www.malwarebytes.com Open in urlscan Pro
2600:9000:2190:9c00:16:26c7:ff80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sl.malwarebytes.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XIZLTFZRW63J7ONRHEYZ5G...
Effective URL:
https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Submission: On July 15 via manual (July 15th 2021, 11:20:55 am UTC) from SG

Summary HTTP 256 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 59 IPs in 8 countries across 47 domains to perform 256 HTTP transactions. The main IP is 2600:9000:2190:9c00:16:26c7:ff80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by Amazon on May 26th 2021. Valid for: a year.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.211.199.67 3.211.199.67	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.23.16.18 52.23.16.18	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.224.96.62 13.224.96.62	16509 (AMAZON-02) (AMAZON-02)
71	2600:9000:219... 2600:9000:2190:9c00:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.10.11 52.48.10.11	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
1	143.204.95.99 143.204.95.99	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:21a... 2600:1f18:21ae:6700:f931:acf0:5bbb:8761	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.96.26 13.224.96.26	16509 (AMAZON-02) (AMAZON-02)
1	50.16.216.118 50.16.216.118	14618 (AMAZON-AES) (AMAZON-AES)
64	13.224.96.5 13.224.96.5	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3 6	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	13.224.96.3 13.224.96.3	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.211.195.119 52.211.195.119	16509 (AMAZON-02) (AMAZON-02)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2a04:4e42:54::84 2a04:4e42:54::84	54113 (FASTLY) (FASTLY)
1	13.224.100.124 13.224.100.124	16509 (AMAZON-02) (AMAZON-02)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.215.205.165 18.215.205.165	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.224.96.57 13.224.96.57	16509 (AMAZON-02) (AMAZON-02)
2 2	34.252.144.15 34.252.144.15	16509 (AMAZON-02) (AMAZON-02)
1 2	13.224.96.51 13.224.96.51	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	151.101.132.84 151.101.132.84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	52.213.189.245 52.213.189.245	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
17	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.96.31 13.224.96.31	16509 (AMAZON-02) (AMAZON-02)
2	52.207.163.92 52.207.163.92	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
256	59

1 3.211.199.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-199-67.compute-1.amazonaws.com

sl.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.16.18 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-16-18.compute-1.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-62.zrh50.r.cloudfront.net

malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2600:9000:2190:9c00:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.10.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-10-11.eu-west-1.compute.amazonaws.com

api.intellimize.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-99.fra50.r.cloudfront.net

searchg2-assets.crownpeak.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:21ae:6700:f931:acf0:5bbb:8761 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-26.zrh50.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.216.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-216-118.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.224.96.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-5.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

8019375.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9812475.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10919923.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-3.zrh50.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

udgrbq.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:54::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.perk0mean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.205.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-205-165.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (San Jose, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-57.zrh50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.144.15 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-15.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-51.zrh50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.132.84 (Madrid, Spain)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.189.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-31.zrh50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.163.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-163-92.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	malwarebytes.com 2 redirects sl.malwarebytes.com malwarebytes.com www.malwarebytes.com genesis.malwarebytes.com udgrbq.malwarebytes.com	665 KB
64	driftt.com js.driftt.com	825 KB
19	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	6 KB
12	doubleclick.net 4 redirects 8019375.fls.doubleclick.net 9812475.fls.doubleclick.net stats.g.doubleclick.net 10919923.fls.doubleclick.net googleads.g.doubleclick.net	6 KB
9	google.com 1 redirects www.google.com adservice.google.com	2 KB
8	google.de www.google.de adservice.google.de	1 KB
6	google-analytics.com www.google-analytics.com	20 KB
6	bing.com bat.bing.com	9 KB
4	crazyegg.com script.crazyegg.com	25 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	googletagmanager.com www.googletagmanager.com	193 KB
4	unpkg.com 1 redirects unpkg.com	7 KB
3	pinterest.com ct.pinterest.com	978 B
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	facebook.com www.facebook.com	413 B
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com gum.criteo.com	2 KB
3	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
3	facebook.net connect.facebook.net	104 KB
2	avct.cloud 1 redirects ads.avct.cloud	734 B
2	marketo.net munchkin.marketo.net	6 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	googleadservices.com www.googleadservices.com	15 KB
2	pinimg.com s.pinimg.com	18 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	ml314.com ml314.com	13 KB
2	yimg.com s.yimg.com	7 KB
2	licdn.com snap.licdn.com	5 KB
2	demandbase.com api.demandbase.com scripts.demandbase.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	18 KB
2	cookielaw.org cdn.cookielaw.org	26 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	imgix.net driftt.imgix.net	14 KB
1	driftcdn.com embeds.driftcdn.com	7 KB
1	googleapis.com fonts.googleapis.com	643 B
1	t.co t.co	455 B
1	twitter.com analytics.twitter.com	658 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	avocet.io 1 redirects ads.avocet.io	140 B
1	rlcdn.com id.rlcdn.com	66 B
1	quora.com q.quora.com	423 B
1	perk0mean.com secure.perk0mean.com	255 B
1	ipify.org api.ipify.org	252 B
1	onetrust.com geolocation.onetrust.com	108 B
1	crownpeak.net searchg2-assets.crownpeak.net	11 KB
1	intellimize.co api.intellimize.co	158 KB
1	jquery.com code.jquery.com	30 KB
1	salesloft.com 1 redirects app.salesloft.com	577 B
256	47

	Domain	Requested by
71	www.malwarebytes.com	www.malwarebytes.com code.jquery.com www.googletagmanager.com
64	js.driftt.com	www.malwarebytes.com js.driftt.com
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	www.google.de	www.malwarebytes.com
6	www.google.com	1 redirects www.malwarebytes.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.malwarebytes.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com www.malwarebytes.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
4	unpkg.com	1 redirects www.malwarebytes.com www.googletagmanager.com
3	bootstrap.api.drift.com	js.driftt.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	adservice.google.com	9812475.fls.doubleclick.net 8019375.fls.doubleclick.net 10919923.fls.doubleclick.net
3	ct.pinterest.com	s.pinimg.com www.malwarebytes.com
3	www.facebook.com	www.malwarebytes.com connect.facebook.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	insight.adsrvr.org	js.adsrvr.org
2	ads.avct.cloud	1 redirects
2	munchkin.marketo.net	www.malwarebytes.com munchkin.marketo.net
2	adservice.google.de	adservice.google.com
2	segments.company-target.com	1 redirects www.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	10919923.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	9812475.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ml314.com	www.malwarebytes.com ml314.com
2	s.yimg.com	www.malwarebytes.com s.yimg.com
2	8019375.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	cdn.jsdelivr.net	www.malwarebytes.com
2	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
1	fonts.gstatic.com	fonts.googleapis.com
1	driftt.imgix.net	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	fonts.googleapis.com	js.driftt.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	static.ads-twitter.com	www.malwarebytes.com
1	ads.avocet.io	1 redirects
1	id.rlcdn.com	www.malwarebytes.com
1	api.company-target.com	scripts.demandbase.com
1	apt.techtarget.com	www.malwarebytes.com
1	gum.criteo.com	udgrbq.malwarebytes.com
1	widget.us.criteo.com	www.malwarebytes.com
1	sslwidget.criteo.com	1 redirects
1	px4.ads.linkedin.com	www.malwarebytes.com
1	www.linkedin.com	1 redirects
1	q.quora.com	www.malwarebytes.com
1	secure.perk0mean.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	trk.techtarget.com	www.malwarebytes.com
1	udgrbq.malwarebytes.com	www.googletagmanager.com
1	scripts.demandbase.com	www.malwarebytes.com
1	api.ipify.org	code.jquery.com
1	api.demandbase.com	code.jquery.com
1	genesis.malwarebytes.com	www.malwarebytes.com
1	geolocation.onetrust.com	code.jquery.com
1	searchg2-assets.crownpeak.net	www.malwarebytes.com
1	api.intellimize.co	www.malwarebytes.com
1	code.jquery.com	www.malwarebytes.com
1	malwarebytes.com	1 redirects
1	app.salesloft.com	1 redirects
1	sl.malwarebytes.com	1 redirects
256	69

This site contains links to these domains. Also see Links.

Domain
onetrust.com
blog.malwarebytes.com
press.malwarebytes.com
www.rsaconference.com
support.malwarebytes.com
forums.malwarebytes.com
www.youtube.com
jobs.malwarebytes.com
my.malwarebytes.com
cloud.malwarebytes.com
partners.malwarebytes.com
go.malwarebytes.com
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
de.malwarebytes.com
es.malwarebytes.com
fr.malwarebytes.com
it.malwarebytes.com
pt.malwarebytes.com
br.malwarebytes.com
nl.malwarebytes.com
pl.malwarebytes.com
ru.malwarebytes.com

Subject Issuer	Validity	Valid
www.malwarebytes.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
api.intellimize.co Amazon	`2021-01-23` - `2022-02-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.crownpeak.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-05-06`	2 years	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.malwarebytes.com DigiCert SHA2 High Assurance Server CA	`2020-04-10` - `2022-05-23`	2 years	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
udgrbq.malwarebytes.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-26` - `2021-09-23`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-19`	a year	crt.sh
*.quora.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-08` - `2021-09-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.avct.cloud R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Frame ID: 7EDB1E4B2417D402B51B1FF7D9AD0A38
Requests: 160 HTTP requests in this frame

Frame: https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: F9BA10E5339D5EC58AD0FF8C298846BE
Requests: 2 HTTP requests in this frame

Frame: https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: 3EA540C3B339569C24AE29B6F71E0B73
Requests: 1 HTTP requests in this frame

Frame: https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: C8484FEB35E0054A12EB935010220C24
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.malwarebytes.com&origin=onetag
Frame ID: B99D3DB3A00215FA96D85C99001ECD7C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: 59A69CA8F739ABF25A427674CE7FEE71
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: E7A57016508F41E8D0D1C0DE546A76BD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: C4181D46A29A65E89F6B40BB13A7CB6A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
Frame ID: 5E2F917C6C11D09E04AECBE363D84129
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
Frame ID: 629855DED6C51BAD12EC2C9124ACA196
Requests: 42 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
Frame ID: E7EAD564752CD3F96B10D0E4D160CE86
Requests: 35 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&upid=r8yigtp&upv=1.1.0
Frame ID: 6335D0C227251DA02A7E5123D67A5A09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sl.malwarebytes.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XI... HTTP 302
https://app.salesloft.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XI... HTTP 302
https://malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D HTTP 301
https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

256
Requests

100 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

59
IPs

8
Countries

2236 kB
Transfer

6282 kB
Size

4
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Malwarebytes Labs

Search URL Search Domain Scan URL

URL: https://press.malwarebytes.com/
Title: Press & News

Search URL Search Domain Scan URL

URL: https://www.rsaconference.com/usa
Title: Featured Event:

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://forums.malwarebytes.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7JQhkZpiyvGPufW2RPBoQ
Title: Training for Personal Products

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/articles/360046199873-Activate-Malwarebytes-Privacy-on-Windows-device
Title: See Content

Search URL Search Domain Scan URL

URL: https://jobs.malwarebytes.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login
Title: My Account

Search URL Search Domain Scan URL

URL: https://cloud.malwarebytes.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://partners.malwarebytes.com/English
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://go.malwarebytes.com/Coalition-Malwarebytes-Partnership.html
Title: Reduce your business risk from malware with best-in-class cyber insurance from Coalition

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.malwarebytes.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.malwarebytes.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://it.malwarebytes.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt.malwarebytes.com/
Title: Português (Portugal)

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://nl.malwarebytes.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.malwarebytes.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://ru.malwarebytes.com/
Title: Pусский

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sl.malwarebytes.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XIZLTFZRW63J7ONRHEYZ5GF4GUUZRKJBWWUKGOVRXEUTMJVYC2NLTJZUUCJJTIQSTGRBFGI2DITCVOIZG4X2OKBHC2Z2EN5VWSODOLF3UQ5ZFGNCCKM2E/malwarebytes-com HTTP 302
https://app.salesloft.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XIZLTFZRW63J7ONRHEYZ5GF4GUUZRKJBWWUKGOVRXEUTMJVYC2NLTJZUUCJJTIQSTGRBFGI2DITCVOIZG4X2OKBHC2Z2EN5VWSODOLF3UQ5ZFGNCCKM2E/malwarebytes-com HTTP 302
https://malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D HTTP 301
https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://unpkg.com/aos@2.3.1/dist/aos.css?v=20347400 HTTP 302
https://unpkg.com/aos@2.3.1/dist/aos.css

Request Chain 86

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D HTTP 302
https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Request Chain 95

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D HTTP 302
https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Request Chain 102

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1626348029021%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252F%253Fsbrc%253D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync=true&e_ipv6=AQIHhnIwIWv25AAAAXqp5YauUZ0GVOlH2ZezKx85TIAERMOgoSt3pXlF2XaiL53OjfUdcmne

Request Chain 115

https://sslwidget.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203 HTTP 302
https://widget.us.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203

Request Chain 116

https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D HTTP 302
https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Request Chain 126

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ&verifyHash=284e4536f1867fd84cde8ef7c9f8ebd5f585ba89

Request Chain 144

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ABrwYIrROfuKjuwP8sWzyA4&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ABrwYIrROfuKjuwP8sWzyA4&cid=CAQSKQCNIrLMli4HRJmYHn3aFxL3IsGsTYbdWadE98wU-scWihMsOiGhXEG8&random=1109704443&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ABrwYIrROfuKjuwP8sWzyA4&cid=CAQSKQCNIrLMli4HRJmYHn3aFxL3IsGsTYbdWadE98wU-scWihMsOiGhXEG8&random=1109704443&resp=GooglemKTybQhCsO&ipr=y

Request Chain 151

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j HTTP 301
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j HTTP 307
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

256 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.malwarebytes.com/
Redirect Chain

https://sl.malwarebytes.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XIZLTFZRW63J7ONRHEYZ5GF4GUUZRKJBWWUKGOVRXEUTMJVYC2NLTJZUUCJJTIQSTGRBFGI2DITCVOIZG4X2OKBHC2Z2EN5...
https://app.salesloft.com/t/10924/c/a2cd009e-91a1-4338-b349-38dcce426e3e/NB2HI4DTHIXS63LBNR3WC4TFMJ4XIZLTFZRW63J7ONRHEYZ5GF4GUUZRKJBWWUKGOVRXEUTMJVYC2NLTJZUUCJJTIQSTGRBFGI2DITCVOIZG4X2OKBHC2Z2EN5VW...
https://malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

104 KB
21 KB

1085ms
1044ms

Document
text/html

2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e6baf441aff788ec7c1ca9f6870955942a9e8928ed333d6cff1a169a9fefdba

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
content-length: 20542
date: Thu, 15 Jul 2021 11:20:26 GMT
server: Microsoft-IIS/10.0
set-cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; path=/; domain=.malwarebytes.com; expires=Fri, 15-Jul-2022 11:20:26 GMT SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; path=/; domain=.malwarebytes.com SSRT=-hnwYAABAA; path=/; domain=.malwarebytes.com; expires=Fri, 15-Jul-2022 11:20:26 GMT
rtss: 2-9-98
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
pragma: no-cache
expires: Sat, 16 Jan 2021 02:11:50 GMT
vary: Accept-Encoding
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yxqMlt2OtYQm3G9Uy4i0s4WlRs0qRUhwxz8682Zjxkf0GqxcyR4HGA==

