23.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:05 GMT
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P3
age: 28
x-cache: Hit from cloudfront
content-length: 9570
last-modified: Thu, 10 Nov 2022 20:14:36 GMT
server: AmazonS3
etag: "ee6506d93f7eb781958a1823e9927a6f"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 2epMJH05x2A8_DNC_zeF5jKWq2DDlC1iNmjKzps3LwkuAo5J8590Ww==

GET
H2 200 chat-manifest.json
static.ada.support/ 136 B
682 B 39ms
39ms Fetch
application/json 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/chat-manifest.json

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-72.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:05:37 GMT
x-amz-version-id: cOx59X3.jVj2lGaWk3kR_w4n63_Wrd1t
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 25795
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 136
last-modified: Wed, 16 Nov 2022 15:05:27 GMT
server: AmazonS3
etag: "46a9546ba8229c3ee70adcc15e2d052f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: Y-WqiVb8Kagm1677Xfeuec7FtRFV2NUn_H-0KzD6NCKZueFaeDVVZA==

GET
H2

200

signin Show response
service.malwarebytes.com/hc/en-us/
Redirect Chain

https://service.malwarebytes.com/hc/articles/4413817228947
https://service.malwarebytes.com/hc/en-us/articles/4413817228947
https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

30 KB
9 KB

545ms
544ms

Document
text/html

104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/3186088/script.js?digest=10759195594515

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87519c0effcf01852453f114d76aba4d265feb408da98da74a8382115173080b

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, public
cf-cache-status: MISS
cf-ray: 76b396002ec691ea-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 22:15:33 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol: HTTP/1.1 always
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJDPmZT5njHsWR%2BYrxZYUldwuAzFS%2BtG8r3cswIOOhUHypCyC4nnJrwVzSjc0HPRUBFhardaV%2BUCP6ulLj5fWbCFjNhB0nkbX0QU1UPrb4Sya5CPZC%2FeaLsjm4QWggSLvPfUouXghIVXOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=259200;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-request-id: 76b3960046b491ea-FRA
x-runtime: 0.153692
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-7655cd9c46-dswtk
x-zendesk-processed-host-header: service.malwarebytes.com

Redirect headers

cache-control: no-cache
cf-cache-status: BYPASS
cf-ray: 76b395fdd9ff91ea-FRA
content-language: en-us
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 22:15:32 GMT
location: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol: HTTP/1.1 always
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLBleYFdCgtdceHlRh3%2BRE7lEduZZiHHlKab578mAUBolEVQLT8xOrWFHCXQMm4Nkg6Vgcf3R45tikadkMRseSOCMnCdFy%2B3FCLibNzui428I1uQ3I1Y9fhyMx%2Fz%2FwnI%2BcjZNAJwYv9jEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=259200;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-request-id: 76b395fe058a91ea-FRA
x-runtime: 0.077596
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-7655cd9c46-r86nk
x-zendesk-processed-host-header: service.malwarebytes.com

GET
H2 200 invisible.js
support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 68B2 32 KB
14 KB 47ms
47ms Script
application/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668628800
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Qt4rT9X2nSu1Qz4si3Pj2%2BKLJfbbggrzJXJujDloIi7CdGTy9T4jx3FJRPzKsx83%2FKCus1HPJ0fot0gLCRzpEZ4TYD5fSw3wVcCWzYMXEug8C662lDXUymrJgGffWKr6%2BT%2FjG6nNbql2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b395fa8bbd91ea-FRA

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 201ms
40ms Script
application/x-javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18375
accept-ranges: bytes
content-length: 4530

GET
H2 200 bat.js
bat.bing.com/ 38 KB
12 KB 148ms
61ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 16 Nov 2022 22:15:32 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4BBEE08F1004D6D8434794CA59A2422 Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:32Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 HWyTnY16.min.js
scripts.demandbase.com/ 69 KB
19 KB 143ms
44ms Script
application/javascript 108.138.17.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xMOnxq8MHObsxxdameA97QkGWNgri97l
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 21:41:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2037
x-cache: Hit from cloudfront
last-modified: Wed, 09 Nov 2022 16:45:54 GMT
server: AmazonS3
etag: W/"d221078e84eaa425e7dbaa59bd89a594"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: uOVBDjq7bCtM-d6aujy462Kxtp6enbO_3Rn_CHwy0bE1iM8XdJWomQ==

GET
H2 200 demandbase-forms.js
www.malwarebytes.com/js/ 3 KB
1 KB 222ms
41ms Script
application/javascript 2600:9000:2315:f800:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:f800:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:04:46 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P2
age: 645
x-powered-by: ASP.NET
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"83427fbdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: PV9U7sl52tBCeQbnt1GbWFo4deBEaOK1ReBGkMAECeCDpW7s5Jy8_w==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
353 B 128ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=2oeb90&_p=502832696&_gaz=1&cid=1547150611.1668636932&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&sid=1668636932&sct=1&seg=0&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Consumer
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 22:15:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
353 B 144ms
47ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=1547150611.1668636932&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 22:15:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 134ms
49ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=1547150611.1668636932&gtm=2oeb90&aip=1&z=1221324306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 22:15:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js
static.ads-twitter.com/ 56 KB
15 KB 264ms
37ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230128-FRA

GET
H3 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
884 B 114ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 21:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Nov 2022 22:36:58 GMT

GET
H3 200 identity.js
connect.facebook.net/signals/plugins/ 64 KB
20 KB 80ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: D3MUZBK54i69T7Y748YROxuXlF1a4Yt1l0wrFoLwiGqH6utL7gkGQeBgydk3GcSPXW5KG9hBGZvOc8CU/Z/ajQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1480959392203028
connect.facebook.net/signals/config/ 294 KB
85 KB 80ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86789
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tpRzsma24QS1dvuH1zm6M+mZo2hpgtkub/5Z8wN+2SNt/B6NHB05NcM1YTsJ0tvhhHuxFujtY2Ig8wsUhVexXw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pica.js
support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 68B2 17 KB
8 KB 59ms
59ms Other
application/javascript 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaKyic7n1N5VbM5DBax5KJYoGQUevJMp1%2B7My%2BAjSEa5CjQ4QZAspbq6nuf8KKrtjSNi00lANECDcienOdnvLCRhfeTDu60Htwh%2FBiA2uOwowTerYIVyZefiNqMG342CLigwu9mnIg5ccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b395fb2ce691ea-FRA

GET
H2 200 index.html
mwb-b2c.ada.support/embed/x-storage/5459dcd/ Frame DFDC 237 B
745 B 136ms
38ms Document
text/html 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://support.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74871
cache-control: 172800
content-length: 237
content-type: text/html
date: Wed, 16 Nov 2022 01:27:49 GMT
etag: "93f912ceabb0586748b7b0061a4f94fa"
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-id: AzKNMN9YJTUC8UG64BLYHCeua15QsiL3m5gcxXeB8VSaO3SnFa-c-g==
x-amz-cf-pop: FRA60-P4
x-amz-replication-status: REPLICA
x-amz-server-side-encryption: AES256
x-amz-version-id: EoV.QGkyqORMxkzdXfpYuw0gvoenlYnu
x-cache: Hit from cloudfront

GET
H2 200 index.html
mwb-b2c.ada.support/embed/button/5459dcd/ Frame 2DB2 5 KB
2 KB 132ms
39ms Document
text/html 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/button/5459dcd/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://support.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74463
cache-control: 172800
content-encoding: gzip
content-type: text/html
date: Wed, 16 Nov 2022 01:35:01 GMT
etag: W/"1bc978ca8d09449bd533ced91e6880dc"
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-id: T-UibTo5z4L7Jerf-0cojcWIwvHKWx_Tg827V01foJPaWIRNRaFRyg==
x-amz-cf-pop: FRA60-P4
x-amz-replication-status: REPLICA
x-amz-server-side-encryption: AES256
x-amz-version-id: .rHbBkhwXp.nlkDDGgPQ7WZPbxQ6jBVI
x-cache: Hit from cloudfront

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 144ms
47ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json
api.company-target.com/api/v2/ 447 B
940 B 165ms
76ms XHR
application/json 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&page_title=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://support.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
request-id: 62c089f8-4fae-40ad-971d-a3dcc8a7c635
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://support.malwarebytes.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UHPaYMRAuPRvowPqNHgSEFK4q29_AF376hFq8KYb1-akypbQeTxELg==
expires: Tue, 15 Nov 2022 22:15:32 GMT

GET
H2 204 4072696.js
bat.bing.com/p/action/ 0
120 B 157ms
156ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 16 Nov 2022 22:15:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDF0C89B931D4F49AFD413F86C913FFB Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 65ms
64ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=7b2e6dc1-6b3a-4a13-9b20-09d078d31f51&sid=2fa70d8065fc11ed92927f5257dc2dfe&vid=2fa7386065fc11edb220dd9a61593572&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&p=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&r=&lt=1132&evt=pageLoad&sv=1&rn=980795

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 16 Nov 2022 22:15:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC4AF9481F9845A28291B4883B47F1A1 Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
stats.g.doubleclick.net/j/ 4 B
25 B 143ms
47ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3347303-10&cid=1547150611.1668636932&jid=2138578845&uid=5B1E7C49-E482-4964-90C1-A860965DF049&gjid=246307097&_gid=343805751.1668636932&_u=aCDAgEAjAAAAAEAAI~&z=1374945344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Nov 2022 22:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAAAAI~&jid=2138578845&gjid=246307097&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=217715023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
38ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=25%20percent&_u=aCDAgEAjAAAAAEAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=921713176

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=50%20percent&_u=aCDAgEAjAAAAAEAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=135706638

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
39ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=75%20percent&_u=aCDAgEAjAAAAAEAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=1344615789

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
40ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=95%20percent&_u=aCDAgEAjAAAAAEAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=813090897

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/2594100/domain/support.malwarebytes.com/ Frame 0
0 125ms
38ms Preflight 13.224.189.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/support.malwarebytes.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-46.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://support.malwarebytes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 75771
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 16 Nov 2022 01:12:41 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-id: XSvX7gDOMLM9zMZRjoX2J7cVsvKAFHg-owc-Yp2tjJMXipEbMi1eLw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront

GET
H2 200 token
cdn.linkedin.oribi.io/partner/2594100/domain/support.malwarebytes.com/ 36 B
374 B 45ms
45ms XHR
application/json 13.224.189.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/support.malwarebytes.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-46.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://support.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 22:02:24 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 788
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: JhKZ0YfVOl4HfQcYfOxv4CUth61jGlyRFDn1nVdQHHvnIoXrFAasQQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636932474&url=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1668636932474%26url%3Dhttps%253A%252F%252Fsupport.malwarebytes.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636932474&url=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636932474&url=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&liSync=true&e_ipv6=AQLBlJYb6rOB1gAAA...

0
265 B

277ms
140ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636932474&url=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&liSync=true&e_ipv6=AQLBlJYb6rOB1gAAAYSCgvs5_5zoRvxZxBmv4HOBj79LQpKegKSVyZ_FrD1AMkOLzhnnZRU
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2838B47887E44D9C958A21307CA5D48F Ref B: FRAEDGE1810 Ref C: 2022-11-16T22:15:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtnc+phWJk12DpwOaLLA==

Redirect headers

date: Wed, 16 Nov 2022 22:15:32 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 09281B5050F9434F9E1BCE7A9E5E9F3F Ref B: FRAEDGE2020 Ref C: 2022-11-16T22:15:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636932474&url=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&liSync=true&e_ipv6=AQLBlJYb6rOB1gAAAYSCgvs5_5zoRvxZxBmv4HOBj79LQpKegKSVyZ_FrD1AMkOLzhnnZRU
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtnc+lMxaVGhuldpHbFg==

POST
H2 200 76b395f4e8c291ea
support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 68B2 2 B
624 B 114ms
114ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/cv/result/76b395f4e8c291ea
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668628800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 22:15:32 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76b395fd58ef91ea-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDV555H1CXG2uBi5pxrPDigIeqJeeIWSrovidvg6Ox7f244bOEJwPl1PV0gzTfPHA0YphXkE7HnMc0LAEWv0Gb0v%2FtWTqWfen7qNtaTM6j50ju8kYMjUy2zmePddZUTtZzfHh8pPOwkTRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 sentry.b6985341d53aea5af72f.js
mwb-b2c.ada.support/embed/x-storage/5459dcd/ Frame DFDC 83 KB
25 KB 44ms
44ms Script
application/javascript 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/x-storage/5459dcd/sentry.b6985341d53aea5af72f.js

Requested by

Host: mwb-b2c.ada.support
URL: https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: p.fVkIXVnSuQE4fZsi95jMXNfALhHVZb
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 04:07:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 65292
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
etag: W/"aa693fab6d2dbff1fc92249379687a31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: vTCikUxA6CMNpp_SfbelUyCfp0ibt2C2jSpDFH4-em6KPH_vCzDs_Q==

GET
H2 200 index.js
mwb-b2c.ada.support/embed/x-storage/5459dcd/ Frame DFDC 55 KB
20 KB 53ms
53ms Script
application/javascript 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.js

Requested by

Host: mwb-b2c.ada.support
URL: https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2c.ada.support/embed/x-storage/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FSLWv4KJMUz4UCI4CJFMOs_QnksvPaJO
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 01:53:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 73316
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
etag: W/"fac77968dd96edfcd8a9d9fa518f153a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: hVz3cWvdKPIHAO9K3Ia4YhjTbCu1075uRP1StNsvWq4qt-4ComBAcg==