Redirect headers

content-length: 0
location: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
server: CloudFront
date: Thu, 15 Jul 2021 11:16:16 GMT
cache-control: max-age=86400
x-cache: Hit from cloudfront
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: w1-mwyh46ot742L6OzvtXhLJxzBMP2ytwOCPpCiFgW3txpF8mGUwJw==
age: 250

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 29ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1626348028.dop241.fr8.t,1626348028.cds290.fr8.hc,1626348028.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
cdn.cookielaw.org/consent/ 140 KB
20 KB 22ms
13ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NyuiOqvVdJMyWTtUb2ZlDA==
age: 2292
vary: Accept-Encoding
content-length: 20591
x-ms-lease-status: unlocked
last-modified: Wed, 19 Aug 2020 23:29:25 GMT
server: cloudflare
etag: 0x8D84497B6030FBF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b255664e-601e-0020-7cb7-35b42a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66f29a072e3fdff3-FRA

GET
H2 200 117469143.js Show response
api.intellimize.co/client/ 560 KB
158 KB 162ms
68ms Script
application/javascript 52.48.10.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intellimize.co/client/117469143.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.10.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-10-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43b28eb1d30cc86a4efdf7c064093df4ac0585a62fd3aaf7cbf363d228bedbb5

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-encoding: gzip
vary: Accept-Encoding, User-Agent
expires: 0

GET
H2 200 slick.min.css
www.malwarebytes.com/css/ 8 KB
2 KB 26ms
19ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/slick.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d5dbdf92525679908490a5d29c6fc62f8129163b935a882b29bb7fb2b14558c8

Request headers

:path: /css/slick.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:29 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 22:36:41 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"51e72c44ed50d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: CTGsqx7nel7UhXZiQKnFSws65T34i1byAbAVLQ9oVSAfNbeh65NW9Q==

GET
H2 200 slick-theme.min.css
www.malwarebytes.com/css/ 0
338 B 27ms
20ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/slick-theme.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /css/slick-theme.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 16:48:23 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "dfe96ef2974dd71:0"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 0
x-amz-cf-id: _FD0TnmKr9SBr16I8EWCE16GgAqEvOYha7kAGNc94lHmBXcNGE5PrQ==

GET
H2 200 bootstrap_mwb.min.css
www.malwarebytes.com/css/ 87 KB
15 KB 34ms
27ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/bootstrap_mwb.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad

Request headers

:path: /css/bootstrap_mwb.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:29 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 19:59:35 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"677c94d5d45d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: rEftmosspzUSyiY3W0HzNnF0ER_XkVza-0rYosgUM3XMHPQwoGecTw==

GET
H2 200 bootstrap_overrides.min.css
www.malwarebytes.com/css/ 21 KB
4 KB 34ms
27ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/bootstrap_overrides.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e96cc20278c5b50b9eb86346ea58433166ca20ae6ef64a54b81b3b0061ef8265

Request headers

:path: /css/bootstrap_overrides.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 19:12:26 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"b299e4405040d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TfwNa9bYSYwb4PLnSsIZy_wYTlvE9_C3yzQ59hnkjBWF2jrGKbr3UQ==

GET
H2 200 font-awesome.min.css
www.malwarebytes.com/css/ 1 KB
892 B 55ms
48ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/font-awesome.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f81c584815fbcc770f3bfce88703dbafa775b5acd11288d47cdf6c9c8d204581

Request headers

:path: /css/font-awesome.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"d4a3647f9842d71:0"
last-modified: Thu, 06 May 2021 16:54:37 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: kZAU_0MBkli4gI4bqc0dQ1F0fPjNbvTI0OnDiZBJSFOZ-f9B6A1Mew==

GET
H2 200 fonts.min.css
www.malwarebytes.com/css/ 7 KB
947 B 39ms
32ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840

Request headers

:path: /css/fonts.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"1c46f8bc1841d71:0"
last-modified: Tue, 04 May 2021 19:07:33 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: 08mGnMAXWUlD4DvU5JSUt-vb2ODWInxrt_2hUU8XYn44mSbeFFcG1A==

GET
H2 200 styles.min.css
www.malwarebytes.com/css/ 78 KB
14 KB 34ms
28ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29d1ae4c6dfd72706229ed259d6bf0164d2cf413858361d03705ee962d787d02

Request headers

:path: /css/styles.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"5c7ca5d86377d71:0"
last-modified: Mon, 12 Jul 2021 21:21:15 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: YxOOzLfrd2CPPZFqbkm84UbPCzNpJoFpMwrCgCGSnMrxvMCrCEOpxg==

GET
H2 200 styles_overrides.min.css
www.malwarebytes.com/css/ 42 KB
8 KB 34ms
28ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af7da680ecf923bfa4611dc740b03d9f5d269a29b73f14ebb5378e9cef9c31e9

Request headers

:path: /css/styles_overrides.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"c580bb726377d71:0"
last-modified: Mon, 12 Jul 2021 21:18:24 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: DJbQHLoRs2qg_Pc2a3ZKVM0mnNgbWdqLkqO5kWRbhJR20Z8bojTTbw==

GET
H2 200 styles_components.min.css
www.malwarebytes.com/css/ 38 KB
6 KB 34ms
28ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/styles_components.min.css?v=20347400
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a890fddd708f9793f8c43fbff62ef61a4f1ec0eae90205fd124bb7e834612f1d

Request headers

:path: /css/styles_components.min.css?v=20347400
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Mon, 31 May 2021 20:25:59 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"3057f82a5b56d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 1iIvB3uOf4zJh8wu4eC3Td3ftLdkYHQEfY6pdjU1rl3wff9gp_jxtQ==

GET
H2

200

aos.css
unpkg.com/aos@2.3.1/dist/
Redirect Chain

https://unpkg.com/aos@2.3.1/dist/aos.css?v=20347400
https://unpkg.com/aos@2.3.1/dist/aos.css

25 KB
2 KB

21ms
21ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9901163
vary: Accept-Encoding
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c2326a2b2d8a48ae91381ae086e3bd72
cache-control: public, max-age=31536000
cf-ray: 66f29a076ec84dbe-FRA

Redirect headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FAMXNDG1QPAB3FC5CYP8BE7Q
server: cloudflare
age: 701
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /aos@2.3.1/dist/aos.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66f29a072e3a4dbe-FRA
access-control-allow-origin: *

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
10 KB 11ms
5ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3066341
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 10429
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
x-served-by: cache-fra19145-FRA, cache-hhn4046-HHN
date: Thu, 15 Jul 2021 11:20:28 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK crownpeak.searchg2-1.0.3.min.js Show response
searchg2-assets.crownpeak.net/ 11 KB
11 KB 90ms
26ms Script
application/javascript 143.204.95.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://searchg2-assets.crownpeak.net/crownpeak.searchg2-1.0.3.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b62dde7da247db61e0451ec75faf5f6431caf0223e583758bba707f81578b719

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 12:51:42 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Last-Modified: Wed, 07 Mar 2018 19:07:17 GMT
Server: AmazonS3
Age: 81116
ETag: "ddf400d54334df0d7b628a7a5c9f1076"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 10956
X-Amz-Cf-Id: x5okdbM5w4cDDaHL_uu86Qs8iLIRJLlki9KiTyWSVfI80oSdXLFEhQ==

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 21 KB
7 KB 11ms
5ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3147028
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 7510
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by: cache-fra19155-FRA, cache-hhn4046-HHN
date: Thu, 15 Jul 2021 11:20:28 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
www.malwarebytes.com/js/ 36 KB
10 KB 41ms
36ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/bootstrap.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

:path: /js/bootstrap.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:29 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:17:44 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"287f52c04336d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Ia1vE6KleMuq8mhffT7NsNNcrfMelKvRyLvbIgkwMpPDu1rMhgRBig==

GET
H2 200 global_mwb.min.js Show response
www.malwarebytes.com/js/ 23 KB
8 KB 41ms
36ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e3847cd6afc8b85b384573ceafda45b26bb9ed6c3f61733cb4603917943d9b1

Request headers

:path: /js/global_mwb.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:29 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 21:05:56 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"662028e2a6dd71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dcWAS2wLZqa3Dh47mFjYy9G-JzcQx1ScizovS4hGUl1BZg1N8IS4JA==

GET
H2 200 core_ssdomvar_generic-adapter.min.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 32ms
27ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/core_ssdomvar_generic-adapter.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d

Request headers

:path: /js/core_ssdomvar_generic-adapter.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:16 GMT
content-encoding: gzip
last-modified: Sun, 09 May 2021 14:55:06 GMT
server: Microsoft-IIS/10.0
age: 251
x-powered-by: ASP.NET
etag: W/"19d67a4ce344d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: jasBPBjjSiYgG8WEkoqg88PSRDA2PtONZuw7mJs7GUJtyPFo10-3ig==

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 42ms
37ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/modernizr.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

:path: /js/modernizr.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:39 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:17:05 GMT
server: Microsoft-IIS/10.0
age: 108
x-powered-by: ASP.NET
etag: W/"ad741fa94336d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: sC03-dadJxF5zdM7j-7uY6sox_bYwThyAmeB3ZkZ1gSsvdjGtwrhMw==

GET
H2 200 respond.min.js Show response
www.malwarebytes.com/js/ie-fixes/ 4 KB
2 KB 61ms
56ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/ie-fixes/respond.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac

Request headers

:path: /js/ie-fixes/respond.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"5c042b34336d71:0"
last-modified: Wed, 21 Apr 2021 00:17:22 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: -Z_3bx9KN_uSfK0dU_h7y1hCC2Tt4J_Q4C6GuRu2HZ81y_Xfc7AvuA==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 21 KB
8 KB 43ms
39ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80ac8548037a7878edd91fd417514656e1541d36d1acd239daf94134081a26e8

Request headers

:path: /js/global.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 21:07:37 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"755f71a2f362d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: eFgyNCjHcrQEUaziIu-KF6RGYFs2XDgSoOJ4BAnP4Q4xWb8-1UTvxQ==

GET
H2 200 global-phone.min.js Show response
www.malwarebytes.com/js/ 437 B
804 B 31ms
25ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global-phone.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc

Request headers

:path: /js/global-phone.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:15:17 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "801b64ed394fd71:0"
last-modified: Sat, 22 May 2021 18:40:24 GMT
server: Microsoft-IIS/10.0
age: 310
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 437
x-amz-cf-id: XG1z0We3TIsVzKm_uw-o2wzzC4xhFg-dsuqfWXwSH3qrXg5O43zLTQ==

GET
H2 200 xs.min.js Show response
www.malwarebytes.com/js/ 5 KB
2 KB 43ms
39ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/xs.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee

Request headers

:path: /js/xs.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 00:55:56 GMT
server: Microsoft-IIS/10.0
age: 118
x-powered-by: ASP.NET
etag: W/"ce4163c3745d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dxEEqUGn56yTqnuAJ0Z2fr7xH9WVvSwyKeNj3hYJDRki3-2MZ3bBZQ==

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
4 KB 24ms
20ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9900781
vary: Accept-Encoding
last-modified: Thu, 17 May 2018 22:11:13 GMT
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a2f11065789abffdec9e74fcad17e6ee
cache-control: public, max-age=31536000
cf-ray: 66f29a072e3f4dbe-FRA

GET
H2 200 home-refresh.min.css
www.malwarebytes.com/css/pages/website-refresh/ 5 KB
2 KB 21ms
17ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/pages/website-refresh/home-refresh.min.css?v=180576054
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0635a1dc8d6926161ff709e0089ae55daac5dd3b266802390e59f7176661cc46

Request headers

:path: /css/pages/website-refresh/home-refresh.min.css?v=180576054
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:28 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 19:49:43 GMT
server: Microsoft-IIS/10.0
age: 480
x-powered-by: ASP.NET
etag: W/"fcc2abf21e4cd71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Yauto9_0i3M29VhDHejG2rM809InZ9bV3W8a9V-mQSk20ByWrloiOQ==

GET
H2 200 component-video.min.css
www.malwarebytes.com/components/videos/ 4 KB
1 KB 299ms
296ms Stylesheet
text/css 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/components/videos/component-video.min.css?v=194806080
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dd11966745fb3e90b5865f48bd2257a50493e57567ac910336cc3023ecba59b5

Request headers

:path: /components/videos/component-video.min.css?v=194806080
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 18:10:40 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: W/"46b2ccc2a358d71:0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: p_c2133KyRwZln6N-vwkMvpVkGrwbZ1JdMey39qbyxWbdnhNzsLRJw==

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 16 KB
6 KB 54ms
51ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d6889d59082471b1f783482e170d1c3c8eff2f6769a3617eacfe2c933c2ce5f7

Request headers

:path: /__ssobj/core.js+ssdomvar.js+generic-adapter.js
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: br
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
rtss: 2-9-159
content-length: 5846
sbss: 1
last-modified: Sun, 04 Jul 2021 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: vudfSZ8SolraUSdFX8bdDMy-zQEN6CX4-mycF_0eQSRW26GCYt091w==
expires: Fri, 16 Jul 2021 11:20:28 GMT

GET
H2 200 new.svg
www.malwarebytes.com/images/ 1 KB
922 B 32ms
25ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/new.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc

Request headers

:path: /images/new.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
content-encoding: gzip
etag: W/"dbc2ce5bc045d71:0"
last-modified: Mon, 10 May 2021 17:17:30 GMT
server: Microsoft-IIS/10.0
age: 264
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nUQ1y367UeIHas_5OxeMDMDa5i2zprevuFzJiyC1Q0dzuhWZf-gMzQ==

GET
H2 200 arrow.svg
www.malwarebytes.com/images/ 2 KB
1 KB 32ms
26ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/arrow.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9

Request headers

:path: /images/arrow.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:04 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 18:10:09 GMT
server: Microsoft-IIS/10.0
age: 264
x-powered-by: ASP.NET
etag: W/"4a4c15ea34dd71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 4C-KYDWHqvqUpBcVVV_dvXvsLX3ha9Ehd7_21q8HH7KxOqLuBwoGkA==

GET
H2 200 smb.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 2 KB
1 KB 32ms
26ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/business-nav/smb.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662

Request headers

:path: /images/website-refresh/business-nav/smb.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:03 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 14:33:47 GMT
server: Microsoft-IIS/10.0
age: 264
x-powered-by: ASP.NET
etag: W/"83912578ce53d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ixUQI3184J7S5qDqTEmVxUxDu9aEHt9hE_sEt7oWdO5nGfVbMWrp4w==

GET
H2 200 buy-label.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 2 KB
1 KB 32ms
26ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/business-nav/buy-label.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77d3df1a0650536bb4e87f2108eb58dd7d91c954bf188dc17f2e5a898f971bb0

Request headers

:path: /images/website-refresh/business-nav/buy-label.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
content-encoding: gzip
etag: W/"8874eb2b5c5dd71:0"
last-modified: Wed, 09 Jun 2021 18:20:48 GMT
server: Microsoft-IIS/10.0
age: 264
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dQTe3qKkmkZJMaT81kP5TcXD1eUuNwXJWO62X9W5M5ANOhnN13T35g==

GET
H2 200 mid-size.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 1 KB
1 KB 32ms
26ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/business-nav/mid-size.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09

Request headers

:path: /images/website-refresh/business-nav/mid-size.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:17 GMT
content-encoding: gzip
etag: W/"3051567dce53d71:0"
last-modified: Fri, 28 May 2021 14:33:56 GMT
server: Microsoft-IIS/10.0
age: 250
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: eOf2VoLLvEmuWHxd-a_xbVWfi3xkqaIiwSxIsdo-kElbhdAARqnAiA==

GET
H2 200 large-ent.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 2 KB
1 KB 32ms
27ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/business-nav/large-ent.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876

Request headers

:path: /images/website-refresh/business-nav/large-ent.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:17 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 14:33:55 GMT
server: Microsoft-IIS/10.0
age: 250
x-powered-by: ASP.NET
etag: W/"8d462b7dce53d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: AYM9aU9N2MytouRKrcW6Vn6p6tQ7-jrkDkwQjkBv5wDwxD1mu5t6qg==

GET
H2 200 arrow.svg
www.malwarebytes.com/images/refreshed_homepage/ 2 KB
1 KB 44ms
38ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/arrow.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9

Request headers

:path: /images/refreshed_homepage/arrow.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
content-encoding: gzip
etag: W/"13eab97d5536d71:0"
last-modified: Wed, 21 Apr 2021 02:24:44 GMT
server: Microsoft-IIS/10.0
age: 310
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: L0XB6ngTLxyIrijMwiy0nrIFiTCapG6nHCReujHU5P3sYOodYToJWQ==

GET
H2 200 call.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 2 KB
1 KB 32ms
27ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/business-nav/call.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed

Request headers

:path: /images/website-refresh/business-nav/call.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:04 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 14:33:48 GMT
server: Microsoft-IIS/10.0
age: 264
x-powered-by: ASP.NET
etag: W/"fba28f78ce53d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 4MPq3k0Ks42Tvmy7BCVWXfBbWx5nP6o5jFDNLvwUg3eTHXiszXlZyw==

GET
H2 200 partner-icon.svg
www.malwarebytes.com/images/icons/ 4 KB
2 KB 33ms
27ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/partner-icon.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a

Request headers

:path: /images/icons/partner-icon.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:15:17 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 01:08:26 GMT
server: Microsoft-IIS/10.0
age: 310
x-powered-by: ASP.NET
etag: W/"4bd440d54a36d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: UMjPkP3V4XlweQlzVjTO6rT8fOk26CiMbjnhalkufDy1TMatXNTkUA==

GET
H2 200 optimus-systems.webp
www.malwarebytes.com/images/partners/ 2 KB
2 KB 33ms
27ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/partners/optimus-systems.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93

Request headers

:path: /images/partners/optimus-systems.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:05 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "78bd4d65236d71:0"
last-modified: Wed, 21 Apr 2021 02:05:43 GMT
server: Microsoft-IIS/10.0
age: 502
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: p4tBE1iyi6ocX3cZ3QQ_DD9t9Lvc97p4lYu4WKCJs_zv-Z3DTWpINQ==

GET
H2 200 rsa2021.jpg
www.malwarebytes.com/images/ 27 KB
28 KB 33ms
27ms Image
image/jpeg 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/rsa2021.jpg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648

Request headers

:path: /images/rsa2021.jpg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:13:15 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:19:16 GMT
server: Microsoft-IIS/10.0
age: 502
x-powered-by: ASP.NET
etag: "2930faf64336d71:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 28006
x-amz-cf-id: 3G62eVNRVFaZgx-7ehK0uWdr4Xjw1n7KqGcGcwy6gQi_KQKot9NmFA==

GET
H2 200 watch-personal-icon.svg
www.malwarebytes.com/images/icons/ 1 KB
986 B 38ms
32ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/watch-personal-icon.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367

Request headers

:path: /images/icons/watch-personal-icon.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:05 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 01:09:39 GMT
server: Microsoft-IIS/10.0
age: 502
x-powered-by: ASP.NET
etag: W/"daff704b36d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: _1QvKwyC4zkC5gFBIJfFFGJ4TsaFoIarbEqUuoQi-zuqgiG3naL0kA==

GET
H2 200 watch-business-icon.svg
www.malwarebytes.com/images/icons/ 1 KB
985 B 33ms
28ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/watch-business-icon.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319

Request headers

:path: /images/icons/watch-business-icon.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:10:28 GMT
content-encoding: gzip
etag: W/"967dacfe4a36d71:0"
last-modified: Wed, 21 Apr 2021 01:09:35 GMT
server: Microsoft-IIS/10.0
age: 665
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: q4bskGfsRMgbQitHnhAjO1IOpvydOh0y9n7_wAwcP-ZwdtSQ1TOwoQ==

GET
H2 200 privacy.svg
www.malwarebytes.com/images/ 4 KB
2 KB 34ms
29ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/privacy.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a

Request headers

:path: /images/privacy.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:06 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:19:15 GMT
server: Microsoft-IIS/10.0
age: 502
x-powered-by: ASP.NET
etag: W/"86a81f64336d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZDvh52OGuqDMeQuiwb2BD5Q_RCdFotF40g--TpOKR-_Q2EqA4sJoXQ==

GET
H2 200 graphic-lady.svg
www.malwarebytes.com/images/hero/ 32 KB
13 KB 33ms
28ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/hero/graphic-lady.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 88d11792cf5b77e35cac2d8f57a7cb7faea97f29d4d062fcb1ebf65f9e5f7762

Request headers

:path: /images/hero/graphic-lady.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:13:41 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 21:10:51 GMT
server: Microsoft-IIS/10.0
age: 406
x-powered-by: ASP.NET
etag: W/"97d970eae166d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: JEp6pA8R_bcEo6IuuI6j1eBzBkVaiKzGGdegORt8dNFoPWLBoLdZtA==

GET
H2 200 graphic-guy.svg
www.malwarebytes.com/images/hero/ 30 KB
12 KB 33ms
29ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/hero/graphic-guy.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b0d67d7c3b55e621d1d3a9716b98e1458867aadda327367686748752bccb4247

Request headers

:path: /images/hero/graphic-guy.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:13:42 GMT
content-encoding: gzip
etag: W/"824a3defe166d71:0"
last-modified: Mon, 21 Jun 2021 21:10:59 GMT
server: Microsoft-IIS/10.0
age: 406
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OBZzQ2khBmd8XI_0dWW5MDc6glnPmyiUhEbaqlnH-Kw0RIt5T3KytQ==

GET
H2 200 graphic-768.svg
www.malwarebytes.com/images/hero/ 62 KB
23 KB 34ms
29ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/hero/graphic-768.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f73b833d385e5fe7b794b709c3ea1a234b525a2f0483c582b607fc9d14f580f8

Request headers

:path: /images/hero/graphic-768.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
content-encoding: gzip
etag: W/"ab01f4e166d71:0"
last-modified: Mon, 21 Jun 2021 21:11:07 GMT
server: Microsoft-IIS/10.0
age: 406
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kPqb8eKwFuXR9haE8FLktc21QLddfbGBtinhgfpufEQiobWWoUowzw==

GET
H2 200 logo-softwareadvice.webp
www.malwarebytes.com/images/refreshed_homepage/ 4 KB
5 KB 148ms
144ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-softwareadvice.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0befa99132ff5ca76f2cb4cb2ffeec5e7cd91464eeaab4c70ca53f5701ac74b

Request headers

:path: /images/refreshed_homepage/logo-softwareadvice.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 02:25:23 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "34943f955536d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 4286
x-amz-cf-id: NhxFU2TMHQNqUX8kCwaQb0EbL-9_VQ8C7ubZ3rqhq0E6eb704aI-yQ==

GET
H2 200 logo-leader.webp
www.malwarebytes.com/images/refreshed_homepage/ 3 KB
3 KB 141ms
136ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-leader.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 594131aa0ff27fc3f2025cf9cb593103fdaf5c7174246f3f87ff990f3d6287a7

Request headers

:path: /images/refreshed_homepage/logo-leader.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "aa161f8e5536d71:0"
last-modified: Wed, 21 Apr 2021 02:25:11 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 3090
x-amz-cf-id: R9IFQkoHPAW-G3ngpafpsTCz_bBVzvcoKL-2peTe3hX1eP4xkj3V8Q==

GET
H2 200 logo-emotionalfootprint.webp
www.malwarebytes.com/images/refreshed_homepage/ 6 KB
6 KB 126ms
122ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-emotionalfootprint.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3d7e45311946b392332508dd41d81d6fd46b2e54ac22af823159e86926227675

Request headers

:path: /images/refreshed_homepage/logo-emotionalfootprint.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 02:25:05 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "54dfaa8a5536d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 6140
x-amz-cf-id: Qo_vpYrUOmnIpQeKPa5AmMrLl1dbyE_mTUbxCluJqSHvYYcJMu1jJg==

GET
H2 200 logo-cnet_2.webp
www.malwarebytes.com/images/refreshed_homepage/ 3 KB
3 KB 37ms
33ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-cnet_2.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 718b7b2cde399bb4894a2e0bf9cf1b75a64b529a678f5149c84c427990b2857c

Request headers

:path: /images/refreshed_homepage/logo-cnet_2.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 02:25:00 GMT
server: Microsoft-IIS/10.0
age: 479
x-powered-by: ASP.NET
etag: "97291875536d71:0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3082
x-amz-cf-id: 1F48f5cwOMwWbDqwLjQwgJnouh56zo2dpgQXswMns1mZmdvctRHHSQ==

GET
H2 200 logo-techradar.webp
www.malwarebytes.com/images/refreshed_homepage/ 2 KB
2 KB 37ms
33ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-techradar.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 72e73d470970529d52beb7e2a69c65b3adbcfe27c645a85758cf1149b13ac2c3

Request headers

:path: /images/refreshed_homepage/logo-techradar.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "9d3b91975536d71:0"
last-modified: Wed, 21 Apr 2021 02:25:27 GMT
server: Microsoft-IIS/10.0
age: 479
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1902
x-amz-cf-id: 26kvNpbtZOH_R6WDQjCejIXd0qzdm0N_7R4AvwuIMgwboqwc5XHuZQ==

GET
H2 200 mrg-effitas-certified-i.webp
www.malwarebytes.com/images/refreshed_homepage/ 10 KB
11 KB 129ms
125ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/mrg-effitas-certified-i.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f7ab4e71b5d1b24b8b730f57af5b0e31f700677b5139940cc6d100ba830b490e

Request headers

:path: /images/refreshed_homepage/mrg-effitas-certified-i.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "15ac75c2e53ad71:0"
last-modified: Mon, 26 Apr 2021 21:47:31 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 10520
x-amz-cf-id: JkeOdqmNrjMCg6np3iUVebp-61-nK-pTSMoNdBq6vepJEIrdPV8eNw==

GET
H2 200 logo-pcmac.webp
www.malwarebytes.com/images/refreshed_homepage/ 3 KB
3 KB 145ms
141ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-pcmac.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ea762a4223eb21cf482eba49edc66f056f475481e7aa618eeb76e4a72bf331c

Request headers

:path: /images/refreshed_homepage/logo-pcmac.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "fd9835925536d71:0"
last-modified: Wed, 21 Apr 2021 02:25:18 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 2632
x-amz-cf-id: arPJP4QaRk0VFP2T3iqtwTUDh0ooFIhxkCAPbp1Nx0_m1MZzUi1w7A==

GET
H2 200 logo-businesschoice.webp
www.malwarebytes.com/images/refreshed_homepage/ 6 KB
6 KB 136ms
133ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/logo-businesschoice.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 723a0ace76b35a4a90e41e6c85e0f436360cdc23811fd97522ae93ccfd3e81b1

Request headers

:path: /images/refreshed_homepage/logo-businesschoice.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 02:24:55 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "b686b845536d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 6034
x-amz-cf-id: ZMhdQX_3p-tV2TJmBENXC3qrUE99dHZq2FxEISAPm7xep0gVRCOh0A==

GET
H2 200 video-thumbnail.jpg
www.malwarebytes.com/images/website-refresh/homepage/ 29 KB
30 KB 144ms
140ms Image
image/jpeg 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/homepage/video-thumbnail.jpg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa64ac562a55ea1dc64bcb02101cd7174718268a31f8753bae4ea294e9fb7a62

Request headers

:path: /images/website-refresh/homepage/video-thumbnail.jpg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 13:37:23 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "3bcbb6176b51d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 29883
x-amz-cf-id: --Nb_c0jJ-kPtIB9p9JdxX3S2nRfBLtGJuK9c-7YPHxQzEIWeBwT3w==

GET
H2 200 world.svg
www.malwarebytes.com/images/footer/ 4 KB
2 KB 42ms
39ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/footer/world.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69

Request headers

:path: /images/footer/world.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:48:16 GMT
server: Microsoft-IIS/10.0
age: 117
x-powered-by: ASP.NET
etag: W/"c0ed3744836d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 56VZj_yRWteHmWLIYhCHNlqAY09h8k5_TWIyIa2fJxxQRyrygUSkLg==

GET
H2 200 footer.min.js Show response
www.malwarebytes.com/js/ 5 KB
3 KB 13ms
13ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/footer.min.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c

Request headers

:path: /js/footer.min.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:17 GMT
content-encoding: gzip
etag: W/"b3df5a5daa67d71:0"
last-modified: Tue, 22 Jun 2021 21:05:43 GMT
server: Microsoft-IIS/10.0
age: 251
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iiYfhn9LSmebeFBc2VwplU6Fv8OOGFOAut7892FbbV_Isv7QfP4UdQ==

GET
H2 200 utilities.js Show response
www.malwarebytes.com/js/ 16 KB
6 KB 12ms
12ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/utilities.js?v=947569257
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e39d35c8a5ec1caad172929e3192c46b61710fe70e4f225ef44836cf52d2a747

Request headers

:path: /js/utilities.js?v=947569257
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:17 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 20:39:23 GMT
server: Microsoft-IIS/10.0
age: 250
x-powered-by: ASP.NET
etag: W/"def7322a2778d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dKZkPkm_-soauOnXD9NQ5oaFCKPPUdE0helPVd6t9dhSWh0V7au9cA==

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E062TbpGx6vwVsuuNM/jFw==
age: 5817
vary: Accept-Encoding
content-length: 5561
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:01 GMT
server: cloudflare
etag: 0x8D83F440F482A65
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 95bfa026-f01e-0147-6461-1f41d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66f29a078ededff3-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
108 B 43ms
40ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery3310039843547905195065_1626348028073&_=1626348028074

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66f29a0b3bf00601-FRA
content-length: 32

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
82 KB 17ms
14ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ded8b3c12cddb888232eb7db8e68e889a1808ac0215e043f6052e14a64fe956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83785
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 11:20:28 GMT

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 343 B
565 B 326ms
96ms XHR
application/json 2600:1f18:21ae:6700:f931:acf0:5bbb:8761
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=947569257
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6700:f931:acf0:5bbb:8761 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 624de26e418e30e37a6022b5822a9d09e42807828e10742acab7377dab034cce

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Jul 2021 11:20:28 GMT
access-control-allow-credentials: true
server: Apache-Coyote/1.1
access-control-allow-headers: origin, content-type, accept, authorization
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 graphik-regular.otf
www.malwarebytes.com/css/fonts/ 128 KB
51 KB 22ms
21ms Font
font/otf 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-regular.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/graphik-regular.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"9d723a84236d71:0"
last-modified: Wed, 21 Apr 2021 00:09:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: R2FPPFMVtexCohmwF7nvrOLwAq-GhzICAy5VkIosRhZlvxC0msVtZg==