GET
H2 200 sentry.b6985341d53aea5af72f.js
mwb-b2c.ada.support/embed/button/5459dcd/ Frame 2DB2 83 KB
25 KB 77ms
77ms Script
application/javascript 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/button/5459dcd/sentry.b6985341d53aea5af72f.js

Requested by

Host: mwb-b2c.ada.support
URL: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: NV1GHq6ffMdZ0QeFiYmpj.hY8hrPq1Z_
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 06:01:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 58469
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
etag: W/"aa693fab6d2dbff1fc92249379687a31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: mbaEqjl7Ciz5oshhnTAXqUaIG2qxn0PETD1hxTjk_fmgWM3iat2PzA==

GET
H2 200 preact.8ab2422822c47580185f.js
mwb-b2c.ada.support/embed/button/5459dcd/ Frame 2DB2 9 KB
4 KB 82ms
82ms Script
application/javascript 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/button/5459dcd/preact.8ab2422822c47580185f.js

Requested by

Host: mwb-b2c.ada.support
URL: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: gbdan91b7C1W1Uc8PJswF97tXWuAn9L4
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 02:27:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 71297
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
etag: W/"51cc097b6d58a11a6aa758e72ee39e0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: 5H3-aJwbTbOEpEtbhoEPEkyM00BfYfwPFSkGu8YisYQHtiY-X6m-3Q==

GET
H2 200 index.js
mwb-b2c.ada.support/embed/button/5459dcd/ Frame 2DB2 71 KB
26 KB 80ms
80ms Script
application/javascript 18.66.147.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2c.ada.support/embed/button/5459dcd/index.js

Requested by

Host: mwb-b2c.ada.support
URL: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2c.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 48dEtXNP_SolLqAUEu8Hwegf7MlDK4Pk
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 01:33:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 74551
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
etag: W/"148fc8ddc48aebb008a78ed52864ac5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: WmmKMU1b8dqk1i5PxQQAxIvbKBA5JgozovpTx9EoBdnAJZumqU1Nrw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=502832696&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAgEAjAAAAAEAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=5B1E7C49-E482-4964-90C1-A860965DF049&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=713338300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 132ms
47ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=1547150611.1668636932&jid=2138578845&_u=aCDAgEAjAAAAAEAAI~&z=1250222123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 22:15:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 127ms
48ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=1547150611.1668636932&jid=2138578845&_u=aCDAgEAjAAAAAEAAI~&z=1250222123

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 22:15:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 117ms
39ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&rl=&if=false&ts=1668636932701&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1668636932701.1058818485&it=1668636932326&coo=false&tm=1&exp=b2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 16 Nov 2022 22:15:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/i/ 43 B
375 B 227ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ff9cfc17-2c8c-4e05-b821-81c7f1155f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aa7cbb61-f401-4787-8441-d71f156626f3&tw_document_href=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 16 Nov 2022 22:15:31 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4ecad43d1be5f4ec
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 175a216bae3d343c16330409c20d6ce119c40ec5b56812725ca4019e4eda01ac
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 232ms
145ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ff9cfc17-2c8c-4e05-b821-81c7f1155f48&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=aa7cbb61-f401-4787-8441-d71f156626f3&tw_document_href=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 16 Nov 2022 22:15:32 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 120f7224bc7323fc
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 41ba4ff00a7f27deb2b6be090f6866c64f719a06ba2f61e34953f970aa18a355
content-length: 43

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 77ms
37ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fsupport.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F360038524714&rl=&if=false&ts=1668636933203&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20%E2%80%93%20Malwarebytes%20Support%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fimages%2Fsc%2Fgeneric.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22680%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1668636932701.1058818485&it=1668636932326&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 16 Nov 2022 22:15:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET collect
www.google-analytics.com/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET collect
www.google-analytics.com/ 0
0

GET
H2 200 application-1a1175db35230dfa282e711364a74c60.css
static.zdassets.com/hc/assets/ 47 KB
8 KB 54ms
53ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-1a1175db35230dfa282e711364a74c60.css

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf637b7823c9a484872231e61705b0b5f2610bde3d88b2bb7a9e602761516855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: bL2LWgMaoBLZUSQ8q4UNTV3qIFoccLs4
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DRHK9B6D297Z5R01
age: 143293
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9F7TQ/+qZpl3Xw9c970u0oco545gqgIijXSQIlw2IBSQwbHKZwyNLZz7z1rYS/KxgZcMyB+96hs=
last-modified: Tue, 13 Sep 2022 05:52:40 GMT
server: cloudflare
etag: W/"9cd4c45ddf4ed0a23f0cec50ae1389ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3qbGess9v5QzoCVJPX3Y9DceuUvSq4HAkfTqnA0KrtOItD8tZjEA1EdSOobsEK94Utl7eBYVzTCUOBrrf2GlKHJsCpY985NHih3wdq7lqBQl%2BST8YciICtsq04NXRATT7AnAYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 76b39603b8b89975-FRA

GET
H2 200 style.css
p19.zdassets.com/hc/theming_assets/1306704/360003472574/ 132 KB
24 KB 61ms
60ms Stylesheet
text/css 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9afc1b6441e0a26515086b4edbf3a13b4264535df950baccc8e42c75ad6f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49113
x-zendesk-origin-server: help-center-unicorn-75bbf5d59f-x8z25
protocol: HTTP/1.1 always
x-request-id: 76134c9f8dc290e6-IAD
x-ua-compatible: IE=edge
x-runtime: 0.017514
server: cloudflare
etag: W/"ed9afc1b6441e0a26515086b4edbf3a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81ED08fusUXYhV%2BzxYzgZJ7kstCnsNTUv1AcAvZav7mBAxOYtrzS12t7eCYX%2F5ll6YfodwVljSI0UIhBBVCMA%2FQPdKeWVIc8ZDjh6ubyTIjQFjeXb56njRAs4eLerC6doRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: p19.zdassets.com
cf-ray: 76b39603befc913a-FRA

GET
H3 200 vuex@3.5.1 Show response
cdn.jsdelivr.net/combine/npm/vue@2.6.12/dist/vue.min.js,npm/ 104 KB
39 KB 95ms
54ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/vue@2.6.12/dist/vue.min.js,npm/vuex@3.5.1

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac409a4795de04e25cfd4f2a6e35c6ecf11fb5a7287b21f5d26c15b4c8eb770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20781728
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA, cache-hhn4025-HHN
server: cloudflare
etag: W/"1a00e-AvzLVWAa3BHLo/+Ple3lKRZmfcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRYVPGnwnCFsTX8QPr%2B%2FA9N%2F21fIgW0oFY644I3S%2FHzmsDceKhY1p0u4ZE49lk82LmSVizWk5l9EI10IQkQMmaLgbQkN6rLMR6Er9DqNp3cYXx18x%2BdrICyjqoSD1VomxUG6ju4fe37IaTAFJ0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76b39603f8995b86-FRA

GET
H2 200 embed2.js Show response
static.ada.support/ 17 KB
6 KB 41ms
40ms Script
application/javascript 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed2.js

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7bf9a051e4bf2079bcfe1d08dd3fe33f78c24113be904619eb58eb70866807a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: tXk4bjDOduN.J1o19xn5qvcPodL.q5sE
content-encoding: gzip
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 06:03:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 58332
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 31 Oct 2022 18:39:33 GMT
server: AmazonS3
etag: W/"d525acd89579a2005756b881d6dbe4e5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age: 300
vary: Accept-Encoding
x-amz-cf-id: pdVmP8VlTdjegPiROJJfY916tD3DgFz0tiYHGhHIPeJsAO1RNObLvQ==

GET
H2 200 bb890a51f49b3be37b937e3f40174c7a8d836d36.svg
theme.zdassets.com/theme_assets/1306704/ 10 KB
4 KB 72ms
67ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/bb890a51f49b3be37b937e3f40174c7a8d836d36.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

764b5d33917641ef8822a59e8af31357805f49febd23256c46e12e4e1e0948a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: 4j6DAod1ijK1RZUzALNhGLTN4k0UTFY3
via: 1.1 64c57433dbc269a88f86e72ae54bfe36.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48692
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"f697a2777253c0d523681865a1edfbde"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmjojDb8fi9Zd38KkPUr2czadKkbpF2Ut8DYWhkI8Jwp0XTLPbehLJrjJpZACFr%2B%2FRydaof%2B64hW0e5PH20y2ch9FKxunY0Jw51PODyOcp7kaki9cIg2%2BnbK28Ujd%2BaAectNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c971913a-FRA
x-amz-cf-id: puEmBF1zfdYLqyphVsi1XG-XNSkk9JJCnkJheO5QiXgmsS10A9DSgg==

GET
H2 200 ca1fa00bb2777a5a37945e669d92986768ddc245.svg
theme.zdassets.com/theme_assets/1306704/ 267 B
642 B 63ms
58ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ca1fa00bb2777a5a37945e669d92986768ddc245.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7137b7d0fa94b8cc670a034c5b354a04c1ee0f100ffdfbcd1b9c679782922201

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: _sJRXmjRXeVSPh.fZqDop1RJMVdsQPMq
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"3761a145b319231174fff7c5665d69a3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr1AfbLaYXyzeyTkFFhRcoJ4yLaYlvBZimIY7Qt8ffSSgfVxMIRYdgSRzKKByddx2jKNW61T4nE6q6maHDElkmMQG5gTwK1mkt1CVUvEWeaD1oAJxCNMt9cKeh1MbimH0P4npg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b39604c973913a-FRA
x-amz-cf-id: oEmadA86tT34SHi9MUr6H5iMc5jp9r292Zpa_cEq1elZUt2X-pEVqA==

GET
H2 200 13374c7a92982a2634a4c39b40c76a81e28f7b58.js Show response
theme.zdassets.com/theme_assets/1306704/ 5 KB
2 KB 65ms
65ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/13374c7a92982a2634a4c39b40c76a81e28f7b58.js

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c500b6b412b456108e1cb7abc9947b70c75a31c8ac8d694d8b8a34735f8fbfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://service.malwarebytes.com/
Origin: https://service.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: DOyT6UIsNwMg8Vc3pzxaKEO2twzr0OL3
via: 1.1 16f47394e79849272b2daca917491676.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: BOM52-C1
age: 49113
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"6e4f85db8ea19a2a2acc26f971fa2520"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6fGs6uLQ9QyNyWnbn3R3a4L7HB3PUtX7Mw4T58rfO42FaSykcjj23dshaf%2B1T86Nd6XKpL9FSg%2BfXiYGtOAmfipoHGHZiIZVFItcFbnJavjHEVboVfNBm6FN%2BuuRcMVn1yqPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b396041c059b86-FRA
x-amz-cf-id: XpqXX9V-gWmMvvVKjxAAo1bT3ES_JRWu8Wb-u01vaFhqhsw0R5z0QA==

GET
H2 200 a60c052d22469da938f89d16bd7f522d5892c9a5.svg
theme.zdassets.com/theme_assets/1306704/ 3 KB
2 KB 66ms
61ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/a60c052d22469da938f89d16bd7f522d5892c9a5.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a3c12e3a4c3280db714e2bf01bf3ebc14ed8399ea33c1027fc32ae409a60142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: KvcnZPwtx8nEenVyaCByqCTqosX.eJLE
via: 1.1 ce9a2abd25eed1f472711c23f8a0adae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 30547
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"d5f144b5785622913aa8de1943b04a96"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S6qGKKdfyJ%2FY%2BO%2Bg%2B1xgTZRZ4d47lghdcJXGEfMcKNVvtRU1SpDr39MXvQ%2FMfBjV2goMm6%2BqtLsFGStD6tRp13INn5icLKmAo1nqk9zWCI0puYNgMYzKamTh%2BgdosahU2YYvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c975913a-FRA
x-amz-cf-id: CmjWT_8QTG9KwEDDQrlm2kQhQ8SKpoXxQaX2gewpduVn5Fjma2Ciuw==

GET
H2 200 000127f873ba48065e6453168c2928565b61f6cb.svg
theme.zdassets.com/theme_assets/1306704/ 897 B
1013 B 62ms
58ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/000127f873ba48065e6453168c2928565b61f6cb.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87f58978539c528fe3091d48f7bf7f9880aac69776604084339d19bafe8c6a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: oq8PK_2rsCLdtm8G6.NnHIMHW8mVn6B0
via: 1.1 5d217f1e3e1cc27be2d78854345b4f24.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 30545
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"5cd029f7159978fd67110b7356976384"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eR%2B2sw5uHQCDbAr%2FgKy2%2BhgHdi27XUEzSK%2BjRrAjZb%2BmHR%2BSpqkrwtzgIbm%2BDTSB5t99cDds4DBTcQghRayE86%2FBldSmzl3erJOASY%2FALrGTSrwIhR9iose4VeWr4AywfKmsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b39604c977913a-FRA
x-amz-cf-id: 2xha9DFOyB_mrct7XpxffBATIsAcvFpj6_M8uaDPKlMogBA8IU-g2g==

GET
H2 200 4fd35d963544e08f74b22a2cceb66eb3392703bc.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
964 B 77ms
73ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/4fd35d963544e08f74b22a2cceb66eb3392703bc.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cff2e5ad94140faf6560e601dd2a9e598c0247e5bff9e2aabbac1bee0927aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: urGfcofsm4puIlrHYt8VytbtV4X1GocX
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"36b03bbfbb25dac95fa57b42d1176a87"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5h%2Fj1yVErqZVxrdocKqWYyPLTpnDtznyTIvemFYZkdHnL6%2BcTQFxJm4%2Bzfdvkb5SSrmTRXXyGNZVNJ8rTcamx4WRXj6I%2BdsC3gSRlkkp8hd3AVG4OAkJaWSfuhDEu7JBnnYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c978913a-FRA
x-amz-cf-id: zyrersdEH76bXKBPKxbkrlA-V4Y8KaRki4O-51gXtJbTQUIBn3_wGg==

GET
H2 200 b2e29275c46b06b60f903cb2521027486c793267.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1000 B 84ms
80ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/b2e29275c46b06b60f903cb2521027486c793267.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0106f09d9c3c0cc5c2b4ddd1d7eef1a9c4eb47186967883a88456c9863cde9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: .xYf9G8S5tUOJzWXKG2P5n0qvqzsB7pR
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"ade61806e8d2593988a800f717f93fb1"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSoqmgOJw%2BMC6owgp6p51q4HUQlhWrPYcbNGly8UskV66mk3qihNGiGucS4BG6ce2umYo4jG%2B8rj8JAIxQBE%2B6gFiFI6Bn0KIdioSAl8tNaM4Et0OVUZGfvDMar6vQgOkbL8rw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c979913a-FRA
x-amz-cf-id: epsEa7LHFZ20THm7WLUeAWvd6xUNafQl-TNWKS9JFk3vsGeQQD2Qlg==

GET
H2 200 ef469009241ca4b22df4cd52257c55dc999ed865.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
966 B 76ms
72ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ef469009241ca4b22df4cd52257c55dc999ed865.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b38bd5eac382251d2e7f22dbef81df68cafea4677506fc2778400275412a0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: _m3IGB7Rs8gMVwqsDgsb2lqwcKdy_dn9
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 27556
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"98b80f7cec344012d2f30117b93d7bd9"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQw8G5DlWlRlijEyZxBKmjK7c7N4skJ3eCSs1zUoO%2FiahryLkWQfsYLf465IS0kmGBHtF6CNe4F3lKrljo5fvQvE43moXLu%2BSRZc5OKqha7qJByCH9U55PwHG2ll9ww5bWWU7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c97a913a-FRA
x-amz-cf-id: uwRWU9lgTRDCQUJ9XCeNJEisfb_7k-v_bHajnObkEpId3kzTPrN2Kg==

GET
H2 200 bb3f45e4ebb6022825dced4ab55e3ae4c1090442.svg
theme.zdassets.com/theme_assets/1306704/ 778 B
1 KB 70ms
67ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/bb3f45e4ebb6022825dced4ab55e3ae4c1090442.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fba12a2b2125a3c629dbdefc3549f76644bed7a61fa1052a9e1cf03a46fe52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: hEQrHvqE8K5quznarF4RTEyOz2OHTaU5
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: OSL50-P1
age: 27556
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"3bb828a8455fbba1750212e5b74afbe1"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K172rOZ6%2FrpoMDThW3m4xDQDswDRrXulk4I3QG%2FXQXSVPc8ujRCWKycDDTIV1gwhc2%2B0xSw%2BAvhmAjegeKPCg95%2BFEuuX7BCwpjM0XpHSYY3UkGCgnEcFW9N%2Bwr%2BX0GOJ2w5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b39604c97c913a-FRA
x-amz-cf-id: ETVBvjxJyEi9eBNf4QJvXNTMb7ecgw0sWT_uIj6IqdMeUrZITbIa3w==

GET
H2 200 7f766766d2c8fc21ab6d91b27fc061ac8e16f945.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1 KB 93ms
90ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/7f766766d2c8fc21ab6d91b27fc061ac8e16f945.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5c7387a3d5ac778397c2e568a869ce31c5913a4c00c96dda9d541904edd90e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: 8wqNhGEeciI8CH2NC7K_a1C48c7x7FfL
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"32a2fccb36924e2a9e22876fea0a7c08"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHipLRTM7%2FtW%2FODHjZuvjU5WRP44Md2CVmYuXTzeJvrOhq9H1Jom4nwEcLbr5h%2B7qo5HPzKxP2P%2F8FisdTy4PWdrL7ibc0xxldFc21b4H83Y5ZSEoKBkwgFCB1zIK5XBDNkP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b39604c97f913a-FRA
x-amz-cf-id: Ivb0OmKgNathx2xiTtF6rGtvBD7r6qPd-aw2kKJTfhbdgbcWby71rg==

GET
H2 200 82d28b24f973ebadf8e125c820cac9fd30552048.svg
theme.zdassets.com/theme_assets/1306704/ 5 KB
3 KB 95ms
92ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/82d28b24f973ebadf8e125c820cac9fd30552048.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

538fdd8c07e49bbc4ef43dae87db75810ec4a3420791022e7f5689ed6c5932c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: z.W92f8BajPpNQvAljWj46cOdSmsV1m1
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: OSL50-P1
age: 27556
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"2d33bb5618680dd49b84de39d734cd41"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvmsohZxqiKq%2FR39wwhJywCElGkAxxZWbKRsKo2ceTRLzdMpSbvLxni0Ic2tWQNTbsSsyuFg2lHcSGLO2PgWDGoNckRSDOXxvYyr7t8jqG3R%2B%2Bj5pezNztt8MjzSHDEbk8Qxjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509eb913a-FRA
x-amz-cf-id: IcauNfQBHZiwu2VQbSP4nvixjvee4H-U7cQB8IULkVL4RXWvmTyXCw==

GET
H2 200 9a9db30938f910f4fabfe81aa3b26e64bc37df44.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
1 KB 121ms
118ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/9a9db30938f910f4fabfe81aa3b26e64bc37df44.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62225c69140bee904d6e97bcd2391bee68fdebdd10a97ef48fe0259f4123cc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: QDcKO9rZcYJ4IgrGtx5AYW9WGOixSjoT
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"5e8dbaf56f53d9e6cac7ddea2e5807c1"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQ8sTcTJWLFTEY%2BRErcVAG%2FAKUghZOsTEuBoksupQlNKwP1KrqfcRy17fU8y94bpIWOhlZfJ0zx6xwfhPp7leA1yHf3WYz6N0gwjBCyWrxnblC8qauEAk%2B%2FsR8PaUQIHDsjrSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509ec913a-FRA
x-amz-cf-id: rkw3flJGFJr0Q0G6EZQ0v4244BGiPQ2ZMoZmcM6SSGWRL3-PiAfFqQ==

GET
H2 200 f2ef83c533664db316d545b1c2338f22c0e90bd8.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1 KB 125ms
122ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/f2ef83c533664db316d545b1c2338f22c0e90bd8.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e94f4fb5941874296e059bf0e43f32cb289f6cb146f80cc26a25c43d6140468

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: Lb6c3Ygva8pnpXKPZCgjvoPg5GclgGfM
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"3cd8c7f8ab7132eefba86cf4ddaddcee"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLTfehqF1zV3N5AvP0419nNPVZpmwIbL%2BQExWL6UpG5jKWeQSj4gLxPbH9WX4f0eMVQCkGOiaqglS0Q8npZVSWBlAsIa4aQsmDgcwXb0P0AaARC0%2BM91gUOInVPQfz0RyF9RWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509ed913a-FRA
x-amz-cf-id: IXkmRO7GSU08SZIMiRYaYZ0ztrK7dlPESj0bbTNgjlvd0T3V9508uQ==

GET
H2 200 03153ab72363be07a31900e29478f39054c1cc08.svg
theme.zdassets.com/theme_assets/1306704/ 395 B
756 B 138ms
135ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/03153ab72363be07a31900e29478f39054c1cc08.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e53f87ff9d5e0b2ee42fbf68a9fd42d817794c8e55e830c189a0d416a89ece1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: w2ikXGD_5Dhlf3rTn5T8jJa9lHRIpWih
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"5e8be2e70dfa1d722266909a50d49e5b"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTDEO9MM6T5S01lkmx3zYk%2BinileDG2hWKMmFWCm6FkER%2FEudSBEnVwAUWT4VCpcDqpxP09hZ0wOz0eWQb%2B88jCJP5ylmKVcn8GrBb8bWWGrJMsHJ4WhzUoWKiYCIEHCcX6Iww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b3960509ee913a-FRA
x-amz-cf-id: sbJglfcVpf1V_UQDOP9pIXKdHLTvbl81uyhkEu1lv_pjTXFLzWyNNA==

GET
H2 200 546feda88939598f981c3df4235da58857524c4a.svg
theme.zdassets.com/theme_assets/1306704/ 545 B
750 B 116ms
113ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/546feda88939598f981c3df4235da58857524c4a.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b883695ed1a8ca056a7484458feafc49555d398282ae412164072d0d4c9b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: Tv5UU1dXAbDOseIs24FLMW4lp9JjiQlv
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"b0d859ed4943a5e75c483e5e3d4b1490"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BiBeyQf99AQqfm9XMJQeLUlLrGaXEbs%2Fj4VCTM%2FcpaeR3d4M5Mq%2B%2FhkXJntpE2MUfBKNGhNXyrVp4epVQLtD1nAU9nZaenXkBawqsiZdgq6Ae%2BaQlPL9YqIkVOA1a6ycryH1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f1913a-FRA
x-amz-cf-id: uc9qLdukpaptF7VAUQ-iZBODbJMcuAt-3qlopfMtO0TLvzMOZ-Ysgg==

GET
H2 200 0269b16982700dce44cec8c659dbf57c115cd93a.svg
theme.zdassets.com/theme_assets/1306704/ 695 B
968 B 138ms
136ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/0269b16982700dce44cec8c659dbf57c115cd93a.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17efe78d7be10725256d38a574ce5bd0f285f231a8f8491f40f837b7dcd0895

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: uNVRRc1srRmwR4YlzOP2NiSL2zsLL5I4
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: OSL50-P1
age: 27556
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"c637b827ea1742fe915e96360b875631"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytFwdujoIXQeHa9pUZagbENvIVLMxtVXHK93jb6WQS%2BT27SSUK7IymDz0iHPr0P8N0Fk3BefRPRSYLJ7QMa8x289as2lhtLtTmOighZ8W1%2BAQxithYtJWFqp0QOSJMeRB7d8kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f3913a-FRA
x-amz-cf-id: dK2pqM3yJMBurO_-mYoK8ZXQbynetJmkVDvEpcMUubX1DKFc8daZNw==

GET
H2 200 ebf0d89342971a49a480072d518599a1aada9446.svg
theme.zdassets.com/theme_assets/1306704/ 6 KB
3 KB 123ms
120ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ebf0d89342971a49a480072d518599a1aada9446.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6ed53771e38d66180b35ab1437d45e097feec1cb625c3fe17eb84097b269e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: 4wzqLv5S7Q1186p.9DW4CyxdEhsVKhxR
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"86c35b7c79d1b83d34d231795605b413"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjiULipb9tyXdjjQZaXIHQR8xtJZZloDnx9YXyxAQzYtqSyKbh%2FtyoIrhydRemwAZ9UTp0wf1BDUF%2BfGzQnaxDOpqtoKgAmquMqoaB9g1%2Fj7GcY5AYDYwZBrBtG36%2B9DkwomDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f5913a-FRA
x-amz-cf-id: x0lua5xMez_VQ7z4aZQnklHYls2N8fSzPd2hwnLdoppG_S4Vlfi-gA==

GET
H2 200 922cb8156fce6daaf714d67b7096fd18f085b4ae.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
1 KB 95ms
92ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/922cb8156fce6daaf714d67b7096fd18f085b4ae.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2014f5deeda0ef07fae64a73f07dcb598c838b79ee1a60e60fb637f9d119a64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: pauMCuWOvVUxz8ZO9.eN.16OOu5vj.18
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: OSL50-P1
age: 27556
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"4f1e2475d551691b0144accc5fd963c4"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYWt1N5SCM6zourO9TjZ0L2X%2BpKzjIGZhVV86Xipxj%2Bl0d0HlupZMDJeVtbB8RxIqO2sAQoI%2F%2FndOpodAiutILWZyCl5NNv%2F4JwWqeXVQeBwYKPaGe93cpFKkzb9D%2FzM3b5v6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f6913a-FRA
x-amz-cf-id: lXdYo02JwJM9gT9DdCjE7jx8gjF3itv8z63_GN69tsLJLX1xb57_Zg==

GET
H2 200 dfd1deb58d7d107b5884d0778f1fed8f8d961cc2.svg
theme.zdassets.com/theme_assets/1306704/ 10 KB
4 KB 107ms
104ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/dfd1deb58d7d107b5884d0778f1fed8f8d961cc2.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6abb09abc495eb06a7dbefdb055f2149a6d1c8d7123cc3d58c6f2d2aff74b98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: P.xA68_MuEKiAf54IH.o.C.5LCH8Vdzh
via: 1.1 fac4016d40efb9989ddc8d36322eeefc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48691
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"e556b851ec25b5c2b2e88c5deb26e405"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31ygG%2BxFbQjZRla%2Bl3H290jJNXDVtpKLZdkI%2FsvvK9zi%2BJuvNH7EbOGiEwPwV3L7K%2B5VE%2F2y1Q6XqPe9m5JDjlD6fVqdwLHeRE6y8pjwN3ZRSc4Tb%2BcrILUXX8HBWsDL4LSNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f8913a-FRA
x-amz-cf-id: GQgLVqv0nC9K8UJCj2dFrYjYZtBbogkB92oVitmSjWaqA254sDgybA==