GET
H2 200 blue_arrow_text_inactive.svg
www.malwarebytes.com/images/buttons/ 563 B
921 B 134ms
133ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/buttons/blue_arrow_text_inactive.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49d2ea5b96f0573b44d52d407fbc05794a18e2349116fd235cde6d29ed288de5

Request headers

:path: /images/buttons/blue_arrow_text_inactive.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 15:36:03 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "aefa2731fb40d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
content-length: 563
x-amz-cf-id: EUyuvj77cm7g_vPG5gtkF1b4xmP-0au_aQ8hot0hAHZqg-FE_b_Feg==

GET
H2 200 blue-arrow.svg
www.malwarebytes.com/images/website-refresh/endpoint/ 557 B
917 B 313ms
312ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/endpoint/blue-arrow.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles_components.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 867b3cec541df7e0781040ad4c704be8aebae48f42cd370f66f6ed5d799a0f69

Request headers

:path: /images/website-refresh/endpoint/blue-arrow.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles_components.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles_components.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 07:37:16 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "d6f5f3268136d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
content-length: 557
x-amz-cf-id: D1ZvqftPWXyfyewW4g7xR7iZhNMy4bcOlyVXuyIeKP5knxbfLQYb8Q==

GET
H2 200 graphik-medium.otf
www.malwarebytes.com/css/fonts/ 134 KB
57 KB 33ms
33ms Font
font/otf 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-medium.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/graphik-medium.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"b6a5ea54236d71:0"
last-modified: Wed, 21 Apr 2021 00:09:50 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: deI5eu7KoscO7ThgrqnhzmZZzJ7P0V0VZLW-_XvCH04ixMsW5Ax02g==

GET
H2 200 graphik-semibold.otf
www.malwarebytes.com/css/fonts/ 135 KB
58 KB 34ms
33ms Font
font/otf 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-semibold.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/graphik-semibold.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:09:58 GMT
server: Microsoft-IIS/10.0
age: 117
x-powered-by: ASP.NET
etag: W/"d5287daa4236d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Y8UeUG8MPusWFgRR9F8t5HYAp5DcHDqcHSqaAUHXLqhfzAA4Nc749A==

GET
H2 200 graphik-bold.otf
www.malwarebytes.com/css/fonts/ 136 KB
58 KB 66ms
65ms Font
font/otf 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-bold.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/graphik-bold.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"b8d8c79d4236d71:0"
last-modified: Wed, 21 Apr 2021 00:09:37 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: La2_gnOgiPSyQgKXnKaY39aZV0cT1ZPvpRVoTx6vy-o0GLDSdPWnjA==

GET
H2 200 graphik-light.otf
www.malwarebytes.com/css/fonts/ 132 KB
55 KB 13ms
13ms Font
font/otf 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/graphik-light.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/graphik-light.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:13:22 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 00:09:45 GMT
server: Microsoft-IIS/10.0
age: 425
x-powered-by: ASP.NET
etag: W/"46f589a24236d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/otf
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: gaIJT-LrnNOq2tfPFLK1SyJQbOntX43Q7q0hK6GhJPV3Wde8xJqCUg==

GET
H2 200 card-background-2.png
www.malwarebytes.com/images/refreshed_homepage/ 19 KB
19 KB 13ms
12ms Image
image/png 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/card-background-2.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac4c028fbf93221cb39278eaa10117bc7ab403348322fd6fd622b1b03d2cd45c

Request headers

:path: /images/refreshed_homepage/card-background-2.png
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:16:18 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 02:24:52 GMT
server: Microsoft-IIS/10.0
age: 478
x-powered-by: ASP.NET
etag: "d729e825536d71:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 19251
x-amz-cf-id: ZMH8TK9EdMKUj0T7r0CZLguYS3X_HsYAkE89Rp61IlRkHGkkIFh9_g==

GET
H2 200 card-1-background.png
www.malwarebytes.com/images/refreshed_homepage/ 19 KB
19 KB 13ms
13ms Image
image/png 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/refreshed_homepage/card-1-background.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b882d15fe9efee7c5b41481e6bd779d2e2dd6fedf618d5aa70cf2ebd7ee2ab8

Request headers

:path: /images/refreshed_homepage/card-1-background.png
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:12:30 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
etag: "dcae27c5536d71:0"
last-modified: Wed, 21 Apr 2021 02:24:42 GMT
server: Microsoft-IIS/10.0
age: 478
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 18973
x-amz-cf-id: lVXWcp5twXAzHV60yEFiLfeQUHrI35aiAoXrJuHCrDP8xSCGrHUg3g==

GET
H2 200 twitter.svg
www.malwarebytes.com/images/icons/ 1 KB
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/twitter.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 114c908673dd0a1d941aed822ee32d91137959b5e74c052a41c2bfa727fc39cd

Request headers

:path: /images/icons/twitter.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 21:04:56 GMT
server: Microsoft-IIS/10.0
age: 117
x-powered-by: ASP.NET
etag: W/"74acb41aa67d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: DvaViSj3vKoczGrN8SXWk8AFRpY0CgXQaceN8fL_RuHiDLMqOnvwJQ==

GET
H2 200 facebook.svg
www.malwarebytes.com/images/icons/ 755 B
1 KB 21ms
19ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/facebook.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc66564f28ce75f1163d19a8cc24af86585ac54d0a353711e8da41870244f988

Request headers

:path: /images/icons/facebook.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Tue, 22 Jun 2021 21:05:02 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "32f6f144aa67d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
content-length: 755
x-amz-cf-id: n41PG6uEffDf6wbTSHiD_FTlZQLbwMixmIh5rQfRfQF6RNkp6NIYFw==

GET
H2 200 linkedin.svg
www.malwarebytes.com/images/icons/ 1 KB
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/linkedin.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4d100d17da4f09eef30aa0f2710314d659524ea4860c6024487aec519da4d4f3

Request headers

:path: /images/icons/linkedin.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"7505447aa67d71:0"
last-modified: Tue, 22 Jun 2021 21:05:06 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: Nj-2UeeNsOlUm80GZ5kIfQb4SXAOfM6tYaFsexyaBqjIs9c8bqtoJg==

GET
H2 200 youtube.svg
www.malwarebytes.com/images/icons/ 1 KB
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/youtube.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43c4be0978be63a15635e3c31e24e922069ac8863be3c1741e8b55091153d082

Request headers

:path: /images/icons/youtube.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
etag: W/"f0ce34eaa67d71:0"
last-modified: Tue, 22 Jun 2021 21:05:19 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: eZfUhPqntCVUU1_wnB0yM3lLjF1y844t30c6lq-fMzMlaxcDurVXJA==

GET
H2 200 instagram_icon.svg
www.malwarebytes.com/images/icons/ 5 KB
2 KB 25ms
24ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/icons/instagram_icon.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e

Request headers

:path: /images/icons/instagram_icon.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:18:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 01:08:08 GMT
server: Microsoft-IIS/10.0
age: 117
x-powered-by: ASP.NET
etag: W/"f61a56ca4a36d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2vDvjHQYBHmP_qTdhyRocJN6oMlqDJLJpafi6L_6uFvTWgYtUzKwCA==

GET
H2 200 ic-search.svg
www.malwarebytes.com/images/footer/ 601 B
955 B 22ms
22ms Image
image/svg+xml 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/footer/ic-search.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a

Request headers

:path: /images/footer/ic-search.svg
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/css/styles_overrides.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:48:13 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "69db7e24836d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
content-length: 601
x-amz-cf-id: PXvleGqL0VBkO0jLntyLsKkucDyBP16k_0BwwAm7ZrugkVux5p8uMg==

GET
H2 200 socicon.woff
www.malwarebytes.com/css/fonts/ 20 KB
20 KB 22ms
22ms Font
font/x-woff 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

sec-fetch-mode: cors
origin: https://www.malwarebytes.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /css/fonts/socicon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.min.css?v=20347400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:08:19 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "973a6b6f4236d71:0"
x-cache: Hit from cloudfront
content-type: font/x-woff
cache-control: max-age=900
accept-ranges: bytes
content-length: 20472
x-amz-cf-id: eCRLIuR4G3gl77IR0y0OefzREQpqA4LsIJ4VX94i7QYbpHKWff5qfg==

GET
H2 200 intl-sites.json Show response
www.malwarebytes.com/js/ 890 B
1 KB 12ms
12ms XHR
application/json 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/intl-sites.json
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
:path: /js/intl-sites.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 09:11:49 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 00:17:18 GMT
server: Microsoft-IIS/10.0
age: 7718
x-powered-by: ASP.NET
etag: "883da8b04336d71:0"
x-cache: Hit from cloudfront
content-type: application/json
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 890
x-amz-cf-id: RR_qxzxXz2zIpR6hnJmuJAvjsDqEAXxqfP71VCgw1O1T9DQ-JodH7g==

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 1 KB
2 KB 159ms
74ms XHR
application/json 13.224.96.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demandbase.com/api/v2/ip.json?key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-26.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 505e175ec1b996302a4aae2f79aa528cd451243551479fddc58934e6e1b3c53c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:28 GMT
Identification-Source: CACHE
X-Amz-Cf-Pop: ZRH50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Access-Control-Max-Age: 7200
Connection: keep-alive
Request-ID: 0c00876e-83cb-4729-ade9-4b2698df994f
Content-Encoding: gzip
Pragma: no-cache
Access-Control-Allow-Origin: https://www.malwarebytes.com
Server: nginx
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json;charset=utf-8
Via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Api-Version: v2
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: _b1iFoK3_IJ7R5uX-wNIOl8W0FoYtrK_EUWZQ5WLOcndCrj9RGn-iA==
Expires: Wed, 14 Jul 2021 11:20:28 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 68 B
252 B 434ms
114ms Script
application/javascript 50.16.216.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery3310039843547905195065_1626348028075&_=1626348028076
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.216.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-216-118.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f83bf27efc9687dccfca895cb58466c95d7d2ebb78fcd05b72c352d01e450d68

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 68
Vary: Origin
Content-Type: application/javascript

GET
H2 200 play_btn.webp
www.malwarebytes.com/images/website-refresh/homepage/ 3 KB
3 KB 120ms
119ms Image
image/webp 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/website-refresh/homepage/play_btn.webp
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f093dbe9df46fb2804382864895301c693d4166e88201bb7941ffb8c6709798e

Request headers

:path: /images/website-refresh/homepage/play_btn.webp
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D; mid=var15636
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Wed, 21 Apr 2021 07:41:55 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: ZRH50-C1
x-powered-by: ASP.NET
etag: "8236cd8136d71:0"
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
content-length: 3108
x-amz-cf-id: UDRDsR9LS0fewsLk0Di9iHR-MR_oaWp7qQ_Pfgos7L7NODUtEBlcLw==

GET
H2 200 7ghicgw4nish.js Show response
js.driftt.com/include/1626348300000/ 214 KB
61 KB 243ms
167ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1626348300000/7ghicgw4nish.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

beced4c0fb075b16b749c30c246375052b32d2e6337b27bc7b720766778051ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: K1mOc6KTouD4UgzkGrzJZH_NkCSrbte8
content-encoding: gzip
etag: W/"c3663f7cebb005b65c52f4bf30f3f222"
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:48:49 GMT
server: nginx
date: Thu, 15 Jul 2021 11:20:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VZ1E8cDiWahUNk_IiPKYbkPENidXhGLsk_ZTcN7is5OH_eHMf1uDCA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43996
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: sIaXGKmvv6JXYLa1lEOWbm/nZHpVQS77r82nfYCn9/xu3lk8c8132+ETWrTwtNhEivlKDkZBgFXcunIr5aWXgw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 15 Jul 2021 11:20:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 28ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:28 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: ABAB8B5B3FAD41188DF14D408B3C9888 Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:28Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1769
date: Thu, 15 Jul 2021 10:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 15 Jul 2021 12:50:59 GMT

GET
H2

200

activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCk... Show response
8019375.fls.doubleclick.net/ Frame F9BA
Redirect Chain

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1R...
https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.m...

476 B
499 B

4515ms
146ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

ba6d338448d1c48b85d9021186f8ac079958c2c0a664a3b3455b8a611d30c3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8019375.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl6Jsmi_DPd0eOog_x_mc8WeUoLxuDBbthBUSsqoQaUZ9fMpSr0OU_-N-QM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:37 GMT
expires: Thu, 15 Jul 2021 11:20:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 24ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 15 Jul 2021 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 920
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: aS1ym/b+tmn9124lQxyfYt+kpkV7ApEW1Nyx6IvfcNa2ViEG2+tuVe/BQYALZZiHOYXnnsaqKQg=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: PXBAT08H83SGPWTY
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 60 KB
16 KB 123ms
37ms Script
application/javascript 13.224.96.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-3.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IE5IzYwU4gx7oNbzFWwbL4ZS6nSJjwBv
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:24:47 GMT
server: AmazonS3
age: 3309
etag: W/"c890c8c9866d4d0ee9b287e7db203091"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Thu, 15 Jul 2021 10:25:32 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 40KQLKN5UaTBJACtMNzutWqmgLMFsbK153o41s0qgAzSIy-Tm-zqIQ==

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9900895
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e9412a941d9e2178046a5378c46b42d2
cache-control: public, max-age=31536000
cf-ray: 66f29a0d3f4f4dbe-FRA

GET
H2 200 ld.js Show response
udgrbq.malwarebytes.com/js/ld/ 39 KB
13 KB 50ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://udgrbq.malwarebytes.com/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 10:54:06 GMT
server: nginx
etag: W/"60cb29ce-9d98"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 16 Jul 2021 11:20:29 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 151ms
40ms Script
application/javascript 52.211.195.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?156
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jul 2021 09:46:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=80758
Connection: keep-alive
Content-Length: 12574
Expires: Fri, 16 Jul 2021 09:46:27 GMT

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 88ms
23ms Script
text/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 501
X-Ws-Request-Id: 60f019fd_PSdgflkfFRA1dm9_16944-3318
Content-Type: text/javascript
Via: 1.1 PSmgnyNY2no188:0 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1eq94:13 (W)
Cache-Control: max-age=600
X-Px: ht PSdgflkfFRA1eq94FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Thu, 15 Jul 2021 11:22:07 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 27ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10919923

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06eeacc16d500c61ad439131db7587db9e4b7e8054698c380017ab64e329d61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36907
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 30ms
26ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-380232391

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77fe4992518602980266db408d8f9127746609fee79b45cc7379dc0381ad04cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37949
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H2

200

activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D... Show response
9812475.fls.doubleclick.net/ Frame 3EA5
Redirect Chain

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%...
https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F...