GET
H2 200 1dea628cf9c92bc1d9bfaab17d6f163bbf09c9e7.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1 KB 100ms
98ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/1dea628cf9c92bc1d9bfaab17d6f163bbf09c9e7.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b3a9bf6d6433900a722af0913e1a4869cbf5e069167ad283a36cf5d158664c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: _yytT7B1ey3GzCnZd8bEFlHd.3QdlQut
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: VIE50-P1
age: 16933
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"6808562e5d5bed94e93ab62ab8df2e88"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbL8L2vcZFfxV9x4Jk7DCTv3XGgeIY61gDRNlIAphU6JBJqwA86dlandKjM5wolWrDc7LxVNl5CaweEvDwGfTY1Bq86rqv7LQs6jiyJ9EVx0cBBMhzQgLToXdI2Ta44CeLb%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509f9913a-FRA
x-amz-cf-id: xqDljbxMRWFjvSH1-Tv7qZuhwoP9BX8AWWS_kLlKZr3HhGcXSAusGQ==

GET
H2 200 af3f18957a072c1e7c97f40a2a52cc98fbea1df0.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
1 KB 95ms
93ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/af3f18957a072c1e7c97f40a2a52cc98fbea1df0.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec9480818c7f7e71e780b52a6ba43077fa931c363f4efe5cd1ad30b743ccaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: DbGHfDSIiGmZVw7YCCVEWgEsIeQyMfqB
via: 1.1 6c080b1173adbaa14122fac10a76a7c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48692
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"4c37d656eb5fae0a18a6702d626e6767"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAM7ggAtxVCsl1pYaSupkValyDU%2BSqWEfZJgnwKtQv1htMGb2GOlSwVwHrcubMcpmRitNqCIo4HightBFuEEf2LKbqFGAKwjeBeP%2FSSBgLcuWdfe%2Bfz5VpUCY5pXnYU0evbxfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509fc913a-FRA
x-amz-cf-id: RmjGu0McbRXivw_va8uABavwcJ0LZv95T8nIp71UtxIW3jFA1NW3CA==

GET
H2 200 5c420d1cf5ee36d5003fc2324f5a79a09bb8a4e2.svg
theme.zdassets.com/theme_assets/1306704/ 373 B
781 B 111ms
109ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/5c420d1cf5ee36d5003fc2324f5a79a09bb8a4e2.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7c9f34ca735eb0217d7f4c75b9b6027b75e51ff0158cd5315949b4370233f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: lKRgwanTLBKQ6TeLKIqhfLkEyWzOazuG
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:30 GMT
server: cloudflare
etag: W/"d814cab8e4d98095cc20c445eecd9b73"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B8MTsm1ulCvnY0ueMpU3c%2Brn5e0%2FgiEiAENh3Ukc39fGXPi%2BLg2FAQ9AewNp3C%2FPW2yn6%2FxjS10BWuSaybIHR94tpKnj1yWw7h5RjPfi8x6azQhK3rpvuwkRa5uH8%2FHKCTA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509fe913a-FRA
x-amz-cf-id: aOEAOgd8kKAIu9YxJ2njQ2Dw38jQxN7LUKgi4zJ_dMNFARuL13-sjA==

GET
H2 200 ab2e6ffb69cfbb8168ccbf381046704eedd2e09e.svg
theme.zdassets.com/theme_assets/1306704/ 639 B
977 B 101ms
99ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/ab2e6ffb69cfbb8168ccbf381046704eedd2e09e.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a6ed4cf96f734075af4b9b7023f27d59daf90ed7b2bf2c1d4e96904161b7569

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: BhZ7X8a4PoBc8Yg5dl5.AIPfPbYJuc.c
via: 1.1 9ed78f83b2bb44dc950eb2bc8dff85f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: HAM50-C1
age: 48692
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"cdea8ccee43f9d09d1251a903669da8c"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsskIa1E%2BUEi1B5rawQSHAquQGjrmc0BVxdZZqhWE7E1CsRbmfhdfIP8KsmMG2mvZGIdvXV83zoFL%2BtOKysgzNfIyo2lGP2shonC%2FH%2F0JWPbM%2BUR3edOpGRakMyvBlHLK5OXQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b3960509ff913a-FRA
x-amz-cf-id: ggMRsSss9EfPBBIaBeH_4hp18PXM9wGPfJVkp-EcscdpNurX9V1VYQ==

GET
H2 200 c9d35990920d51735cd96dfe3b3f071f438c40ee.svg
theme.zdassets.com/theme_assets/1306704/ 816 B
902 B 100ms
98ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/c9d35990920d51735cd96dfe3b3f071f438c40ee.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81a123d692f2d0b1503b11b396af915f5e842c6552552b619cf7fb6773a1aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: .fQiM.05jQkxX3KYyrFUEFFa.nAy6P_w
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"408ab5d8b9161afc3192d07e80d8bbe2"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FTgRt6bx%2BemEIcOmdzD2KoapTiCxRPP276SBrfGb1%2BWO0F3MdbMFRD1NliqDu1gtEFwahbDu5DzuoNE%2Fsb11mEIfcz1EyoMypiG05OBCOI14KPPlsAmyOluXMq86W35kamsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-ray: 76b396050a01913a-FRA
x-amz-cf-id: _L3d3wk5QdE_YyZW8temJVH_04QHYxSMJuYkL2ZmCqv0-3REzZ_l_A==

GET
H2 200 d63ff9ed68741d7fb9263cd750eb46cad4b1a8ba.svg
theme.zdassets.com/theme_assets/1306704/ 2 KB
2 KB 117ms
115ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/d63ff9ed68741d7fb9263cd750eb46cad4b1a8ba.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05145770dedfd2cab271c46d59ee781aa028140c23857b8770d9f5812d959f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: a_w2s76Ve3wwVP5z_3ghUw9YfIK2m2WJ
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"40fc37a25397adcb2b95d7782773e6f3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evb3sTLf5EjS6OzHDz10NsesX0F6OwjaAk23LlCx7JQAJcfyV4%2BiUQg4VvBxW6p%2BSzMjLzSBgCkZiE2IlIkfFvJ5XhNuF%2F8adxTROG9Ux9B6Kf8dxrEuItj2JtHwIpJTRaSYqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b396050a04913a-FRA
x-amz-cf-id: hIa2SNVLAGb8WS1SvtEsbMeu5iNIPJopuuDpNIWm5ZMk9o5nsWRIdg==

GET
H2 200 0ed8920761e1e49b7e9b73507a0c9273c0f642bc.svg
theme.zdassets.com/theme_assets/1306704/ 9 KB
4 KB 114ms
112ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/0ed8920761e1e49b7e9b73507a0c9273c0f642bc.svg

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb162d965fb72fd7af19a1c53dfad1dd773f06ba6816fcd3975a0eadfeff75b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: mx5sgOB03Ics1GZ1LqqYjpHYYdbleRGX
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: W/"ab584db4b3ee841a5e75b1edf3aba651"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQayDXcCM0K2gpq88pkCYDwa9pwZa05HFPEG8WAVWEagDOkNIAVxPK2EZ1zpV3FgKQznMdhdu9mnd05ExD0kWFqHqdpjb0fLPFzABUMDSo0NchtuK9RPfGWqTXuxhqz7%2BVawBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b396050a06913a-FRA
x-amz-cf-id: U21s-7syIuVR1A60TIZeJ1TLSeREtwuRplru0YpaqCVcnxiDd-r2gg==

GET
H2 200 en-us.1aa110d50fb14b022739.js Show response
static.zdassets.com/hc/assets/ 202 KB
36 KB 54ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.1aa110d50fb14b022739.js

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372074b34b354c7360be23a5684b8e9dcf89f810b24637e601473f01985da169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: BnXEgOIw.XDwPTs4asChxczkA2hA1WKR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FHEJXDPW8ESJHKA1
age: 115378
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OWlmtXlMylwTJ8rHPo7TywM9WOj3tZHWyU7p1qflb0/OejUJeZNXXXquCJxQG2b5iUzxypKTaDk=
last-modified: Tue, 08 Nov 2022 14:09:45 GMT
server: cloudflare
etag: W/"1aa110d50fb14b022739063fc27e8f94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcM2O2qZmeXuAjN3vFSy0KiAm6dUivQwLZo7%2Bp3C7395HeiO8yjloLEuo0H1huVcoin5ZArHWMtJn7Qx9paRzSp1viV65uArZO0%2Fl8gD%2FDGqUMxbGAcDippobSna3aIyt3yzNWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b396048a819975-FRA

GET
H2

200

host-without-iframe.js
static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/
Redirect Chain

https://mwb.zendesk.com/auth/v2/host/without_iframe.js
https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js

3 KB
2 KB

67ms
67ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: Pp00bZly1xtaGmxxq_Hlrtwd.qkQOUAZ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JM2Z74S09FKNF89T
age: 6085
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: nTVsVbppW4X4+aVcdaRPcv2VKwxPRisCuYT9ydPTx0A1j2o5qYHTtuUNGxuVgYKRI0Sk7+pdEE8=
last-modified: Mon, 31 Oct 2022 19:00:02 GMT
server: cloudflare
etag: W/"ecba7efa978de71c61c182c70b3f0189"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FccvBxszDl4qcEkBX3BI8Mu4A8sFE%2B3CWpL2cVsU4YeGwWk1e%2FVgBrM51btrw9jv512E4a67CFeucgJ4KpJPD7wNS%2FynqvW7N9RLXwvjmcMAxPjP8ga5xG1Y7vsw2jF8Q6x3i1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 76b396053c049975-FRA

Redirect headers

date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25956
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-65cd588db4-95fqh
content-length: 165
x-xss-protection: 1; mode=block
x-request-id: 76b11c4d58d67160-FRA, 76b11c4d58d67160-FRA
x-runtime: 0.085746
server: cloudflare
x-zendesk-zorg: yes
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5VRoIhAbe93%2BNDQL2tcNWHRwrK%2Bl4raQ96WWOG1%2BpQDbS0vJaKJjh120v3rNDi5GtjPtCZBpLj3EKc8GlSWZW%2BmKBp5YbgAmSCHnVWrLWbDH5NVJzy9ngvCjnhuvJaK%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/host-without-iframe.js
cache-control: max-age=86400, public
cf-ray: 76b39604ba5868f5-FRA

GET
H2 200 hc_enduser-13ca0793af61939deca4a0d051c3615f.js Show response
static.zdassets.com/hc/assets/ 557 KB
176 KB 73ms
69ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-13ca0793af61939deca4a0d051c3615f.js

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8e74b88209618b507ef84a510078aa73ca3303ab660de05b06fab9f788bd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: 7IQu_NQAHx6DtjTlUJCLh0SrMeQ2Z2zk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7SRS6GZEXASWGZF7
age: 116640
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Sn4T8tVfiqs2CUkiA8bGLg4gtgfviUix/fDM1Dhmg2LIy8WkEnpZWSaOqJhXkVa7sPUgYkwRlCw=
last-modified: Tue, 15 Nov 2022 13:49:29 GMT
server: cloudflare
etag: W/"18a1d776c0ed25babbb96eb8e7b40063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZAn3nVqP%2FHeInU0MA9wsJkFWOGx63f%2F6%2FHXb7ry2YqQ5FsZKg0kdHoAum28Bw81YPxTeraIh7BWmFCKFfYfdSPYP3ewbf%2FE1MZAYOBBYdgkabeZyQ6F1FxBKXj4o8CpAG%2BcU44%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 76b39604cafa9975-FRA

GET
H2 200 script.js Show response
p19.zdassets.com/hc/theming_assets/1306704/360003472574/ 17 KB
5 KB 67ms
62ms Script
text/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/script.js?digest=10759385781267

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e99e7989ad2fd601651917c3b681ef40ae7ca0135903ae44c1f71c8324b59ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49113
x-zendesk-origin-server: help-center-unicorn-6b959c646b-nxxc8
protocol: HTTP/1.1 always
x-request-id: 76aed871bef923af-IAD
x-ua-compatible: IE=edge
x-runtime: 0.011283
server: cloudflare
etag: W/"e99e7989ad2fd601651917c3b681ef40"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ev7Oxd%2FeKvSRVnJfP3vON2lLIuR9NdaRYZ%2BR2ZvJsimDcFZGNOzVw2ZcK4%2BNzSo%2BBsVWYNQJlf4piznn6orhFmEdQtp7REEkY85pboUvZrK1qWKHQjPXOuhAhPWdWhPgn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
x-zendesk-processed-host-header: p19.zdassets.com
cf-ray: 76b39604c96d913a-FRA

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
102 KB 51ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: service.malwarebytes.com
URL: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dae75b90f4d95e58e4a4f09db5845e545b026c95c10000ebde64a722ec69abc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104684
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 21:00:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Nov 2022 22:15:33 GMT

GET
H2 200 embed-manifest.json Show response
static.ada.support/ 136 B
726 B 41ms
40ms Fetch
application/json 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed-manifest.json

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e5ef94ab2dae231cf5c076628a48715104c19bed2ec701006fc7bfad3ea6692

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FAg02I09tegSHWBAo5dwnC5P_Z2s1r_s
date: Wed, 16 Nov 2022 20:50:30 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 5117
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 136
last-modified: Tue, 08 Nov 2022 20:50:04 GMT
server: AmazonS3
etag: "6bed121369bf0d590cbd5754e949d833"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: aCnsh_NojYTEnX_E5NBsFX3PNrSKmIY8unDcM_y6WauL4q6DAC_LJA==

GET
H2 200 f50cbbe785978027bc26e8a1842b4e5ef001269e.svg
theme.zdassets.com/theme_assets/1306704/ 381 B
808 B 85ms
85ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/f50cbbe785978027bc26e8a1842b4e5ef001269e.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06e8fc7b9022f7dd0e98ae732df351282e18a35581605a22ce1602f8e4cd84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: wSkq9KyygAvBovwT9aRKiT2kUPAj64rl
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA56-P4
age: 44936
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 11 Feb 2022 01:30:30 GMT
server: cloudflare
etag: W/"f50732226434dbcf99be7c9431af9e3a"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtVYyy9iwUd85RrHf%2FKtvoYudE1BsFI7zdbBeB87P3mgjRknHWqIh0In7EHN8EEvRj46xHx9YH8Xtq0oZ8ZQjuXuyDbghPaIl%2Bclegm8M04YzvUozEWnU3CoYE06ffoYwBr13Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b396050a08913a-FRA
x-amz-cf-id: Mt8ug3v19_WH0d0FcaNvX0nhsJGqOvC0-2BKBDiBdgOcItKmoAjL8A==

GET
H2 200 8b9319ca8effddac7e7f9d10607a1ccbf9502327.svg
theme.zdassets.com/theme_assets/1306704/ 1 KB
1 KB 127ms
127ms Image
image/svg+xml 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/1306704/8b9319ca8effddac7e7f9d10607a1ccbf9502327.svg

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e8732046171abdc3a656866fdbe184ddaac093d611a53a3f979e67bf86f22b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p19.zdassets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: qHc_Ik67wFFYByc5DpsqpQ_3khrPcpn3
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Apr 2022 21:56:45 GMT
server: cloudflare
etag: W/"c867cb8621308df5514340f212d074c0"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t6YYwuNQEU1mhDp6YXXBYBL7nZL5XjMlWfvFHGsY7%2B%2FL3QhddxE0bHtEosmoJQRFFcCSMMll4%2FI5sj65O14KCJSriGaJLcEPwPRtcW7vb%2B4jfJ57JAPGGddsi%2FQjXirxg%2BLmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray: 76b396050a09913a-FRA
x-amz-cf-id: U0q9thP3Eod-W0KpH7XH_-rW8AIp336e89F2zNDqvoyuZmhWdt8YZw==

GET
H2 200 641b95867ceac946733395b533d9ce0e02c1f131.otf
theme.zdassets.com/theme_assets/1306704/ 131 KB
131 KB 64ms
63ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/641b95867ceac946733395b533d9ce0e02c1f131.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://service.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: drU3pc9DX9snuyRiNhWUwuX5JUYVKHG2
via: 1.1 d9b99cd891dcbddb9ebdd38423c23a76.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: BOM52-C1
age: 49113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 133776
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "8a604ed5e935d80f28a6434813ca6ac3"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClCjLPKi9%2Fwy5vQobKoYDvhXWCutw8yEjxl27pbR4%2FaVztqZPPpQUZ9ItilWJyb%2B%2FqNYYSz36%2FA9NXHrBKaE36FgCmreum8o2wjLRreaObO9%2FhDQNK3vxP%2B5ZjKPFr6DbCTQ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 76b39604edc19b86-FRA
x-amz-cf-id: -okPV9jiVkjQ0E8Eb9Sbi6L1FtD6Nf7kGaSXwUW8XorDW9NhByW-0A==

GET
H2 200 27e4354c63c53eb441e6cd0946194d986b617c1e.otf
theme.zdassets.com/theme_assets/1306704/ 123 KB
123 KB 56ms
54ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/27e4354c63c53eb441e6cd0946194d986b617c1e.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://service.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: Ua6fL2hUVA6zvPlshxEN1GWsYfP2INKL
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: FRA53-C1
age: 31096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 125772
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "e2a1876e68b3885d03062214bc6016e9"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fI%2BTOHawKhmWSLb6s4kp8H%2Fh2JOGcItfBoNqlW7OmzSp%2BSlGt368dhhzsn0QD60utkT95%2Bpp%2FRqEdAcqQ69xRsfe7QZ6pkbadb95LVo3GTCjBfPDEFBxBtzn2E2hyO0uJ%2FAIzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 76b39604edc39b86-FRA
x-amz-cf-id: F8rAgQLr8QnQdiiz8EFZWviL6ZxMprlF609c_wbGVhlCAFk2cEb9Rg==

GET
H2 200 1d0e0a6bb4f76a9f55fd18f607e24fca4a2b569a.otf
theme.zdassets.com/theme_assets/1306704/ 129 KB
130 KB 63ms
62ms Font
application/x-font-otf 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/1306704/1d0e0a6bb4f76a9f55fd18f607e24fca4a2b569a.otf

Requested by

Host: p19.zdassets.com
URL: https://p19.zdassets.com/hc/theming_assets/1306704/360003472574/style.css?digest=10759385781267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p19.zdassets.com/
Origin: https://service.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-amz-version-id: x2IuTWW4700zDVCYCIbi8tIm5xQz35nj
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-cf-pop: DUS51-P1
age: 31096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 132168
last-modified: Fri, 11 Feb 2022 01:30:31 GMT
server: cloudflare
etag: "4a127c955329def8ac32316e4c6b55a5"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/x-font-otf
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjlM4i78aG98qalO%2FjrKP1O%2Fr2XcLPhCmljcnx7WOQOWfFVb%2B1b3K%2F2drV5AZx%2FZBqZaccemNpukWGAxvutZNqbuqT%2FmldAW%2BS%2BCvVJz8SjP3IYeU4HpbPH9zOE%2FSky1FbUVvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 76b39604edc49b86-FRA
x-amz-cf-id: 1OKMkG2a7OMYP2hwa2u9Q3dymZ9s7eIbwk2sYjktmUksYskrHGkGqw==

GET
H2 200 embed2.5459dcd.js Show response
static.ada.support/ 212 KB
64 KB 47ms
47ms Script
application/javascript 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/embed2.5459dcd.js

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebe0d9bf7ac96db88d6ad62c5492f6a0a682b1ddbe8b6e4f25d6752c301416ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ofZA_ZRfWTCrr6RdW4dFtEoJvyAIZ.7T
content-encoding: gzip
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 08:16:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 50338
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
etag: W/"9f11810bb4c901aea431acfabc800437"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: 172800
vary: Accept-Encoding
x-amz-cf-id: 634IhEmFTWzyUW_ty7icNq6YcT2HOjoOWpw0vTu34rCmCI9LxpxMUg==

GET
H2

200

sso Show response
mwb.zendesk.com/auth/v2/login/
Redirect Chain

https://mwb.zendesk.com/auth/v2/login/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&theme=hc&locale=en-us&brand_id=360003472574&auth_origin=3600034...
https://mwb.zendesk.com/auth/v2/login/sso?auth_origin=360003472574%2Ctrue%2Ctrue&brand_id=360003472574&locale=en-us&return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F441381...

4 KB
3 KB

280ms
279ms

Document
text/html

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb.zendesk.com/auth/v2/login/sso?auth_origin=360003472574%2Ctrue%2Ctrue&brand_id=360003472574&locale=en-us&return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&theme=hc

Requested by

Host: mwb.zendesk.com
URL: https://mwb.zendesk.com/auth/v2/host/without_iframe.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ebbd31b9fd1eb4068e2204d97dc5116bf2ee70dbeeed42f75de5337db63b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.malwarebytes.com/hc/en-us/signin?return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76b396079f7768f5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 22:15:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bblhragCdn4urVYHrgZD4VSmoh%2FVvG8NkK5GZyZGufNjMF4DW9tAe05c8UghBQ2lHsSRpLRufWg2Ch%2FeWmDjjgJIEUa2yqX3EvCu3a4UUq07AWqIskui1rWb8uJv4bWqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept
x-request-id: 76b396079f7768f5-FRA 76b396079f7768f5-FRA
x-runtime: 0.115305
x-xss-protection: 1; mode=block
x-zendesk-origin-server: classic-app-server-6f68fbcc5d-hc4h8
x-zendesk-zorg: yes

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76b39605fcb968f5-FRA
content-length: 295
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 22:15:34 GMT
location: https://mwb.zendesk.com/auth/v2/login/sso?auth_origin=360003472574%2Ctrue%2Ctrue&brand_id=360003472574&locale=en-us&return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&theme=hc
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti94CqOg71vegEZ90o7pIqKlP%2FZhYLBzlCG8Yzi17tBKdMPA9cS8U4d1Un9NAQSKfcC5DbsTBF5Zjr8P2nhoxcZuTA%2F0WUPbdwT2f1rt4xyOPYSmIbQqDYPZ1EJ8R75Xdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept
x-request-id: 76b39605fcb968f5-FRA 76b39605fcb968f5-FRA
x-runtime: 0.082879
x-xss-protection: 1; mode=block
x-zendesk-origin-server: classic-app-server-6f68fbcc5d-4rgf4
x-zendesk-zorg: yes

GET
H2 200 client.json
rollout.ada.support/mwb-b2b/ 8 KB
8 KB 62ms
62ms XHR
application/json 18.64.103.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rollout.ada.support/mwb-b2b/client.json?ada_request_origin=embed
Requested by: Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-23.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:10:58 GMT
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P3
age: 277
x-cache: Hit from cloudfront
content-length: 7755
last-modified: Fri, 11 Nov 2022 15:42:49 GMT
server: AmazonS3
etag: "e57052db4949137c8966b0c8052f462b"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
vary: Origin
accept-ranges: bytes
x-amz-cf-id: u9ZPE8S7pxzV8PcGl_2Ld78frr9QedyfObjOy4glEflxA2INjJ7Wzw==

GET
H2 200 chat-manifest.json
static.ada.support/ 136 B
684 B 39ms
39ms Fetch
application/json 143.204.215.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ada.support/chat-manifest.json

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-72.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:05:37 GMT
x-amz-version-id: cOx59X3.jVj2lGaWk3kR_w4n63_Wrd1t
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 25797
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 136
last-modified: Wed, 16 Nov 2022 15:05:27 GMT
server: AmazonS3
etag: "46a9546ba8229c3ee70adcc15e2d052f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: kHvcc6T2RdX81-5F3SSK5vEJKkZjsy4bQvjTgmEU-QbZDTDkiiHfNA==

GET
H3 200 js
www.googletagmanager.com/gtag/ 235 KB
78 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Nov 2022 22:15:34 GMT

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ 103 KB
27 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H/jfuKmhAuAF2u8kb4OOxKQn7tqP7scUBATCjM1LBDzhJymZe/Q9ToGaUmuv5KQeuT483fTlA2Uu3/LdaoUd7w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Nov 2022 21:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3580
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 16 Nov 2022 23:15:54 GMT

GET
H2 200 web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 55ms
55ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25539660
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT83NDPQFX8B0WQTE0BKN3C5
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76b396065d649bbe-FRA

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18373
accept-ranges: bytes
content-length: 4530

GET
H2 200 bat.js
bat.bing.com/ 38 KB
11 KB 63ms
63ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 16 Nov 2022 22:15:34 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31A4C0CAEEAA4C868287DE4430B369A8 Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:34Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H2 200 HWyTnY16.min.js
scripts.demandbase.com/ 69 KB
19 KB 44ms
43ms Script
application/javascript 108.138.17.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xMOnxq8MHObsxxdameA97QkGWNgri97l
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 21:41:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2039
x-cache: Hit from cloudfront
last-modified: Wed, 09 Nov 2022 16:45:54 GMT
server: AmazonS3
etag: W/"d221078e84eaa425e7dbaa59bd89a594"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: oNFQFAJT4eeVONWLL5yn7RaY8qeQCixdhEg7yZUti23BZO8Z1dEJDQ==

GET
H2 200 demandbase-forms.js
www.malwarebytes.com/js/ 3 KB
1 KB 40ms
40ms Script
application/javascript 2600:9000:2315:f800:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:f800:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:04:46 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: DUS51-P2
age: 647
x-powered-by: ASP.NET
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"83427fbdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: hclS_lBU0c2vQEaSY2V-jj93pLLQJFbyGLIXttG4_Ap_KXfIiP2Hiw==

GET
H2 200 uwt.js
static.ads-twitter.com/ 56 KB
15 KB 39ms
39ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230128-FRA

GET
H2 200 index.html
mwb-b2b.ada.support/embed/x-storage/5459dcd/ Frame EE0B 237 B
744 B 133ms
43ms Document
text/html 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://service.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74873
cache-control: 172800
content-length: 237
content-type: text/html
date: Wed, 16 Nov 2022 01:27:41 GMT
etag: "93f912ceabb0586748b7b0061a4f94fa"
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-id: ZmNnF2hEi3xlYtnt3L8bEPfxY9EPLURZp9ohV2A9jQ4T08jXALFOAA==
x-amz-cf-pop: FRA2-C1
x-amz-replication-status: REPLICA
x-amz-server-side-encryption: AES256
x-amz-version-id: EoV.QGkyqORMxkzdXfpYuw0gvoenlYnu
x-cache: Hit from cloudfront

GET
H2 200 index.html
mwb-b2b.ada.support/embed/button/5459dcd/ Frame 0F14 5 KB
2 KB 130ms
44ms Document
text/html 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/button/5459dcd/index.html

Requested by

Host: static.ada.support
URL: https://static.ada.support/embed2.5459dcd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://service.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74465
cache-control: 172800
content-encoding: gzip
content-type: text/html
date: Wed, 16 Nov 2022 01:34:30 GMT
etag: W/"1bc978ca8d09449bd533ced91e6880dc"
last-modified: Thu, 03 Nov 2022 16:27:24 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-id: WqQyr0mJfYITJIVAUPv7Hi7P4J79reBQzXFuljVgEWq6RvHJYIIDzA==
x-amz-cf-pop: FRA2-C1
x-amz-replication-status: REPLICA
x-amz-server-side-encryption: AES256
x-amz-version-id: z5PbW1CbPZW099Xt3wDUPP1EqKj3iLpj
x-cache: Hit from cloudfront

GET
H3 200 identity.js
connect.facebook.net/signals/plugins/ 64 KB
20 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: D3MUZBK54i69T7Y748YROxuXlF1a4Yt1l0wrFoLwiGqH6utL7gkGQeBgydk3GcSPXW5KG9hBGZvOc8CU/Z/ajQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1480959392203028
connect.facebook.net/signals/config/ 294 KB
85 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 16 Nov 2022 22:15:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86789
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tpRzsma24QS1dvuH1zm6M+mZo2hpgtkub/5Z8wN+2SNt/B6NHB05NcM1YTsJ0tvhhHuxFujtY2Ig8wsUhVexXw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
884 B 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 21:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Nov 2022 22:36:58 GMT

GET token
cdn.linkedin.oribi.io/partner/2594100/domain/service.malwarebytes.com/ 0
0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636934170&url=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636934170&url=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebyte...