572 B
622 B

347ms
46ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

0bd6aa1dc4e02f07deb9f4525e09fb5150b0839a528a99a49b226d63d82ec88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9812475.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 445
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Jul-2021 11:35:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 88192d9a0093c05814d865a67998245f91adaed930871eb77daccd169876c16b

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "acb775799fa2f1d3f27f6a1f7a366d9f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 115ms
37ms Script
application/x-javascript 13.224.100.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-100-124.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 15:47:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 70351
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: zFIY5mAba8_nkD8kXZX1Tbmyf_qN4DRmVS1HmXq7m8cOb2DGK0KHAA==

GET
H/1.1 200
OK 172061.js Show response
secure.perk0mean.com/js/ 16 B
255 B 120ms
25ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.perk0mean.com/js/172061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 11:20:29 GMT
Server: Kestrel
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 14ms
13ms Script
application/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

:path: /js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D; mid=var15636; _gcl_au=1.1.210292878.1626348029; gaUserID=D1EE6028-382B-4199-9C24-DADC7ADEF095
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:15:43 GMT
content-encoding: gzip
etag: W/"1adb75c34336d71:0"
last-modified: Wed, 21 Apr 2021 00:17:50 GMT
server: Microsoft-IIS/10.0
age: 312
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: G23NAhVTEBrrPUC0wbWp5NUAA2F9LigWKESJb0FevjP3B4GskSIW_A==

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5381a285f7b3b63e72b7cfdac6205939c3c8fd96f9a4e27c2970ca0d447c937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38249
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
423 B 411ms
104ms Image
image/gif 18.215.205.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.205.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-205-165.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,30347b6240bb3257aaf779f3328b4fc5,10.0.0.101,23740,77.243.191.108,,100726162705,1,1626348029.366,0.001,,.,0,0,0.000,0.004,-,0,0,197,139,69,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1626348029021%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync=...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync...

0
155 B

330ms
122ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync=true&e_ipv6=AQIHhnIwIWv25AAAAXqp5YauUZ0GVOlH2ZezKx85TIAERMOgoSt3pXlF2XaiL53OjfUdcmne
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: Vxt4nOrykRYQaIgDgisAAA==

Redirect headers

date: Thu, 15 Jul 2021 11:20:29 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1626348029021&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D&liSync=true&e_ipv6=AQIHhnIwIWv25AAAAXqp5YauUZ0GVOlH2ZezKx85TIAERMOgoSt3pXlF2XaiL53OjfUdcmne
x-li-proto: http/2
x-li-pop: prod-edc2
content-length: 0
x-li-uuid: rR0EierykRYwBpoakysAAA==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 10:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3337
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 15 Jul 2021 11:24:52 GMT

GET
H2 200 10110317.json Show response
s.yimg.com/wi/config/ 46 B
710 B 19ms
7ms XHR
application/octet-stream 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10110317.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 15 Jul 2021 08:04:36 GMT
x-content-type-options: nosniff
age: 11754
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: P6M3WBJTWMQ2KDVB
x-amz-id-2: +scoerCW2W32EJidyKvNfUR7q9qwb1W54EKjWq08vgaqvJQ3gkKRFDlWkUSHREII77v5lG4lWQE=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 23 Jun 2020 16:15:29 GMT
server: ATS
etag: "cc3d0e0815ad7ef45a521c2a63b65393"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: wXZ_nu_nu9aA6v9PTivxO9CdOpSassoA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: /T/F5dfxiRN+Y1tRfsB1zRs+cqd/phkY8HsOsFTahaZRerO/WmoQZVP+5pMHu7CnTSySpyGOhPN885EGLrKNFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 15 Jul 2021 11:20:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01c322bba04afc8028fd95c35cef8b2734ac45485971adac02916e4e9f41721e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76246
x-xss-protection: 0
pragma: private
x-fb-debug: SyUNvnUuY5hK0Xj8el1FUc6k934Al2xCiDvqTJvFExQYDznEvL9TSd+ksALISfp9TKIr/O5VwY8Aw9WWWcpTGw==
x-frame-options: DENY
date: Thu, 15 Jul 2021 11:20:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 4072696.js Show response
bat.bing.com/p/action/ 0
93 B 32ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4072696.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: D1CF78643A034AC3806C0EBEE4FC3B79 Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:29Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&tm=gtm001&Ver=2&mid=74a380e9-4131-4d5c-9b2c-37cf8b2905bc&sid=a9078ab0e55e11eb99c9d18153b61fbd&vid=a907ccf0e55e11eb899a7fd16ec4e7d1&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&kw=antivirus,%20antivirus%20software%20free%20antivirus,%20free%20antivirus%20software,%20anti%20malware,%20free%20anti%20malware,%20anti%20malware%20software,%20free%20antivirus%20software&p=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&r=&lt=2915&evt=pageLoad&msclkid=N&sv=1&rn=139427
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: CC2D0C8A14D1447480AD8F5EB2BD3C6C Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:29Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&tm=gtm001&Ver=2&mid=74a380e9-4131-4d5c-9b2c-37cf8b2905bc&sid=a9078ab0e55e11eb99c9d18153b61fbd&vid=a907ccf0e55e11eb899a7fd16ec4e7d1&vids=0&ec=form&gc=USD&en=Y&evt=custom&msclkid=N&rn=71186
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 5A5515C06E594F178F5B504C72C00FDD Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:29Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&tm=gtm001&Ver=2&mid=74a380e9-4131-4d5c-9b2c-37cf8b2905bc&sid=a9078ab0e55e11eb99c9d18153b61fbd&vid=a907ccf0e55e11eb899a7fd16ec4e7d1&vids=0&ec=form&gc=USD&en=Y&evt=custom&msclkid=N&rn=68872
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 19647E743D5F4E4AB16D2B795A068BCA Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:29Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&tm=gtm001&Ver=2&mid=74a380e9-4131-4d5c-9b2c-37cf8b2905bc&sid=a9078ab0e55e11eb99c9d18153b61fbd&vid=a907ccf0e55e11eb899a7fd16ec4e7d1&vids=0&ec=form&gc=USD&en=Y&evt=custom&msclkid=N&rn=774115
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: FB0D5F1991524572A4D4E9A337B23150 Ref B: FRAEDGE1411 Ref C: 2021-07-15T11:20:29Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=150771353&uid=D1EE6028-382B-4199-9C24-DADC7ADEF095&gjid=1678626624&_gid=988123412.1626348029&_u=aGBAgEAjAAAAAE~&z=1179276117

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Jul 2021 11:20:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1684993874&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&ul=en-us&de=UTF-8&dt=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=150771353&gjid=1678626624&cid=2012471101.1626348029&uid=D1EE6028-382B-4199-9C24-DADC7ADEF095&tid=UA-3347303-10&_gid=988123412.1626348029&gtm=2wg7e0MKSKW3&z=1010018694

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 05:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19344
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.1da0559f.js Show response
s.pinimg.com/ct/lib/ 50 KB
17 KB 30ms
29ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.1da0559f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06c8a989a9848ff3181bf09834e0618ad6775fa16024a90f21874d79e174f4c3

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "a8f50525953267a25feae69c648bf465"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17536
access-control-expose-headers: X-CDN

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203
https://widget.us.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203

1 KB
1 KB

313ms
113ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26209
content-type: application/x-javascript
content-length: 863
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:28 GMT
server: Microsoft-IIS/10.0
location: https://widget.us.criteo.com/event?a=53449&v=5.7.1&p0=e%3Dvh&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=55203
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4936
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1x... Show response
10919923.fls.doubleclick.net/ Frame C848
Redirect Chain

https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3...
https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%...

570 B
616 B

8847ms
289ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10919923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

a36b7eb6683f2a69db005a986886bfceaf4aedfd1328e15bec22455758e06e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10919923.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 443
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Jul-2021 11:35:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 334ms
58ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-380232391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
server: cafe
etag: 8394079078796230488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H2 204 track Show response
www.malwarebytes.com/__ssobj/ 0
360 B 78ms
78ms XHR
text/plain 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/track?event=ssPageloadTimer&value=0.005&x=1626435823763-1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D; mid=var15636; _gcl_au=1.1.210292878.1626348029; gaUserID=D1EE6028-382B-4199-9C24-DADC7ADEF095; _ga=GA1.2.2012471101.1626348029; _gid=GA1.2.988123412.1626348029; _uetsid=a9078ab0e55e11eb99c9d18153b61fbd; _uetvid=a907ccf0e55e11eb899a7fd16ec4e7d1; over100=true; _dc_gtm_UA-3347303-10=1
:path: /__ssobj/track?event=ssPageloadTimer&value=0.005&x=1626435823763-1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified: Fri, 18 Sep 2020 04:58:45 GMT
server: Apache
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 2-9-67
x-amz-cf-id: IJI4qbwq8-493QQRvkMKlkohIlQ0Sl6V3FWCs0L-SKVHBEeY6w0SKw==
sbss: 1
expires: -1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B99D 291 B
591 B 43ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.malwarebytes.com&origin=onetag

Requested by

Host: udgrbq.malwarebytes.com
URL: https://udgrbq.malwarebytes.com/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.malwarebytes.com&origin=onetag
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.malwarebytes.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1308
date: Thu, 15 Jul 2021 11:20:29 GMT
content-length: 321

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
112 B 15ms
15ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=150771353&_u=aGBAgEAjAAAAAE~&z=2004607914

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=150771353&_u=aGBAgEAjAAAAAE~&z=2004607914

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 309ms
101ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16653664&version=2.0&ref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&r=1626348029140
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384023492"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=52
Content-Length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&rl=&if=false&ts=1626348029155&cd[content_name]=Home&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1626348029154.106257201&it=1626348029042&coo=false&tm=1&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&rl=&if=false&ts=1626348029158&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1626348029154.106257201&it=1626348029042&coo=false&tm=1&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Jul 2021 11:20:29 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 1 KB
1 KB 159ms
83ms XHR
application/json 13.224.96.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&page_title=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-57.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 505e175ec1b996302a4aae2f79aa528cd451243551479fddc58934e6e1b3c53c

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
identification-source: CACHE
vary: Accept-Encoding, Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
request-id: 3080d5ae-44ef-4b9f-80cd-1f01b39c010b
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p3a7Z0acaN8oDaSGcBBLx2FGop0mucw2oSphrE9a6hCRdGnsoyjBvQ==
expires: Wed, 14 Jul 2021 11:20:29 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ&verifyHash=284e4536f1867fd84cde8ef7c9f8ebd5f585ba89

26 B
409 B

130ms
130ms

Image
image/gif

13.224.96.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ&verifyHash=284e4536f1867fd84cde8ef7c9f8ebd5f585ba89
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-51.zrh50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: ab0613e3bab24fbe
X-Amz-Cf-Id: E5VQQJv9o7OxGpwAOW6cLxMXmZKCCsOcD-nTGVT6pBPS_r1AVhNeag==

Redirect headers

Date: Thu, 15 Jul 2021 11:20:29 GMT
Via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AADKGE7B4DQAAD6a803_iQ&verifyHash=284e4536f1867fd84cde8ef7c9f8ebd5f585ba89
Connection: keep-alive
trace-id: e906da6701748826
Content-Length: 0
X-Amz-Cf-Id: 4yj4ipakHghXGyOb5AnJKl56LO-RDkvNiqy1HcR8vmWIqg-4EUTdRg==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 71ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 37ms
36ms Script
application/javascript 52.211.195.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=82750&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&pv=1626348029169_ikqpfygsg&bl=en-us&cb=2641150&return=&ht=&d=&dc=&si=1626348029169_ikqpfygsg&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?156
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jul 2021 11:20:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 337 B
533 B 153ms
74ms XHR
application/json 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1626348029176
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1da0559f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4186cb82046abff174718350bb4493c13e32ee4e53f5b0783a2142599feb1a69

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.malwarebytes.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVlqTTVOREExWVdZdE5EUTNaaTAwT1RCa0xUazRNV010TnpBMVpqUTNNemRoTmpneQ
x-pinterest-rid: 2876329602115981
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 300
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 111ms
72ms Image
image/gif 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221da0559f%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1626348029177
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1342385398723282
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1684993874&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&ul=en-us&de=UTF-8&dt=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAjAAAAAE~&jid=&gjid=&cid=2012471101.1626348029&uid=D1EE6028-382B-4199-9C24-DADC7ADEF095&tid=UA-3347303-10&_gid=988123412.1626348029&gtm=2wg7e0MKSKW3&cd2=66433122&cd3=Mid-Market%20Business&cd4=Software%20%26%20Technology&cd5=Devoteam&cd6=Devoteam&cd7=Software%20%26%20Technology&cd8=Data%20%26%20Technical%20Services&cd9=%24500M%20-%20%241B&cd10=3%2C000%2B&cd11=Levallois%20Perret&cd12=IDF&cd13=(Non-AccountWatch%20Visitor)&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=FR&cd18=devoteam.com&z=1356047718

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 05:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19344
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 147ms
71ms XHR
text/plain 151.101.132.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1da0559f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.132.84 Madrid, Spain, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:29 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1313537294747611
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ard.png Show response
www.malwarebytes.com/__ssobj/ 0
461 B 32ms
32ms XHR
text/javascript 2600:9000:2190:9c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/ard.png?6985111583995233328_1-551-1626348026&n=1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /__ssobj/ard.png?6985111583995233328_1-551-1626348026&n=1
pragma: no-cache
cookie: SSID=CABHLB0cAAAAAAD6GfBgMISAGPoZ8GABAAAAAAAAAAAA-hnwYABNNYnzAAOidSEA-hnwYAEAqtMAARjSHQD6GfBgAQA; SSSC=551.G6985111583995233328.1|54186.1954328:62345.2192802; SSRT=-hnwYAABAA; OptanonConsent=isIABGlobal=false&datestamp=Thu+Jul+15+2021+13%3A20%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D; mid=var15636; _gcl_au=1.1.210292878.1626348029; gaUserID=D1EE6028-382B-4199-9C24-DADC7ADEF095; _ga=GA1.2.2012471101.1626348029; _gid=GA1.2.988123412.1626348029; _uetsid=a9078ab0e55e11eb99c9d18153b61fbd; _uetvid=a907ccf0e55e11eb899a7fd16ec4e7d1; over100=true; _dc_gtm_UA-3347303-10=1; _fbp=fb.1.1626348029154.106257201; _ccmsi=1626348029169_ikqpfygsg|1626348029169; SSResetOC=true; SSOC=77.243.191.108; _pin_unauth=dWlkPVlqTTVOREExWVdZdE5EUTNaaTAwT1RCa0xUazRNV010TnpBMVpqUTNNemRoTmpneQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.malwarebytes.com
referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:29 GMT
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
rtss: 2-9-121
content-length: 0
sbss: 1
pragma: no-cache
last-modified: Fri, 18 Sep 2020 02:13:09 GMT
server: Apache
content-type: text/javascript
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
set-cookie: SSRT=_RnwYAADAA; path=/; domain=.malwarebytes.com; expires=Fri, 15-Jul-2022 11:20:29 GMT
accept-ranges: bytes
x-amz-cf-id: ELiXD9DW5M2kaTyW8T38MWM9UXUx0-HioyiQz5KoRMBvQ9vO06XEgQ==
expires: -1

GET
H2 200 dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQF... Show response
adservice.google.com/ddm/fls/i/ Frame 59A6 571 B
516 B 44ms
43ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: 9812475.fls.doubleclick.net
URL: https://9812475.fls.doubleclick.net/activityi;dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb38a9181ece02d9ed0ca15ac4ffb8722fe3d577e48b393aba866aa3fbf7ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9812475.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9812475.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQF... Show response
adservice.google.de/ddm/fls/i/ Frame E7A5 194 B
265 B 43ms
43ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CI-fuMT65PECFcuz1QodSd4Cwg;src=9812475;type=conve0;cat=forms000;ord=1;num=6508597694082;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:29 GMT
expires: Thu, 15 Jul 2021 11:20:29 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarythq6PVD7pXa5YgnA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 15 Jul 2021 11:20:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=1626348032925&cv=9&fst=1626348032925&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

786ed3b6627561fbc43bc9d46076340223331e172cd7363a187b8f479ce8b069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/380232391/ 2 KB
1 KB 34ms
34ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/380232391/?random=1626348032928&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

0b567465cb77f29d334f34ad2ec60025b9348b9279ad680da96d6f58054c6cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1626348032933&cv=9&fst=1626348032933&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e1cf6438cca2f4819cf76c5e8ed8212742cf61b6abe95aac0b89e8e9e6b3d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/380232391/ 42 B
113 B 27ms
26ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/380232391/?random=1626348032925&cv=9&fst=1626346800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=661597413&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/380232391/ 42 B
108 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/380232391/?random=1626348032925&cv=9&fst=1626346800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=661597413&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
113 B 17ms
16ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1626348032933&cv=9&fst=1626346800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=3095468407&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1626348032933&cv=9&fst=1626346800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=3095468407&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/380232391/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=250...
https://www.google.com/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=...
https://www.google.de/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1...

42 B
64 B

30ms
29ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ABrwYIrROfuKjuwP8sWzyA4&cid=CAQSKQCNIrLMli4HRJmYHn3aFxL3IsGsTYbdWadE98wU-scWihMsOiGhXEG8&random=1109704443&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/380232391/?random=1853497740&cv=9&fst=1626348032928&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7e0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&tiba=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&auid=210292878.1626348029&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ABrwYIrROfuKjuwP8sWzyA4&cid=CAQSKQCNIrLMli4HRJmYHn3aFxL3IsGsTYbdWadE98wU-scWihMsOiGhXEG8&random=1109704443&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=*;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%252...
adservice.google.com/ddm/fls/z/ Frame F9BA 42 B
118 B 42ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=*;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: 8019375.fls.doubleclick.net
URL: https://8019375.fls.doubleclick.net/activityi;dc_pre=CNm7u8b65PECFYmHUQodLx0MBA;src=8019375;type=conta0;cat=sitew0;ord=4408372791524;gtm=2wg7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8019375.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFuc... Show response
adservice.google.com/ddm/fls/i/ Frame C418 569 B
466 B 50ms
49ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: 10919923.fls.doubleclick.net
URL: https://10919923.fls.doubleclick.net/activityi;dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe980e5f89baab97df2740e249bd216d83c43668b4186e37fb2d7f3dfd9402c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10919923.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10919923.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFuc... Show response
adservice.google.de/ddm/fls/i/ Frame 5E2F 194 B
265 B 41ms
41ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CKqXu8T65PECFZma1QodKqcCBQ;src=10919923;type=count;cat=malwa0;ord=1;num=3806772112628;gtm=2od7e0;auiddc=210292878.1626348029;~oref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jul 2021 11:20:38 GMT
expires: Thu, 15 Jul 2021 11:20:38 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core Show response
js.driftt.com/ Frame 6298 5 KB
2 KB 143ms
143ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1626348300000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e9ed569d8f08a8b0751fd4c4edaf8bedfa44565f597508afe45be8e26eaad30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.malwarebytes.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 14 Jul 2021 17:48:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: S1ixU1rtZoN_TF8AeLqI3Jt8_UiTegJf
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 15 Jul 2021 11:20:38 GMT
cache-control: no-cache
etag: W/"2aacdee317bc83ddaa7d41bd8d016738"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: K0reN49TZCtNtnd4Xw5AG5ZFaplNq-wJNVHyzSbv6bD-73AlYFAwRg==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame E7EA 5 KB
2 KB 147ms
147ms Document
text/html 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1626348300000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e9ed569d8f08a8b0751fd4c4edaf8bedfa44565f597508afe45be8e26eaad30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.malwarebytes.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 14 Jul 2021 17:48:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: S1ixU1rtZoN_TF8AeLqI3Jt8_UiTegJf
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 15 Jul 2021 11:20:38 GMT
cache-control: no-cache
etag: W/"2aacdee317bc83ddaa7d41bd8d016738"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: rkw_ngyJD2QwHgQhIfHMw2aZOMVLXXwFP-uzCrBGm-QGneHaIRxVtg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 89ms
30ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

0
336 B

38ms
37ms

Script
application/javascript

52.17.151.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.151.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

location: /s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
date: Thu, 15 Jul 2021 11:20:38 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 100
content-type: text/html; charset=utf-8

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 5 KB
2 KB 17ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772e7730b2970145fc07943c00c7e5d48ac3bc1e6c7b938cf262ef040e3d59be

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72667
cf-polished: origSize=4874
cf-ray: 66f29a468ff64e08-FRA
ce-version: 11.1.316
last-modified: Wed, 14 Jul 2021 15:09:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=43986
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 68ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 40415
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1626348038.219584,VS0,VE0
x-served-by: cache-hhn11542-HHN

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 113ms
37ms Image
image/gif 52.213.189.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=jtuxrxn&ct=0:fyckj1z&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6335 0
181 B 111ms
38ms Document
text/html 52.213.189.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&upid=r8yigtp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&upid=r8yigtp&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.malwarebytes.com/

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 12ms
12ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1684993874&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&ul=en-us&de=UTF-8&dt=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=25&_u=aHhAAEAjAAAAAG~&jid=452820305&gjid=811885130&cid=2012471101.1626348029&tid=UA-3347303-10&_gid=19840952.1626348038&_r=1&gtm=2wg7e0MKSKW3&z=537912590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/data-scripts/0081/ 4 KB
1 KB 15ms
15ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ba6fb2bbb8c0b57a393448d7000787756641931c51937d31cc9401cb3a6c97

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72665
ce-version: 11.1.316
content-length: 1391
timing-allow-origin: *
last-modified: Wed, 14 Jul 2021 15:09:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 66f29a46ae392b1a-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=452820305&gjid=811885130&_gid=19840952.1626348038&_u=aHhAAEAjAAAAAG~&z=2055357087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Jul 2021 11:20:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.316.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 14ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.316.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883108c823814c1e6894480a10f719187b16b86b3a27f8fa21a7f63d54f61642

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 15:28:38 GMT
server: cloudflare
age: 72677
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 66f29a46c8724e08-FRA
content-length: 21534

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=452820305&_u=aHhAAEAjAAAAAG~&z=992526307

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=452820305&_u=aHhAAEAjAAAAAG~&z=992526307

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 31ms
31ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:20:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sat, 23 Oct 2021 11:20:38 GMT

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0081/ 46 B
127 B 15ms
15ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0081/2893.json?t=451763
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.316.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa8bf67f6e449586d176b4555c952c96367c05e22f77f49c3101a19f79f4b4a

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72665
ce-version: 11.1.316
content-length: 65
timing-allow-origin: *
last-modified: Wed, 14 Jul 2021 15:09:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 66f29a46eec22b1a-FRA

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 189ms
137ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 15 Jul 2021 11:20:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 406cdfd07d3364befbbfdac45babfb63951a395ea937a38cad31b73633c15c8c
x-transaction: 2b404cade9c98c81
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 190ms
139ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 15 Jul 2021 11:20:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ebde4ed84679a4877af49025a54b94f2178513b4497762c5ce685fbd85c85a01
x-transaction: b79aaf45153ea83c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 runtime~main.6d5321a7.js Show response
js.driftt.com/core/assets/js/ Frame 6298 5 KB
3 KB 38ms
36ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a4c45aaa088eb16698ff1fe4e5e928b8524b75853c9261591225626b58828ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"95c6dc62fa2721d9dc2d2ac4a736dbdc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: klNh9MJeVcMpo0jmNgRK.fxGJk1ArEGn
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CR3PIBcDedR3lS2thofpd4LhTLdxpaPecRaHIfJrlrwd-q6yYSrsVA==

GET
H2 200 41.e160bbf0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 40 KB
12 KB 40ms
37ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c15825ab2f48168897fd1ad58c944506a22330c23c0e1343e131c97674feb2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:05 GMT
content-encoding: gzip
age: 669753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"892cb3f1ec1a78b39e0b826338f03342"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ScJVSFDPWy5NXC3WHH.HWFn8vK_O0fmq
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lqWQiiFtvu_zJbn8Clw9wCKrtp8FRm-3bG7GmPOLHx3J-SqlEPhCVg==

GET
H2 200 16.95721841.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 42 KB
12 KB 42ms
39ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.95721841.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f2d028894ae453bb127c83d5fef512afb253fe8e127bf0209abd43181ffb56e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"e2ea174d71ada4fc4c630b75829b9c20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5QT3mo.b_b8hBoe24x.l4f9DRAYWNmPr
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5HrwHQul0V80-no0aq2Vud6P3t9DQoarBGenHsAm0jZcUdKvY7wsUQ==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 76 KB
23 KB 46ms
42ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9TDXOvf4CF3Gu7hPjxNEhKqDcs5BHyJ0jygJFB3QcKbPJCpxILMgzA==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 16 KB
17 KB 49ms
46ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0DXQWi4F4dVni7dY41EXBlFcsaUKQ6mGxc5SL_ZXXhOx6mqdtu8AmA==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 15 KB
6 KB 50ms
47ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cMeHiFHWnW98L_RUs4G_ReFHcSZw38kmB1XynaN_qRqL2KQnSQ9alQ==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 49 KB
15 KB 53ms
50ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vrEsbKU1dDC0b0koU2ghR8KSJqdRs2JZFYcwn0jCuJ8_ezwCKTjheQ==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 44 KB
44 KB 58ms
54ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sx9WVrSO2PvV-6ca5DBQ4-ww34mZAqUut0IpXECW-rsVxuEdnAkt3Q==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 25 KB
7 KB 63ms
60ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tAo0d8w2Dmhf7rpGIUmq9VI48mvlXSRkxvVy7g8VaQqDPajuUAmquA==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 25 KB
9 KB 64ms
61ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CEFgisJNWnz0pts1O9BHR15QWNK7jFVLuMH_0O2tGZwEaW0H8dD1FA==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 125 KB
39 KB 66ms
63ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3WFwtqbW3HFp4-sfQjJRo_EPIXCw6MCjm43fq7DI6ke-pf8B20tMlA==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 52 KB
18 KB 72ms
70ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 11:25:21 GMT
content-encoding: gzip
age: 7257317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:12:39 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QuqpYg5lqin20fiKflVNz9mPsd5qwhed
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vewTUjYaBP36d90dONorNIbrPyVPFG_exoilV1R2mJ49eTuXiYFKmQ==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 24 KB
10 KB 73ms
71ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: roUXiffnNFRZsuYsXnyD41or96_Y0HG9TeUvdRt1F5hUpyJPZOkWyw==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 14 KB
6 KB 74ms
72ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KuyCLKJPm_XNG--66NE0bwc7xPWHwYdF3f5peNfJGiT642ZyynfMhg==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 60 KB
21 KB 76ms
74ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 1478967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fD2dPNEYsFpYTpz7IwVnRoLzWTBo7w6sjbURuFmiCjD8fQ1hi0Gz9Q==

GET
H2 200 main~493df0b3.44d88cd8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 75 KB
23 KB 78ms
76ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.44d88cd8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

024674f9ac970cc5e88670a1d320714c0c45b2db474d5879cf34480629789e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"82273c7c2c37330ee3d1f22cae783d7e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sHw3oa8m_hj_zXlYekq5HCwHOLoAjO4M
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TU9m07cZkp7KTmcpRjuZHCqgkz6v_IKyZPzoD3a2Zjl2i_H8pCqLPw==

GET
H2 200 main~50ba91a7.2e74121b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 66 KB
17 KB 80ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.2e74121b.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ff134c43365b1b3008ee1723bcae86e950ba0f7b2e01f0fba71df106bb9713bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"b9748c07cb9f7414b44a2a49410b1e22"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HTubCX6bp3Rqdf729BPOxUsGLke53j.j
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hnIXbIRp_1sO-_6ahyeJMLbaOVqy60Sa4qN_JLBuWBKWhbP1D7bW7Q==

GET
H2 200 main~89e24786.e2e1a3b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 66 KB
18 KB 81ms
80ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.e2e1a3b1.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d5928bd00e6b20a4bf5fb7ad67d62cccb36ece351a4ce8ad77cc41269e6ca91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:10 GMT
server: nginx
etag: W/"97f3a9c5d6362498a2f10e8c7f669271"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K1FGNDbB_nicEsAgXOuE3jOJ97gQ3iwp
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tzY9O_anrEHjx8ATqzNz8LVpVN_G1FXZD-trPPUQyYgZZ1JAWqTVrg==

GET
H2 200 main~53ca99a6.5ad3f890.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 37 KB
12 KB 82ms
81ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.5ad3f890.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9135a463355e1dd77ef383464e33d0cc180739bce2cee040991acd208ba602d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"2e782488f21ef5ec256f1a9a24266a8b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ei1b0XRMBcUitjAqHTTqGdlHYJnw3MMB
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jKrwKTJQyjS4bBIMG-gmmpsfCkYgfwm3Ulb7J5KYHiFJ2A6ycQl0xA==

GET
H2 200 main~493df0b3.a17ec6ba.chunk.css
js.driftt.com/core/assets/css/ Frame 6298 10 KB
3 KB 69ms
68ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.a17ec6ba.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:22:00 GMT
content-encoding: gzip
age: 237518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 17:01:38 GMT
server: nginx
etag: W/"29d1e40533b15ec17e2ba1b54ba08ccb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HkTEJJuavn19c1W7LdyOsR3UFaxpmfNh
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nmMOfTIVwpgCg-oUxvliVW88flF4URMSGn_R6ULtjRNlfymSjKIxqA==

GET
H2 200 runtime~main.6d5321a7.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 5 KB
3 KB 79ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a4c45aaa088eb16698ff1fe4e5e928b8524b75853c9261591225626b58828ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"95c6dc62fa2721d9dc2d2ac4a736dbdc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: klNh9MJeVcMpo0jmNgRK.fxGJk1ArEGn
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uXTmmIaehMt_nUkZm_ql0oEM7bBUlsqH-twIsbfjnxoSO23Ko3tivA==

GET
H2 200 41.e160bbf0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 40 KB
12 KB 79ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c15825ab2f48168897fd1ad58c944506a22330c23c0e1343e131c97674feb2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:05 GMT
content-encoding: gzip
age: 669753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"892cb3f1ec1a78b39e0b826338f03342"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ScJVSFDPWy5NXC3WHH.HWFn8vK_O0fmq
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fLXM_ACbpCN5_RkbyW2PrayshhigRQPRNk23OtxcUoQL72Sj66r-iA==

GET
H2 200 16.95721841.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 42 KB
12 KB 80ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.95721841.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f2d028894ae453bb127c83d5fef512afb253fe8e127bf0209abd43181ffb56e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"e2ea174d71ada4fc4c630b75829b9c20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5QT3mo.b_b8hBoe24x.l4f9DRAYWNmPr
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RXon3efd0-jSwctJcJr66Q83q2GQv0MXvIgT8nWU3wnMAxhgmGpSWQ==