0
143 B

139ms
139ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636934170&url=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&e_ipv6=AQLqBd_OOOAo4QAAAYSCgwBgD9npn8U3Bko6s-TYu1UQisnRzTBQRlq2tGyyu3CjOw5BKio
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 172EFE049AC74E8E97859F2B3E9404B0 Ref B: FRAEDGE1810 Ref C: 2022-11-16T22:15:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtnc+7e3Bo5XMMMehQqQ==

Redirect headers

date: Wed, 16 Nov 2022 22:15:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CCEC376F0A234E308C0707DCFC4CE3EA Ref B: FRAEDGE2020 Ref C: 2022-11-16T22:15:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1668636934170&url=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&e_ipv6=AQLqBd_OOOAo4QAAAYSCgwBgD9npn8U3Bko6s-TYu1UQisnRzTBQRlq2tGyyu3CjOw5BKio
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtnc+5VI1dyx/l0WKaeg==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/2594100/domain/service.malwarebytes.com/ Frame 0
0 46ms
46ms Preflight 13.224.189.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/service.malwarebytes.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-46.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://service.malwarebytes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 46528
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 16 Nov 2022 09:20:06 GMT
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-id: ngCB4c-WAszY8-CpJSgRwhFDCP26HoparO4xF3JSy33WeSKym7QuPg==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront

GET
H2 200 adsct
t.co/i/ 43 B
117 B 149ms
148ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=831c98b6-b041-4dc8-9bbb-c604c787a5c8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=834854fd-8cf0-4540-9263-ad115f57ee81&tw_document_href=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e44fb9d2c2ceb087
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 175a216bae3d343c16330409c20d6ce119c40ec5b56812725ca4019e4eda01ac
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
117 B 153ms
153ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=831c98b6-b041-4dc8-9bbb-c604c787a5c8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=834854fd-8cf0-4540-9263-ad115f57ee81&tw_document_href=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 16 Nov 2022 22:15:33 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e9a2277080eb3945
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 41ba4ff00a7f27deb2b6be090f6866c64f719a06ba2f61e34953f970aa18a355
content-length: 43

GET
H3 451 464526.gif
id.rlcdn.com/ 0
9 B 130ms
45ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json
api.company-target.com/api/v2/ 447 B
938 B 81ms
80ms XHR
application/json 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fsupport.malwarebytes.com%2F&page=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&page_title=Malwarebytes%20Business%20Support
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://service.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
request-id: 0fb0522d-4344-46ae-9e4b-dd0e0aebef52
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://service.malwarebytes.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QTQ9OhmVPmjRzu0pj8yUmW9dMSN0eM2-0CFTxeW7z5FIveYrdSu7tw==
expires: Tue, 15 Nov 2022 22:15:34 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1914415783&t=pageview&_s=1&dl=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&dr=https%3A%2F%2Fsupport.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20Business%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAgEAjAAAAAAAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=7DD8F205-E71E-473F-84E2-D502FDD1E290&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=1022646675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68319
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
44ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1914415783&t=event&ni=1&_s=1&dl=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&dr=https%3A%2F%2Fsupport.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20Business%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=25%20percent&_u=SCCAgEAjAAAAAAAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=7DD8F205-E71E-473F-84E2-D502FDD1E290&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&z=1272144051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68319
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4072696.js
bat.bing.com/p/action/ 0
119 B 157ms
157ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 16 Nov 2022 22:15:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEF3E33261C34001A6B836775F945945 Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
122 B 62ms
62ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=c00092b2-4bcc-459c-8e6f-29fdcc5615b8&sid=2fa70d8065fc11ed92927f5257dc2dfe&vid=2fa7386065fc11edb220dd9a61593572&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20Business%20Support&p=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&r=https%3A%2F%2Fsupport.malwarebytes.com%2F&evt=pageLoad&sv=1&rn=551909

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 16 Nov 2022 22:15:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 821CED56B7944F268CB86EB1B53B3FCC Ref B: FRA31EDGE0213 Ref C: 2022-11-16T22:15:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 38ms
38ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&rl=https%3A%2F%2Fsupport.malwarebytes.com%2F&if=false&ts=1668636934223&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1668636932701.1058818485&it=1668636934161&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 16 Nov 2022 22:15:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1914415783&t=event&ni=1&_s=2&dl=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Fsignin%3Freturn_to%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947&dr=https%3A%2F%2Fsupport.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20Business%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=SDCAgEAjAAAAAAAAI~&jid=&gjid=&cid=1547150611.1668636932&uid=7DD8F205-E71E-473F-84E2-D502FDD1E290&tid=UA-3347303-10&_gid=343805751.1668636932&gtm=2wgb90MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=2139131955

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 03:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68319
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sentry.b6985341d53aea5af72f.js
mwb-b2b.ada.support/embed/x-storage/5459dcd/ Frame EE0B 83 KB
25 KB 46ms
45ms Script
application/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/x-storage/5459dcd/sentry.b6985341d53aea5af72f.js

Requested by

Host: mwb-b2b.ada.support
URL: https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: uIt2VhsoOjJ_tRKuymseB6poTG_NRP85
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 04:07:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 65294
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Thu, 03 Nov 2022 16:27:24 GMT
server: AmazonS3
etag: W/"aa693fab6d2dbff1fc92249379687a31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: zvED-YSR8c3kIuzXXusSSnB1GkTkWI0EehN53XhCWIjAa26aZGb9KA==

GET
H2 200 index.js
mwb-b2b.ada.support/embed/x-storage/5459dcd/ Frame EE0B 55 KB
20 KB 55ms
54ms Script
application/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.js

Requested by

Host: mwb-b2b.ada.support
URL: https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2b.ada.support/embed/x-storage/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: FSLWv4KJMUz4UCI4CJFMOs_QnksvPaJO
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 01:57:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 73318
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:47 GMT
server: AmazonS3
etag: W/"fac77968dd96edfcd8a9d9fa518f153a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: wmHy4bCUr7BZfHR73QuToUCIohoIQsuYyrJbsDLNHpW8F7gxi5ZLYw==

GET
H2 200 sentry.b6985341d53aea5af72f.js
mwb-b2b.ada.support/embed/button/5459dcd/ Frame 0F14 83 KB
25 KB 77ms
76ms Script
application/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/button/5459dcd/sentry.b6985341d53aea5af72f.js

Requested by

Host: mwb-b2b.ada.support
URL: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: upRTSdQaXdXZsBVTCYutuI5bqC9GoJaM
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 06:01:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 58471
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Thu, 03 Nov 2022 16:27:24 GMT
server: AmazonS3
etag: W/"aa693fab6d2dbff1fc92249379687a31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: Fi1XTkU9pccd5jivhETofypRfvMlE-Z0aQDWM0Egwpra_6BK2E0gpQ==

GET
H2 200 preact.8ab2422822c47580185f.js
mwb-b2b.ada.support/embed/button/5459dcd/ Frame 0F14 9 KB
4 KB 82ms
81ms Script
application/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/button/5459dcd/preact.8ab2422822c47580185f.js

Requested by

Host: mwb-b2b.ada.support
URL: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: gbdan91b7C1W1Uc8PJswF97tXWuAn9L4
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 02:27:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 71299
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
etag: W/"51cc097b6d58a11a6aa758e72ee39e0a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: c16jPs8Y4d3pJbHXR2BarA5-cNwid8-1TQRPHhAwiSvPAYHaqQfUqg==

GET
H2 200 index.js
mwb-b2b.ada.support/embed/button/5459dcd/ Frame 0F14 71 KB
26 KB 88ms
87ms Script
application/javascript 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mwb-b2b.ada.support/embed/button/5459dcd/index.js

Requested by

Host: mwb-b2b.ada.support
URL: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1aa626c4e9a25e01.awsglobalaccelerator.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb-b2b.ada.support/embed/button/5459dcd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 48dEtXNP_SolLqAUEu8Hwegf7MlDK4Pk
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Wed, 16 Nov 2022 01:35:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
age: 74553
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
last-modified: Tue, 08 Nov 2022 20:29:46 GMT
server: AmazonS3
etag: W/"148fc8ddc48aebb008a78ed52864ac5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: 172800
x-amz-cf-id: ozMAi9L4t1xVf8wengRiqIxMcdO7_pjkclHntjVAffhyIsj8ZD3CSw==

POST collect
region1.analytics.google.com/g/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET collect
www.google-analytics.com/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET collect
www.google-analytics.com/ 0
0

GET
H2 200 hc-a1b52cfeff00e82880661fe1f60313faf5eb36ab2d360982ab5bca4cdcd15502.css
static.zdassets.com/classic/assets/themes/ 12 KB
3 KB 58ms
56ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/themes/hc-a1b52cfeff00e82880661fe1f60313faf5eb36ab2d360982ab5bca4cdcd15502.css

Requested by

Host: mwb.zendesk.com
URL: https://mwb.zendesk.com/auth/v2/login/sso?auth_origin=360003472574%2Ctrue%2Ctrue&brand_id=360003472574&locale=en-us&return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&theme=hc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b52cfeff00e82880661fe1f60313faf5eb36ab2d360982ab5bca4cdcd15502

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: 89h8Ef48LGEsFsG13e64lOitin0R3j94
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: EGDB5ZDVNDNFWVPR
age: 139
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 8FHtMdmqF9agS8zL+LL/F+hM8xvd61H+s3Jg6o6HeYTFp55/+xFj0C8kA85FFjZtKNpi/6Qq/7o=
last-modified: Wed, 13 Jul 2022 18:03:22 GMT
server: cloudflare
etag: W/"e5400ad0c1279e39d6d0de8d153ac633"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfyB73sDOkJhwXImw5%2FRiufKzVepILV4%2FCr8x6XWJpMRJisf2iVjAb%2B%2B3cYa1YGMhcmys2rKnS8MV%2BloKBAnwj6%2BjwewlxyzbexDjlLUSSDuvGp58Zy6pbzfoEaxSuB8I5v%2FCKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=600
cf-ray: 76b396097ca99975-FRA

GET
H2 200 zendeskgarden_bedrock-b3a2ac88db1c3c7bfbcf5df22bdce4dba93fc3090e33f64da5dbfc1b1d3c6c16.css
static.zdassets.com/classic/assets/ 23 KB
5 KB 60ms
58ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/zendeskgarden_bedrock-b3a2ac88db1c3c7bfbcf5df22bdce4dba93fc3090e33f64da5dbfc1b1d3c6c16.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c8ad7f186fc41f37b3b98c936938adc058bc32a59f8ec6a02dea07e75a900c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: l9Ur7KXx.eT_H6f_JDZRfL6VzxRbd1Al
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9SVDDM56KYGKY6MC
age: 149
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: G8sTCXMDuld31yfH/JycP1dG87Nqv/YrHp10twsSkX1F378TlPoL7/wnuStQHkmv+819Pxb4tSs=
last-modified: Mon, 28 Feb 2022 22:40:47 GMT
server: cloudflare
etag: W/"31e34a1b56645051788a000088afb7b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVOG%2BupP%2B5Az0ECbqOwGJzC1X4n1DMwNzK7fhkmktKlc8T8Q%2BIEbRHyeJF9z1SnKKh%2BHasRNMC7%2BBgjkO2LJpSGVolK105GzTpcrkmx3u2lxQuAb6jD0BVlH1O0gMGnTBftUdT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=600
cf-ray: 76b396097cae9975-FRA

GET
H2 200 zendeskgarden_modals-48f7485d39033cb19f3b25119107c2a9242b166108252e10f0023f1b2b20eb7a.css
static.zdassets.com/classic/assets/ 2 KB
1 KB 53ms
52ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/zendeskgarden_modals-48f7485d39033cb19f3b25119107c2a9242b166108252e10f0023f1b2b20eb7a.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea263d1786a16a2fd90fdfb82b6d6078d02cc81f8a6fa1f6f82c89418dbfa8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: PiO12pxAUje.Jt4K8uEEvkUPL3aZdjHH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: GBEZ9MZF7011N8CC
age: 551
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9ZyZPM/6K8u/ndRatebES/Q0vttGpWNZSdC2ik2ZKwjjlx+3VszR4FTBbkF/Hbk6BxqI6leDZE4=
last-modified: Tue, 21 Jun 2022 03:32:44 GMT
server: cloudflare
etag: W/"c19834fea613076740d53dd6782f2c52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP4hfLJU7%2FLq1zxETThjXthEEYNpSFYB3FB9Ko%2BVAdESe1caacuRIsZ3Z%2Bn9pEg%2FnnKqubGs70yZKdrPowQv8AKTiL6fENyUkFWULuUUyybSTKoSiqcjYzEcoKme58GsxzibMCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=600
cf-ray: 76b396097cb19975-FRA