GET
H2 200 20.c8bfaace.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 76 KB
23 KB 80ms
78ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.c8bfaace.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"05fb3a19322fe33456695700b22ca4e2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XrcMsqvGZTNer7Z.KNWB8MIL9me2aaW4
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ThEm7-uLivt3C2YNa6iOdori5rTfDOkHE2o49AlSIBB27deVato3hw==

GET
H2 200 14.d3d002d2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 16 KB
17 KB 82ms
80ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.d3d002d2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16842
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "623891dd85333e1266f748ec25173f58"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4CVN_HgdOmbq_dGfaSpUmJSbudwDZyhV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aJ5jE4bsCURisijLQhVO3XRSwVBfu8KRfCV3Yx_lpPbtIf6MJexbhQ==

GET
H2 200 33.2c426dc0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 15 KB
6 KB 82ms
80ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.2c426dc0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"69d70b55b949b7cd8bccc9cd1cbc9472"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _1M1o3WCiGZ0qmy1UCRBmPw1fh2L1rrk
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NcisUtOyYr2MpQllvDd21PoHvJzo1f-EmI01MgCvsKaAwR6u-jZz7w==

GET
H2 200 21.cef624a1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 49 KB
15 KB 83ms
81ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.cef624a1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"0b114875bf85f5dd5e70982e9a34db7f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FBGyBlSBcINm9YYkEklzCtlqnGwoP5xl
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OwoVFO6vlwpJtjjfPrC6CYW68tnWDqGGP6e7XfrbNr_gBwGzCrI0jQ==

GET
H2 200 12.744a3ffe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 44 KB
44 KB 84ms
82ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.744a3ffe.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44752
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: "2bf45f1f1322f108d1ae12847ce1be35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F9h2FvsHmB4lYvfLUyfzNGYjSOv6XNZT
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DXZr86MQ8GZA9hfabCM7K4KJOzu2Sb63tYmj55RNdJv6OJ_bTavF0A==

GET
H2 200 11.1e60125c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 25 KB
7 KB 86ms
83ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.1e60125c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"ecad5ea4d5adea93b258b77317b364f3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4nyc0RtLALHBygnzvqMmY59PpRjihEAU
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nx2ssScy3cDevhbSrtdyEqVp_Gw0zVcNrtDvY0dIyBx93OnFz8X0DA==

GET
H2 200 32.a09dc9c3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 25 KB
9 KB 87ms
84ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.a09dc9c3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"11468efba479c18522bb9d2b65da22a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q9MFp7oNNzkLvvU_J3YW1ywErHeUAICE
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jG0Q-hYgQlQ5VWjNLdgZOyHjoiyu6YMdUKJb_Ck_H6-Pfj50_iAB8w==

GET
H2 200 17.4af8d397.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 125 KB
39 KB 87ms
85ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4af8d397.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"2cd82a6eb20e3bddad173874c9fe7fdf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zADY6K9Aqe2nr8_M3TTPRHQY4TSKPAxh
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q7h1qDHTK1pRn7rsLJrH1gIN8Ut9211TfA4WX2EBwC0hwHHFPAnitw==

GET
H2 200 35.a8afab31.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 52 KB
18 KB 90ms
87ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.a8afab31.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 11:25:21 GMT
content-encoding: gzip
age: 7257317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 20 Apr 2021 21:12:39 GMT
server: nginx
etag: W/"e000fed6be2bb9d6650a3d6298820c00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QuqpYg5lqin20fiKflVNz9mPsd5qwhed
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zJJwDc26bHpwCVFgGLvlfclvkeJXEiQxGEL1PTufMKTNiPEhyiz-jQ==

GET
H2 200 30.5b748463.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 24 KB
10 KB 91ms
88ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5b748463.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"480c37b4c7944b05a252c69d3933fba4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: egX4a_fGKXL4O3c8DqHakvl0iABx61BY
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vALLje3T_iD10hqNIuiUBXPv--DfFkMyUkmMFt22tDEzpm9x08cp7w==

GET
H2 200 15.4694d44f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 14 KB
6 KB 91ms
89ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.4694d44f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"9ea9ef7e788d6bd0b0b5cd39f83ed71d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DItkDO5D10.qCJpq7kGUj2H4ciqXe9xL
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WM_XhJnqaOsxsSAzU_nHMMZ99mZxufaHINByH9PAoy5Q-7D6OsGJ9g==

GET
H2 200 7.76d57e6f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 60 KB
21 KB 92ms
90ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.76d57e6f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 08:31:11 GMT
content-encoding: gzip
age: 1478967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 15:51:02 GMT
server: nginx
etag: W/"aa4a9ec028f191c0ca1548643eeda4bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9fUcrcSskDahH0wsV9ouaXswXvOU09r7
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UeZyazKAxqXV2rDRAPuLhC8thALSHc0-q7gpnpIXmHvuqKKbX6_lHQ==

GET
H2 200 main~493df0b3.44d88cd8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 75 KB
23 KB 93ms
91ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.44d88cd8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

024674f9ac970cc5e88670a1d320714c0c45b2db474d5879cf34480629789e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"82273c7c2c37330ee3d1f22cae783d7e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sHw3oa8m_hj_zXlYekq5HCwHOLoAjO4M
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7zWpaNQfB9s2VpSmPxQZnas4slbm2Rr4vuaieAXmKJHlvhH_WTHT9Q==

GET
H2 200 main~50ba91a7.2e74121b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 66 KB
17 KB 94ms
92ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~50ba91a7.2e74121b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ff134c43365b1b3008ee1723bcae86e950ba0f7b2e01f0fba71df106bb9713bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"b9748c07cb9f7414b44a2a49410b1e22"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HTubCX6bp3Rqdf729BPOxUsGLke53j.j
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: buC6lAEqJelkrGBkKfBzqcoX-Tu1nkkPjE9pFU4gwp5p85RXiVGQAA==

GET
H2 200 main~89e24786.e2e1a3b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 66 KB
18 KB 95ms
93ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.e2e1a3b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

d5928bd00e6b20a4bf5fb7ad67d62cccb36ece351a4ce8ad77cc41269e6ca91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:10 GMT
server: nginx
etag: W/"97f3a9c5d6362498a2f10e8c7f669271"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K1FGNDbB_nicEsAgXOuE3jOJ97gQ3iwp
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yMF91gPa1SMoL97nyD_3TTdilhBfrltSDXtJXBAaQ-8eWZD1bwTpXw==

GET
H2 200 main~53ca99a6.5ad3f890.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 37 KB
12 KB 95ms
94ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.5ad3f890.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9135a463355e1dd77ef383464e33d0cc180739bce2cee040991acd208ba602d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:38 GMT
content-encoding: gzip
age: 63120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:45 GMT
server: nginx
etag: W/"2e782488f21ef5ec256f1a9a24266a8b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ei1b0XRMBcUitjAqHTTqGdlHYJnw3MMB
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N-hgrbT21lh9DEtYwgvjLcWdP0hPwxtggjYOHybru4BT13DcSWxgZw==

GET
H2 200 main~493df0b3.a17ec6ba.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 10 KB
3 KB 95ms
94ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/main~493df0b3.a17ec6ba.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:22:00 GMT
content-encoding: gzip
age: 237518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 17:01:38 GMT
server: nginx
etag: W/"29d1e40533b15ec17e2ba1b54ba08ccb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HkTEJJuavn19c1W7LdyOsR3UFaxpmfNh
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IAC6lCEI_Ft_n2gRB1D4OFAPgK9RkcesBCq2XauaEVtF9kTYkv5gwA==

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 22 KB
7 KB 39ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sRnwj8aHl26ojgQGzvxVRHopm9mplBqaGTtJOAvvBgJM_HUvN-9dtA==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame 6298 1 KB
1 KB 39ms
38ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f3OO2GbkyzKF9bi587bj0OGw2zOoJ64OBghS0hbpAFeLQ0do8OoWow==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 5 KB
2 KB 39ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9vt2I1FwEIoP8PczZFrxgZkrRupC4jDBfUxtT7_iz8m79YxJOwanUg==

GET
H2 200 26.99c92d86.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 22 KB
7 KB 38ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.99c92d86.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"68dd2d5bbc3d1f109781a2b2021aacb3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9Zo3GBosIu3ow1incjCLN3q.ALDypy7R
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qThwKGo2-FJZEQg5I-BDLliSkeDLsqvX5yoVUYTlbooyxxya58xUpQ==

GET
H2 200 28.c8071680.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 1 KB
1 KB 38ms
38ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.c8071680.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8d9d05ce6555c8a82ab4b586aecc7a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OwfnuSWa.W0YMJmeYUluWIVAPiXJKKhs
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4OOceJHd5J6BENH1ApUmwJPZhU_m1FRriqDqUZKMDQOQOipK7jnc9Q==

GET
H2 200 28.f83d3475.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 5 KB
2 KB 38ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.f83d3475.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"31622ec5109fa0c061e9e9ded0c3352a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0Llccd9sprqz.hEDfkRly_3vegIDZXCL
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mrq_CcM3sXiV3V3HT4zb9eFJaNed-neKvjjBy5ZRkIZQDy-11Oy8Bw==

GET
H2 200 22.0fe27b6c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 42 KB
12 KB 37ms
37ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.0fe27b6c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"16f43d4a1f08d1a487db21656c599aae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oe044AXHveLEL0iyz_cDL4QpsHnhigfv
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 10pAMTgPictWLPUyDe-aYhFc6_JzNjHo-nkfGubk_kjW91vi6akZOg==

GET
H2 200 18.44736ae1.chunk.css
js.driftt.com/core/assets/css/ Frame 6298 8 KB
2 KB 38ms
37ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.44736ae1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8b77004f90a97a8796e83c50f9e084d8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: x5dOG.3yJKUjrVUkQNFI.TikwE6Otqdt
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ndYx6VqPQEzDLxC8OL0Pn__Gp5izJ7d3Ro2778i0xHsXRr9XynHllA==

GET
H2 200 18.4bb97615.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 65 KB
19 KB 38ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.4bb97615.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3ae7ec7f4afdd0d2a4ed7ac66d00af6a05cf4b317fc13dfc2c9797e10a31ee39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 17:48:39 GMT
content-encoding: gzip
age: 63119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 14 Jul 2021 17:38:43 GMT
server: nginx
etag: W/"9a039e146776218ad6b5c6229f283b8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IXDP5ZGZc5.hKNfGo9_Q.Hr5xLUYIwnE
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b7pNWyvMGXNEJrR1j_1LBZgEGFvT7SG1F-lcsW2blx1XxDg6oLBJfg==

GET
H2 200 29.35fcf3a3.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 6 KB
1 KB 37ms
37ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.35fcf3a3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Vv9Z.AFLkHfCx19G.PJtFEYakZc4c3sf
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L77doJwIvCALDSBlTuV2ZJcJgAu6ro031A-ckx6_PwBshDqgzWmz6Q==

GET
H2 200 29.9b16991a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 2 KB
2 KB 38ms
37ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.9b16991a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"6b76f18bc4b40ce872a15191ddb2ca65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pUOVA9iV.dDilNdMlhO7iOxxJwe.gxgd
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5Ej44WhySAlVYytHxN1MM5iGjRkCX0ZQBgrTD1TCR-BYgXLksqgLMA==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 7 KB
2 KB 37ms
37ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -zDw38NVjRwfchfu_k2PZBMUXQ-7pV7x2ZBF5udNILEIDUh9eIJyuw==

GET
H2 200 1.1dd18d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 76 KB
23 KB 38ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.1dd18d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:07 GMT
server: nginx
etag: W/"a4a439b10d3ce63496e066f88921993e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oYIrLBgaYmBaM_5vGMtDckG4hutYLM4r
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7CuPzz-fvlDEP1u16n7LHS6BjSXyiS2zoWGylqiq9-pBA3rTdd9wYA==

GET
H2 200 0.061f3bcd.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 39 KB
7 KB 38ms
38ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.061f3bcd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 660957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"8270a19b1866f9a99b674fe2dadeced0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zxSLZd3Brbt8Il6bhjFDwt2Bq0yNmNhu
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nOur0l_CyboturO9qNoLuV2dBsjy8thfqqPHNgC6G2h6dUlI5_tmYg==

GET
H2 200 0.c91e7ffd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 58 KB
19 KB 39ms
39ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.c91e7ffd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

4456514fa444224999585903be28694e47be2ce1b2a34f6dda1ce47acf59ab1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 17:39:39 GMT
content-encoding: gzip
age: 236459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Jul 2021 17:02:45 GMT
server: nginx
etag: W/"299f5f13377a6dba1f486e5b2ca78e5f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dtcYU3soCfMlxPcmRwUOZmLDolWHGFSV
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1U578y10_lErqgt5BqjTY6sx5S_-jfPOOxjX3t9nQcj2BEvpXe_8Bg==

GET
H2 200 25.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 11 KB
2 KB 39ms
39ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:06 GMT
content-encoding: gzip
age: 669751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PBLtoaNf6c055OEpbrvVBHkZeIp.wBXB
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xPHTJbFgFOOaK9yw47kP_XDSSTn0Pn24oCrrLTzcml_RACpzq1vw0A==

GET
H2 200 25.8acadfab.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 11 KB
5 KB 39ms
39ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8acadfab.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9f68028dde11cf4dc833bcb5612acba5377d41697f728eb625bf9f8ab4289320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:41 GMT
content-encoding: gzip
age: 660957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:08 GMT
server: nginx
etag: W/"166b04e5a4c8a4fd5ca16633d7dd6e31"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ei7UKTjrS7aQPc18gpRadrork8hHHQ2O
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sbZ57i1ORUN6ZOpdFY5doDuWsc6QuOS6qWb-6aDH46X7D47PKxUnzQ==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 344ms
115ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifta02186f4a51a5847096baa419aa
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 6298 25 B
123 B 126ms
125ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
server: istio-envoy
requestid: f9a7275dd6d3d989
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 6298 103 B
200 B 108ms
108ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

d1e2636f0735347445e5f5ee8fc8786d0cf65fc2295e34f69582eab2d1ef6e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
server: istio-envoy
requestid: 55c97bf630b8d482
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 322ms
107ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:38 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift1dce3574662a812c5968935e510
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6298 4 KB
643 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/main~53ca99a6.5ad3f890.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 10:07:56 GMT
server: ESF
date: Thu, 15 Jul 2021 11:20:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jul 2021 11:20:38 GMT

GET
H2 200 7ghicgw4nish.json Show response
embeds.driftcdn.com/embeds/ Frame 6298 28 KB
7 KB 515ms
432ms XHR
application/json 13.224.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/7ghicgw4nish.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-31.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66cb108bc30c990dd231a946b87f4131330b77bc0580b2c79cbfe85152eebe26

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 10:10:57 GMT
server: AmazonS3
etag: W/"6b053db1dadc4dccb5d584210fb05b60"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: 1YnQeo-aoo2UlQfQybN91j_RZIDsanMyT7c1npa3wXjxV1TUqmTevw==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 6298 3 KB
2 KB 268ms
268ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f1deeace7555b02c9a21589f281c687e09c3932778f8103b3131c8b01872ef25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Jul 2021 11:20:39 GMT
content-encoding: gzip
server: istio-envoy
requestid: 28911ea6cddf02c6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 162
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1632
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 7ghicgw4nish Show response
targeting.api.drift.com/hours/availability/combined/ Frame 6298 54 B
141 B 120ms
119ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/7ghicgw4nish

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3daa37aa0cd561383c7dda83967f4aa0f171d5540200b6c7f61694deda4c67ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
server: istio-envoy
requestid: 72ea6ad58437477b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 54
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 7ghicgw4nish
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 113ms
106ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/7ghicgw4nish

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:39 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drifta9d2ea54a9cacd46a4797e80518
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame 6298 663 B
1 KB 105ms
105ms XHR
application/json 52.207.163.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.163.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-163-92.compute-1.amazonaws.com

Software

Resource Hash

bf7369f5d7be2742f77a0332d7e6abf8ceb7e139b556a8d810d63e0efa8d07c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
requestid: 9308a24414a9812
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 663

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 318ms
104ms Preflight
text/plain 52.207.163.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

52.207.163.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-163-92.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drifte52aecd4f789827dcc2a50c9ccd

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6298 17 KB
6 KB 37ms
36ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=2cf0e9f3-f477-4907-9bc6-125201d920e7&sessionStarted=1626348038.121&campaignRefreshToken=4feff5fb-5a02-4a9a-9706-7e7b90a000f2&hideController=false&pageLoadStartTime=1626348028015&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rhXcNaObq359dMg773qiKUicRyE4hk07IpzIj_3Ndjx_MglhrX36qQ==

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 17 KB
6 KB 37ms
36ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wm5JZqR4IPh__4Y_LUsnFht2LU6q1zxaemBA9O04C0N09pmUAd5-dQ==

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 6298 191 B
250 B 107ms
106ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e2866ce88c039ac23c69091c95ee33bca5af44ddc567c8ead739df8019f3face

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
server: istio-envoy
requestid: 229d24766299a214
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 191
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 106ms
105ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift2600d4f4c43b97f85392f6c277c
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 render_initial Show response
flow.api.drift.com/flows/ Frame 6298 3 KB
2 KB 142ms
142ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

d8e4e4bb8b1a03d4b4ddfc3302ff553b82b9766c85b7865cbae8ac3c3c8b3dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
content-encoding: gzip
server: istio-envoy
requestid: 5e668008aa7f2eb9
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1844
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 render_initial
flow.api.drift.com/flows/ Frame 0
0 113ms
105ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifte26ed704b2ea622a512dd4a6053
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 111ms
110ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftdba42b04926a135630a498f25d8
content-length: 13
x-envoy-upstream-service-time: 5
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 6298 0
38 B 115ms
115ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
server: istio-envoy
requestid: e4abfc19e54af69f
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F129404%252F79c17ca09ef27fdb0693456721fb0cdee2f9ngbi9efk%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%...
driftt.imgix.net/ Frame 6298 14 KB
14 KB 9ms
8ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F129404%252F79c17ca09ef27fdb0693456721fb0cdee2f9ngbi9efk%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D9e6655fec033ec80b23a679599b65786?fit=max&fm=png&h=200&w=200&s=cf048c4cd7bdc8161b1bc35cc99550fb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

f720bcff8fcd00281b5aaf2db45e62e14f89c3ccad3ca764609aca3808521d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Wed, 30 Jun 2021 14:16:11 GMT
server: imgix
age: 1285468
x-cache: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 948e09280892a42e19747ac626e8e6886915b37f
accept-ranges: bytes
content-length: 14678
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10070-SJC, cache-sjc10027-SJC, cache-hhn4021-HHN

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 6298 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 11:17:37 GMT
x-content-type-options: nosniff
age: 172983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 11:17:37 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
16ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=1086269366&uid=D1EE6028-382B-4199-9C24-DADC7ADEF095&gjid=556882996&_gid=988123412.1626348029&_u=aHhAgEAjAAAAAG~&z=1177024335

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Jul 2021 11:20:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1684993874&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.malwarebytes.com%2F%3Fsbrc%3D1xjS1RCkQFucrRlMp-5sNiA%253D%253D%25244LUr2n_NPN-gDoki8nYwHw%253D%253D&ul=en-us&de=UTF-8&dt=Malwarebytes%20Cybersecurity%20for%20Home%20and%20Business%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202316363&_u=aHhAgEAjAAAAAG~&jid=1086269366&gjid=556882996&cid=2012471101.1626348029&uid=D1EE6028-382B-4199-9C24-DADC7ADEF095&tid=UA-3347303-10&_gid=988123412.1626348029&gtm=2wg7e0MKSKW3&cd2=66433122&cd3=Mid-Market%20Business&cd4=Software%20%26%20Technology&cd5=Devoteam&cd6=Devoteam&cd7=Software%20%26%20Technology&cd8=Data%20%26%20Technical%20Services&cd9=%24500M%20-%20%241B&cd10=3%2C000%2B&cd11=Levallois%20Perret&cd12=IDF&cd13=(Non-AccountWatch%20Visitor)&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=FR&cd18=devoteam.com&z=876217753

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 05:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19355
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 6298 25 B
89 B 143ms
143ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
server: istio-envoy
requestid: 88bcc78dc943c8ea
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 113ms
112ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftaba9bac450789239b0a2b4d8fad
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=1086269366&_u=aHhAgEAjAAAAAG~&z=1334489681

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-3347303-10&cid=2012471101.1626348029&jid=1086269366&_u=aHhAgEAjAAAAAG~&z=1334489681

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jul 2021 11:20:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 36.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame E7EA 900 B
2 KB 38ms
37ms Stylesheet
text/css 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/36.e483d03f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:08 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 900
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cz29m.Fts8YXx_IUUNjCl_E4K8cC3nMy
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UVkIejCvVK_UbLWM3OkXErOjgStxGjlL8IcIYbYK28Gw9I2A4Svycw==

GET
H2 200 36.87960841.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E7EA 303 B
967 B 38ms
38ms Script
application/javascript 13.224.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.87960841.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.6d5321a7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-5.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

edf5d541caca5cdba1417802ad63b784c665a0a9a4186f1a1ac4e43e1a24439f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1626348028015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:08 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 669752
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 303
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: "835857a703b37f049afbdaf680afb896"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 49eP141GUq4d.EICEk00vDg17u.v93HG
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wYKtag6OYQh47w8jGNfHrSThoI_ymlTh4XDqCVozumzMazWJmfvK_w==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 6298 25 B
83 B 113ms
113ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.e160bbf0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI2NDMwNTcxMTY1MTM4OTQ0IiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiNzE1MjEiLCJleHAiOjE2NTc4ODQwMzksImlhdCI6MTYyNjM0ODAzOX0.QfMPRxCIz5G5D3NuOAT6fm0AyrVPRhZk8VpeQAQH7-RsxmxKGCPewQVzaD4D0AEol6Rc21eec-x-1GizRj50pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jul 2021 11:20:43 GMT
server: istio-envoy
requestid: a28312ebaecd407b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 112ms
112ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 15 Jul 2021 11:20:43 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8d00fc74e65a6e5f884e2d52c85
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:45:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 05:07:24	Name: IDE Value: AHWqTUl6Jsmi_DPd0eOog_x_mc8WeUoLxuDBbthBUSsqoQaUZ9fMpSr0OU_-N-QM
.malwarebytes.com/	1970-01-20 04:31:24	Name: OptanonConsent Value: groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1&datestamp=Thu+Jul+15+2021+13%3A20%3A38+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0
www.malwarebytes.com/	1970-01-19 19:45:49	Name: drift_campaign_refresh Value: 4feff5fb-5a02-4a9a-9706-7e7b90a000f2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://code.jquery.com/jquery-3.3.1.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'setAttribute' of null TypeError: Cannot read property 'setAttribute' of null at setDownloadLink (https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D:719:37) at HTMLDocument.<anonymous> (https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D:724:13) at l (https://code.jquery.com/jquery-3.3.1.min.js:2:29375) at c (https://code.jquery.com/jquery-3.3.1.min.js:2:29677) undefined
console-api	log	(Line 3) Message: in loadDrift
console-api	log	URL: https://www.malwarebytes.com/?sbrc=1xjS1RCkQFucrRlMp-5sNiA%3D%3D%244LUr2n_NPN-gDoki8nYwHw%3D%3D(Line 1069) Message: setSSOC:77.243.191.108
console-api	info	URL: https://js.driftt.com/core/assets/js/16.95721841.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 271.1999969482422 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10919923.fls.doubleclick.net
8019375.fls.doubleclick.net
9812475.fls.doubleclick.net
ads.avct.cloud
ads.avocet.io
adservice.google.com
adservice.google.de
analytics.twitter.com
api.company-target.com
api.demandbase.com
api.intellimize.co
api.ipify.org
app.salesloft.com
apt.techtarget.com
bat.bing.com
bootstrap.api.drift.com
cdn.cookielaw.org
cdn.jsdelivr.net
code.jquery.com
connect.facebook.net
ct.pinterest.com
driftt.imgix.net
embeds.driftcdn.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
id.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
malwarebytes.com
match.prod.bidr.io
metrics.api.drift.com
ml314.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
s.pinimg.com
s.yimg.com
script.crazyegg.com
scripts.demandbase.com
searchg2-assets.crownpeak.net
secure.perk0mean.com
segments.company-target.com
sl.malwarebytes.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
targeting.api.drift.com
trk.techtarget.com
udgrbq.malwarebytes.com
unpkg.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
104.111.234.67
104.244.42.131
104.244.42.69
108.174.10.14
13.224.100.124
13.224.96.26
13.224.96.3
13.224.96.31
13.224.96.5
13.224.96.51
13.224.96.57
13.224.96.62
142.250.74.194
143.204.95.99
151.101.132.84
163.171.128.148
172.217.16.134
178.250.0.163
18.215.205.165
199.232.136.157
2001:4de0:ac18::1:a:1b
206.19.49.24
2600:1f18:21ae:6700:f931:acf0:5bbb:8761
2600:9000:2190:9c00:16:26c7:ff80:93a1
2606:4700:10::6814:b944
2606:4700::6810:7baf
2606:4700::6810:9540
2606:4700::6813:9308
2620:119:50e4:101::6cae:b55
2620:1ec:22::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:801::2004
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::9b
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::485
2a04:4e42:1b::720
2a04:4e42:54::84
3.211.199.67
34.252.144.15
35.244.174.68
50.16.216.118
50.16.7.188
51.11.20.152
52.17.151.21
52.207.163.92
52.211.195.119
52.213.189.245
52.23.16.18
52.48.10.11
74.119.119.150
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
01c322bba04afc8028fd95c35cef8b2734ac45485971adac02916e4e9f41721e
024674f9ac970cc5e88670a1d320714c0c45b2db474d5879cf34480629789e1f
0265a290c1953b81daba9d6ca2f03b2c376ba7e2cea3f03304a119a9be4db13c
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0635a1dc8d6926161ff709e0089ae55daac5dd3b266802390e59f7176661cc46
06c8a989a9848ff3181bf09834e0618ad6775fa16024a90f21874d79e174f4c3
06eeacc16d500c61ad439131db7587db9e4b7e8054698c380017ab64e329d61f
08c342aa32e495a8a14ab30d3ae807fa12907cd243111d224d9bb2917b9e9791
0b567465cb77f29d334f34ad2ec60025b9348b9279ad680da96d6f58054c6cd9
0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad
0ba3abc48830ec83531ca340194c6b625ac66f0500565fbf2ac23ba72cd8224e
0bd6aa1dc4e02f07deb9f4525e09fb5150b0839a528a99a49b226d63d82ec88f
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
108cdfbbaf23107b7237a8db701db0fa3f324a9710533aee39b3196bf039ca9c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114c908673dd0a1d941aed822ee32d91137959b5e74c052a41c2bfa727fc39cd
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1e1cf6438cca2f4819cf76c5e8ed8212742cf61b6abe95aac0b89e8e9e6b3d33
1ea762a4223eb21cf482eba49edc66f056f475481e7aa618eeb76e4a72bf331c
1fd8116c5077210f907d45572f6d6c26864ebf8f1f2f6fb697d960d77e01e049
203e4390dc46f359cded845d3340733a2bcbb487bf740e00876c28dc72cc1dc2
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
273d5708bde5ff46c08e2a3befb04ef8b8ed4b718d93d6e560e58577e9a9cf00
29d1ae4c6dfd72706229ed259d6bf0164d2cf413858361d03705ee962d787d02
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3847cd6afc8b85b384573ceafda45b26bb9ed6c3f61733cb4603917943d9b1
2e6baf441aff788ec7c1ca9f6870955942a9e8928ed333d6cff1a169a9fefdba
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc
3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c
361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610
3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35
3ae7ec7f4afdd0d2a4ed7ac66d00af6a05cf4b317fc13dfc2c9797e10a31ee39
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3d7e45311946b392332508dd41d81d6fd46b2e54ac22af823159e86926227675
3daa37aa0cd561383c7dda83967f4aa0f171d5540200b6c7f61694deda4c67ab
3ded8b3c12cddb888232eb7db8e68e889a1808ac0215e043f6052e14a64fe956
4186cb82046abff174718350bb4493c13e32ee4e53f5b0783a2142599feb1a69
428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee
43b28eb1d30cc86a4efdf7c064093df4ac0585a62fd3aaf7cbf363d228bedbb5
43c4be0978be63a15635e3c31e24e922069ac8863be3c1741e8b55091153d082
4456514fa444224999585903be28694e47be2ce1b2a34f6dda1ce47acf59ab1f
47063f41c3b5adc05187ae338b281af3da4221f206c52a9e20bb1825092a9e46
49d2ea5b96f0573b44d52d407fbc05794a18e2349116fd235cde6d29ed288de5
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840
4d100d17da4f09eef30aa0f2710314d659524ea4860c6024487aec519da4d4f3
505e175ec1b996302a4aae2f79aa528cd451243551479fddc58934e6e1b3c53c
51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659
542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc
548cbb31ad32a5038c9cf9f2440ec5da8f2ad8f8c17ced1c9c85a310ed6d175b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
594131aa0ff27fc3f2025cf9cb593103fdaf5c7174246f3f87ff990f3d6287a7
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076
5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876
624de26e418e30e37a6022b5822a9d09e42807828e10742acab7377dab034cce
6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac
6531d4fd95842f4c5c4671379df4c385e7de3a7043ad7fd9300ae82fc0d399d0
6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7
66ba6fb2bbb8c0b57a393448d7000787756641931c51937d31cc9401cb3a6c97
66cb108bc30c990dd231a946b87f4131330b77bc0580b2c79cbfe85152eebe26
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6e0cef5f730514ce810a9071373e2f7d98f5c0577fb6ba720840fb94254ebcbc
6e318fbd317db76a531e8e0c6e47f3e7c332ead501516090878e3352c591c250
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
718b7b2cde399bb4894a2e0bf9cf1b75a64b529a678f5149c84c427990b2857c
723a0ace76b35a4a90e41e6c85e0f436360cdc23811fd97522ae93ccfd3e81b1
728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774
72e73d470970529d52beb7e2a69c65b3adbcfe27c645a85758cf1149b13ac2c3
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1
772e7730b2970145fc07943c00c7e5d48ac3bc1e6c7b938cf262ef040e3d59be
77d3df1a0650536bb4e87f2108eb58dd7d91c954bf188dc17f2e5a898f971bb0
77fe4992518602980266db408d8f9127746609fee79b45cc7379dc0381ad04cc
786ed3b6627561fbc43bc9d46076340223331e172cd7363a187b8f479ce8b069
7b882d15fe9efee7c5b41481