GET
H2 200 zendeskgarden_button-f46b8c2020555512d4cff7c4b28c5ad5fdef859a7560162b45aaa5bd7e55dd28.css
static.zdassets.com/classic/assets/ 5 KB
2 KB 57ms
55ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/zendeskgarden_button-f46b8c2020555512d4cff7c4b28c5ad5fdef859a7560162b45aaa5bd7e55dd28.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428b1db15262b6f63ac1426b1c91dfc74a6d5cf75b797eb39dd2ce03e521a6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: JNQD7R1UkLcLXxz52ieHQ8IHFmBTNyKH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HNB93VYYDHPH5BP0
age: 551
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 5XFoSpJplDj9woA+GD+cB2Wd2pQ3yrExFv6TCpxE84Hu/ZZ32C/lwAMspDzqWsBW8+FBXujotaA=
last-modified: Wed, 02 Nov 2022 10:39:44 GMT
server: cloudflare
etag: W/"37e54331f5417ac544c2a2e531ed527a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7YbYJAGoIAiJS3cQKQ4pmWtmkD15o%2F11eT2p%2BS41x3w9a2qz90VKJ5BTD3lwufAf78qTE31vGA%2FGE6aBRFsJ%2BFWbJCd8TsBmnTdyalIGumyB87I6fCQYIT8SjEm4nM1bYK%2FFeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=600
cf-ray: 76b396097cb69975-FRA

GET
H2 200 zendeskgarden_callouts-6e86539615686ab0aa2a19e14ecb7ffbe144878ed7960f3b4821e5b0bbc6515f.css
static.zdassets.com/classic/assets/ 7 KB
2 KB 56ms
55ms Stylesheet
text/css 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/zendeskgarden_callouts-6e86539615686ab0aa2a19e14ecb7ffbe144878ed7960f3b4821e5b0bbc6515f.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a610970d0bb707e02455fad7b91f1f19931340d06fab4af4cc919a56d0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: D6x7j4jyM3gBR0Fz3VRJXd7xpX2DEUzE
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: S9CXY2D170H1DXDM
age: 551
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OCNFK01Br/LG1J/qxfRiM+z9emi4R/BjEXi0VisVma0vr0mEbBNt+MhSvh6RzZv2lCj5INC41vk=
last-modified: Fri, 21 Jan 2022 14:38:24 GMT
server: cloudflare
etag: W/"44281b09b582eb22ff4e328beb3d409d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bq3bzQtInZLB2ExZKY5sV%2Frh%2B%2BH4Ly5ysZ9k5eJp1oFvSiPiaymj7OkIO2X4VAfT2SrLImfXptvpYD0QZw3Am4ZafdWang2cz5Q%2BMC%2Bl6L%2B6Gyiss1P0A8APHbB1qyvrCEN%2FLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=600
cf-ray: 76b396097cc29975-FRA

GET
H2 200 turbolinks-4934cb7314614db08582e0f8f532f0407f555f3b751fafeeaf6f1d2d3148d32c.js Show response
static.zdassets.com/classic/assets/ 23 KB
7 KB 62ms
61ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/turbolinks-4934cb7314614db08582e0f8f532f0407f555f3b751fafeeaf6f1d2d3148d32c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4934cb7314614db08582e0f8f532f0407f555f3b751fafeeaf6f1d2d3148d32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: _SO28aPDvXYHfCC1a5xS7ZdgG3eKv1eq
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: GBEJ4HV2TRJSRFSM
age: 139
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ygfnqCpbmnCN6y5ykEX7wf75Zh8igzQIfYwasL3m9Xk6E2qYPjbsHCqqD55tWdmQhRCNlUIH99w=
last-modified: Mon, 20 Jun 2022 10:52:49 GMT
server: cloudflare
etag: W/"d0e381ed3d564f5897db406ed8f5d8da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whKKfnNYpJfRH2vhPbrhrOKzbP46UimONygCLCOJZajVnT29COzdFwez4OS3kqtf7w%2Bc1RuRyvOdNhYitJFKgbJy6yBu1M%2FPIb2%2FbEfesQfytqn9xNDSZfeZSajQCSIR6Pds1ls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=600
cf-ray: 76b396097cc39975-FRA

GET
H2 200 jstz-95c1a7f4b17b9627e40c082e215c03da19b6b1e3281358d2e0742225438d25cf.js Show response
static.zdassets.com/classic/assets/ 5 KB
2 KB 52ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/classic/assets/jstz-95c1a7f4b17b9627e40c082e215c03da19b6b1e3281358d2e0742225438d25cf.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c1a7f4b17b9627e40c082e215c03da19b6b1e3281358d2e0742225438d25cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: ysQACq7WeL9aF.AyEphcWXTkh8s_2aK_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: GBERJNT0GRTDVCSX
age: 551
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IU2AF4ReQYaZn6/u4iFDHwZRasX7gYHWsScX7noFy6P/p9v7k1ANK4igGth1L8L5niFFruNaNbc=
last-modified: Mon, 20 Jun 2022 10:52:46 GMT
server: cloudflare
etag: W/"7b4b9c1283b463375a3ce68d4f7f243a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DakR8%2BO8N7zbzk5hkXkDGh1%2BqUWbS7NaAJBAPeLma6AB6ouLkmVT95UQlzmCerHgsHClmiiRgUmO0JVGJe3qYy%2FEblhh7NgTGTigyIEdMRNmobSeZSiX3Bpn2%2FIu69XtGfpPOoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=600
cf-ray: 76b396097cc49975-FRA

GET
H2 200 auth-without-iframe.js Show response
static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/ 7 KB
3 KB 58ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/auth-without-iframe.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4685cdfc3e9363b18bae6622a256c2bd83973441ad9a2a1da744b2fb9d1e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mwb.zendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
x-amz-version-id: iSQsQHSRb.T5NFQyHklCC4Y8ImnVK43t
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: G5WTDRHC2977EYTA
age: 2610
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: PJ/itLpDFu75drCD3k6Lyciy56NBHtHt3Iqz2esLw0RRiK3ffSO+ARklvwUcbk7LfmgGBeHXMWs=
last-modified: Mon, 31 Oct 2022 19:00:02 GMT
server: cloudflare
etag: W/"a0a57141347b04df12c4a490dc41a58f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksdGUG%2BXwVHyJFUCCplvKDse79PacVd0Wv0dBjOQVv3kVOm%2Buh0dKPv5qYqUUmSczv%2BoWZpNGLw6v0km3jmtguSN3BOvxPZx8lBe9QTUlszKnnV69HSK4wZORatNbMSl%2B8q87t4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 76b396097cc69975-FRA

GET
H2

200

Primary Request login.htm Show response
malwarebytes.okta.com/login/
Redirect Chain

https://malwarebytes.okta.com/app/zendesk/exk1b5q4h2vhiEJ1N1d8/sso/saml?RelayState=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&brand_id=360003472574&SAMLRequest=f...
https://malwarebytes.okta.com/login/login.htm?fromURI=%2Fapp%2Fzendesk%2Fexk1b5q4h2vhiEJ1N1d8%2Fsso%2Fsaml%3FRelayState%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%...

18 KB
10 KB

262ms
261ms

Document
text/html

13.248.168.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://malwarebytes.okta.com/login/login.htm?fromURI=%2Fapp%2Fzendesk%2Fexk1b5q4h2vhiEJ1N1d8%2Fsso%2Fsaml%3FRelayState%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947%26brand_id%3D360003472574%26SAMLRequest%3DfZFRT8IwFIXf%252BRVN37utHQ7TbCMLxIQEjQH1wbfSXcLi2mJvB%252Bqvd0xJ8AFf%250A7z1fzrnn5tMP05IDeGycLSiPEjotRzkq0%252B5l1YWdXcF7BxhIr7Moh0VBO2%252Bl%250AU9igtMoAyqDlurpfShElcu9dcNq19AL5n1CI4EMfgJLFvKAnwDNIlci00Cyd%250AbGs2ThNgGy0Uy7TKJjpNbjPgvR6xg4XFoGwoqEiEYJwznj0JIfmNTMevlLyc%250Ar%252Bu9KKnOZjNnsTPg1%252BAPjYbn1bKguxD2KOPYHDfRF9ga8C3SzsRKa0CMT8lo%250AObQjB2dfXiHy%252BFL02%252BdDf%252Fli%252FujaRn%252BSqm3dceZBBSho8B1Qcue8UeF6Vzzi%250Aw6Sp2XaQSjCqaau69n06Gpc%252Frn8fV46%252BAQ%253D%253D%250A

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/auth/9658837c3f58fd372418a77022ef8f1bd36fdf66/v2/auth-without-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.168.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c50b1fa76c6bddcb10b38d3e9e3d60e6d0ae1a19110ea6ca2f67f12691d227a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' malwarebytes.okta.com .oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com malwarebytes.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: .oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mwb.zendesk.com/auth/v2/login/sso?auth_origin=360003472574%2Ctrue%2Ctrue&brand_id=360003472574&locale=en-us&return_to=https%3A%2F%2Fservice.malwarebytes.com%2Fhc%2Fen-us%2Farticles%2F4413817228947&theme=hc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-language: de
content-security-policy: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com malwarebytes.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com
content-security-policy-report-only: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com malwarebytes.mtls.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
content-type: text/html;charset=utf-8
date: Wed, 16 Nov 2022 22:15:35 GMT
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-okta-request-id: Y3VhB-MNF8pSYPI3Nk7HhwAADks
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1191
x-rate-limit-reset: 1668636956
x-robots-tag: noindex,nofollow
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

content-language: en
content-length: 0
content-security-policy: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com
content-security-policy-report-only: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date: Wed, 16 Nov 2022 22:15:35 GMT
location: https://malwarebytes.okta.com/login/login.htm?fromURI=%2Fapp%2Fzendesk%2Fexk1b5q4h2vhiEJ1N1d8%2Fsso%2Fsaml%3FRelayState%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947%26brand_id%3D360003472574%26SAMLRequest%3DfZFRT8IwFIXf%252BRVN37utHQ7TbCMLxIQEjQH1wbfSXcLi2mJvB%252Bqvd0xJ8AFf%250A7z1fzrnn5tMP05IDeGycLSiPEjotRzkq0%252B5l1YWdXcF7BxhIr7Moh0VBO2%252Bl%250AU9igtMoAyqDlurpfShElcu9dcNq19AL5n1CI4EMfgJLFvKAnwDNIlci00Cyd%250AbGs2ThNgGy0Uy7TKJjpNbjPgvR6xg4XFoGwoqEiEYJwznj0JIfmNTMevlLyc%250Ar%252Bu9KKnOZjNnsTPg1%252BAPjYbn1bKguxD2KOPYHDfRF9ga8C3SzsRKa0CMT8lo%250AObQjB2dfXiHy%252BFL02%252BdDf%252Fli%252FujaRn%252BSqm3dceZBBSho8B1Qcue8UeF6Vzzi%250Aw6Sp2XaQSjCqaau69n06Gpc%252Frn8fV46%252BAQ%253D%253D%250A
p3p: CP="HONK"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
x-okta-request-id: Y3VhB0Z5vFzhX-mx1MFKPwAADFQ
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 invisible.js
mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame B2E4 34 KB
14 KB 55ms
54ms Script
application/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668628800
Requested by: Host: support.malwarebytes.com
URL: https://support.malwarebytes.com/hc/en-us/articles/360038524714
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwHefLhVrpiPkdo0VzEM0VRyy3u%2FxQzwaY1pTLV5SdAjMX34oOswamaalD3DZtKK7MCBvT%2B3ZZDe%2BXtdXNW22OPhBv0muYbcFBZDuX7UBTYahvFRZpNIE1Bs1HKzIP1GkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b39609fb5468f5-FRA

GET
H2 200 pica.js
mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame B2E4 17 KB
8 KB 78ms
78ms Other
application/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:15:34 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FydNheTlTxfGa4oOUIAw452Um%2BE4ZCbqnHcEV4QqPQy9wXHSXTOaW9NoMqAzj90AeNYggccb%2Bn3RQ2d8h07LX58jDH911suun4fmFqZNEx9NBirwb%2FC7x1NNzdFXNh5tyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76b3960a6c1568f5-FRA

POST
H2 200 76b396079f7768f5
mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B2E4 2 B
568 B 100ms
100ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/cv/result/76b396079f7768f5
Requested by: Host: mwb.zendesk.com
URL: https://mwb.zendesk.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1668628800
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Nov 2022 22:15:35 GMT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76b3960c789268f5-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzykriDNr0y8%2ByXEbP4drkALVbI4PB05EO6kRbjp1%2Fwz%2FzVLldR12CaYHFZKO94MiHm5n36bBefkJFx9nXUujVkgh5eqcbwld6ehZkxC6cq0mQAjFnFjteQncxd7VvEZOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 okta-sign-in.min.js Show response
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/js/ 2 MB
502 KB 223ms
76ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/js/okta-sign-in.min.js

Requested by

Host: malwarebytes.okta.com
URL: https://malwarebytes.okta.com/login/login.htm?fromURI=%2Fapp%2Fzendesk%2Fexk1b5q4h2vhiEJ1N1d8%2Fsso%2Fsaml%3FRelayState%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947%26brand_id%3D360003472574%26SAMLRequest%3DfZFRT8IwFIXf%252BRVN37utHQ7TbCMLxIQEjQH1wbfSXcLi2mJvB%252Bqvd0xJ8AFf%250A7z1fzrnn5tMP05IDeGycLSiPEjotRzkq0%252B5l1YWdXcF7BxhIr7Moh0VBO2%252Bl%250AU9igtMoAyqDlurpfShElcu9dcNq19AL5n1CI4EMfgJLFvKAnwDNIlci00Cyd%250AbGs2ThNgGy0Uy7TKJjpNbjPgvR6xg4XFoGwoqEiEYJwznj0JIfmNTMevlLyc%250Ar%252Bu9KKnOZjNnsTPg1%252BAPjYbn1bKguxD2KOPYHDfRF9ga8C3SzsRKa0CMT8lo%250AObQjB2dfXiHy%252BFL02%252BdDf%252Fli%252FujaRn%252BSqm3dceZBBSho8B1Qcue8UeF6Vzzi%250Aw6Sp2XaQSjCqaau69n06Gpc%252Frn8fV46%252BAQ%253D%253D%250A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dad30d72debef61e380426788b75eed3a33827b00aa655d0a5bf8fd5680c96f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 07:46:26 GMT
x-amz-meta-sha1sum: 7b17c2bc8f202e0d134cc06c3abbfdb743ed8397
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 829749
x-cache: Hit from cloudfront
last-modified: Thu, 03 Nov 2022 21:54:50 GMT
server: nginx
etag: W/"5e418da15898a699c78defee758c9fdb"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: V299BSWUB_9pCEZN2nQpGP72AAKDW_-W7CgCKY6eWPYvEffXW0D3oQ==
expires: Tue, 07 Nov 2023 07:46:26 GMT

GET
H2 200 okta-sign-in.min.css
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/ 220 KB
38 KB 191ms
44ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f60db0f0eadecace069d5ebc569098740ec1f73a0561b3f4098bb58ef12b5a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 07:46:26 GMT
x-amz-meta-sha1sum: e357ba7918471a8258c0f0b3f62793c1fea5179a
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 829749
x-cache: Hit from cloudfront
last-modified: Thu, 03 Nov 2022 21:53:38 GMT
server: nginx
etag: W/"6737d2c843b42c7a11d7c3e2282946c3"
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: B0ZHrazeqshY9iPIsEpLXQic0KkoX5e-Xt0ppwYMER43BVQshZs_Dg==
expires: Tue, 07 Nov 2023 07:46:26 GMT

GET
H2 200 loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css
ok3static.oktacdn.com/assets/loginpage/css/ 3 KB
2 KB 185ms
39ms Stylesheet
text/css 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/loginpage/css/loginpage-theme.6ca7f7a516a56275837982a82a0a7533.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1aa626c4e9a25e01.awsglobalaccelerator.com

Software

nginx /

Resource Hash

275808002d37771e00fc126cd4c7ffd593c773c4cf7aebf81a2192292917455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:20:58 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 827677
x-cache: Hit from cloudfront
last-modified: Tue, 22 Mar 2022 20:44:59 GMT
server: nginx
etag: W/"6ca7f7a516a56275837982a82a0a7533"
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: 6QYrwJDOHWMh1En4zsXMRGeL0dm4xEw7tbmi9WQ_S4vIuwmApO3woQ==
expires: Tue, 07 Nov 2023 08:20:58 GMT

GET
H2 200 style-sheet
malwarebytes.okta.com/api/internal/brand/theme/ 556 B
3 KB 150ms
150ms Stylesheet
text/css 13.248.168.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://malwarebytes.okta.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=28d025743b8fc0765a7cfe4c08fdf2a9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.168.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' malwarebytes.okta.com .oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: .oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/login/login.htm?fromURI=%2Fapp%2Fzendesk%2Fexk1b5q4h2vhiEJ1N1d8%2Fsso%2Fsaml%3FRelayState%3Dhttps%253A%252F%252Fservice.malwarebytes.com%252Fhc%252Fen-us%252Farticles%252F4413817228947%26brand_id%3D360003472574%26SAMLRequest%3DfZFRT8IwFIXf%252BRVN37utHQ7TbCMLxIQEjQH1wbfSXcLi2mJvB%252Bqvd0xJ8AFf%250A7z1fzrnn5tMP05IDeGycLSiPEjotRzkq0%252B5l1YWdXcF7BxhIr7Moh0VBO2%252Bl%250AU9igtMoAyqDlurpfShElcu9dcNq19AL5n1CI4EMfgJLFvKAnwDNIlci00Cyd%250AbGs2ThNgGy0Uy7TKJjpNbjPgvR6xg4XFoGwoqEiEYJwznj0JIfmNTMevlLyc%250Ar%252Bu9KKnOZjNnsTPg1%252BAPjYbn1bKguxD2KOPYHDfRF9ga8C3SzsRKa0CMT8lo%250AObQjB2dfXiHy%252BFL02%252BdDf%252Fli%252FujaRn%252BSqm3dceZBBSho8B1Qcue8UeF6Vzzi%250Aw6Sp2XaQSjCqaau69n06Gpc%252Frn8fV46%252BAQ%253D%253D%250A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-okta-request-id: Y3VhB1Am5JZb8aSvgngQUgAAAtc
date: Wed, 16 Nov 2022 22:15:35 GMT
content-security-policy: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit: 2400
x-content-type-options: nosniff
content-encoding: gzip
x-rate-limit-remaining: 2399
strict-transport-security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' malwarebytes.okta.com *.oktacdn.com; connect-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com malwarebytes.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' malwarebytes.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' malwarebytes.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' malwarebytes.okta.com malwarebytes-admin.okta.com login.okta.com api-82537573.duosecurity.com; img-src 'self' malwarebytes.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' malwarebytes.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p: CP="HONK"
x-xss-protection: 0
server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-rate-limit-reset: 1668636995
cache-control: max-age=31536000, must-revalidate
expires: Thu, 16 Nov 2023 22:15:35 GMT

GET
H2 200 fs01b5qix89xiPF0n1d8
ok3static.oktacdn.com/fs/bco/4/ 3 KB
3 KB 122ms
121ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok3static.oktacdn.com/fs/bco/4/fs01b5qix89xiPF0n1d8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

210328a5cb4fcb711e1b253e171c1f06055e9730090f92a340bc9759484c11b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 17:42:03 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1139612
x-cache: Hit from cloudfront
content-length: 2672
last-modified: Tue, 09 Jul 2019 02:17:05 GMT
server: nginx
etag: "0f3b4d477784e76e1ca1dcae9b09a18f"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: 9z7yrU7C4ikXG4RplnuQplZrLlKr_bJxreHVNL1N2DM_OTW4y7qSzA==
expires: Fri, 03 Nov 2023 17:42:03 GMT

GET
H2 200 initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js Show response
ok3static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
77 KB 119ms
40ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aceefc59efc53b72a00a04b44d641f2af026de4de7743f648b08611b5a4e6770

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://malwarebytes.okta.com/
Origin: https://malwarebytes.okta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 01:50:28 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1196708
x-cache: Hit from cloudfront
last-modified: Tue, 18 Oct 2022 20:39:23 GMT
server: nginx
etag: W/"2bdb59c1d8e3f47bf6fd77317d3b5214"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: vaTLoJ83555H-ac1b_xIMsbW42kCqGvuc-_ztsJJoIbl7ZsD6K8bbg==
expires: Fri, 03 Nov 2023 01:50:28 GMT

GET
H2 200 fs01ifhye7fNEmhai1d8
ok3static.oktacdn.com/fs/bco/7/ 520 KB
522 KB 45ms
45ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok3static.oktacdn.com/fs/bco/7/fs01ifhye7fNEmhai1d8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

07b28c1b3f4465ce801f89047a73edf2bc9c8baf885e90c6cfa84b11bfd3edde

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:53:40 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1441315
x-cache: Hit from cloudfront
content-length: 532884
last-modified: Thu, 04 Feb 2021 16:52:58 GMT
server: nginx
etag: "f1f6aeef2465f3ed50c53a6ad9a2f6bc"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: -B_Ila3IoXVZeTaWGvoDYN_ZD19NFI6SIpih1h5oFI_AmapLPtGGuw==
expires: Tue, 31 Oct 2023 05:53:40 GMT

GET
H/1.1 200
OK iframe.html Show response
login.okta.com/discovery/ Frame A7CF 546 B
985 B 156ms
38ms Document
text/html 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.okta.com/discovery/iframe.html
Requested by: Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.2bdb59c1d8e3f47bf6fd77317d3b5214.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64b87d7f20fd8415961b110eea44d95759b9dd8573f5c1a08bd8cd321d3193d2

Request headers

Referer: https://malwarebytes.okta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 12107
Connection: keep-alive
Content-Length: 546
Content-Type: text/html
Date: Wed, 16 Nov 2022 18:53:50 GMT
ETag: "d31972220c176b431cfc97fb589e3faa"
Last-Modified: Wed, 02 Nov 2022 17:14:32 GMT
Server: AmazonS3
Via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: HOih8w3k_JdnqyYsRTiibbR8xYZ3Y71XqdXoVzSB60wS9qr6FF4bOg==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront

GET
H2 200 login_de.json Show response
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/labels/json/ 97 KB
98 KB 46ms
45ms XHR
application/json 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/labels/json/login_de.json

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

abd1cdb2b9576f140c160d6b4a6349271029a8f0ad0d97b147562b7d8a7a0c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept: application/json
Referer: https://malwarebytes.okta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 03 Nov 2022 22:45:33 GMT
x-amz-meta-sha1sum: 774b8112846cae34272872866814964c06d5804f
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1121403
x-cache: Hit from cloudfront
content-length: 99823
last-modified: Thu, 03 Nov 2022 21:54:54 GMT
server: nginx
etag: "08c41cdb4050887c7c0ff8821593cec0"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: xff2yJ1HgY0-WZVZgLVjxhFBTDn9KwEjAwOWn4_p-n_4G9Aa322ogA==
expires: Fri, 03 Nov 2023 22:45:33 GMT

GET
H2 200 country_de.json Show response
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/labels/json/ 5 KB
5 KB 41ms
41ms XHR
application/json 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/labels/json/country_de.json

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept: application/json
Referer: https://malwarebytes.okta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 10 Nov 2022 07:45:53 GMT
x-amz-meta-sha1sum: 251dd1ccca4c80570aee52db71eed703ac579ad8
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 570583
x-cache: Hit from cloudfront
content-length: 4805
last-modified: Thu, 03 Nov 2022 21:54:52 GMT
server: nginx
etag: "51bec6463b4f7c5a26ede1fd8ee067f8"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: mTxh4TNEdv7qwxsiFmVQr6d-5uk0v1WD_OT9v3aXMJIn9-_kscCESQ==
expires: Fri, 10 Nov 2023 07:45:53 GMT

GET
H2 200 fs01g76pdr9onseK61d8
ok3static.oktacdn.com/fs/bco/1/ 709 B
1 KB 40ms
40ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok3static.oktacdn.com/fs/bco/1/fs01g76pdr9onseK61d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e07d0489a9b9118faee88202ba54f1e267c5d59d21ac31b455121afdabcb0bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malwarebytes.okta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 06:55:33 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 746403
x-cache: Hit from cloudfront
content-length: 709
last-modified: Wed, 27 Nov 2019 00:18:32 GMT
server: nginx
etag: "20b91eebf62ea14034ca6884c29ab9c3"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: 8f7L7Kq6cjsJNdVO_61v8hjFvrDV1hphBL-5dLx9N8q173kLvvn6pw==
expires: Wed, 08 Nov 2023 06:55:33 GMT

GET
H2 200 default.png
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/img/security/ 2 KB
3 KB 38ms
38ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/img/security/default.png

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:43:06 GMT
x-amz-meta-sha1sum: 8db73b75bc7547a90aebd1377852ea3bf7cbc5ea
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1121550
x-cache: Hit from cloudfront
content-length: 1800
last-modified: Thu, 03 Nov 2022 21:53:49 GMT
server: nginx
etag: "04eeeba5b3538c4524d8e6828ba2c405"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: 85fMeFRwmepo7LNr1i3Ayu5xUOeUpPR6X9Su7aQe_aeFQALXFjOx6w==
expires: Fri, 03 Nov 2023 22:43:06 GMT

GET
H2 200 checkbox-sign-in-widget.png
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/img/ui/forms/ 3 KB
4 KB 38ms
38ms Image
image/png 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/img/ui/forms/checkbox-sign-in-widget.png

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:21:40 GMT
x-amz-meta-sha1sum: e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 1122836
x-cache: Hit from cloudfront
content-length: 3141
last-modified: Thu, 03 Nov 2022 21:53:40 GMT
server: nginx
etag: "7846b2f8c6d0a7ca69fdd3d3c294e92d"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: lkDCjs3rJiKku3_hk00TvK_8UMqZ5x7sed2V3rcmVipE_0xZ7SBcNA==
expires: Fri, 03 Nov 2023 22:21:40 GMT

GET
H2 200 montserrat-light-webfont.woff
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/font/ 22 KB
22 KB 41ms
41ms Font
application/font-woff 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/font/montserrat-light-webfont.woff

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css
Origin: https://malwarebytes.okta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 03:30:31 GMT
x-amz-meta-sha1sum: 3449db1ccdfe0aeaf89101cc28ecafaecae9fc89
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 585905
x-cache: Hit from cloudfront
content-length: 22112
last-modified: Thu, 03 Nov 2022 21:53:39 GMT
server: nginx
etag: "6225f3ca44b83090833064727a09cc95"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: v7Y2Q2qsTtCw3NJbgVCSYlPXqaCZX6zXNS3yaDLtLTYyT-x-C7rItg==
expires: Fri, 10 Nov 2023 03:30:31 GMT

GET
H2 200 montserrat-regular-webfont.woff
ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/font/ 21 KB
22 KB 44ms
44ms Font
application/font-woff 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/font/montserrat-regular-webfont.woff

Requested by

Host: ok3static.oktacdn.com
URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.8.3/css/okta-sign-in.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS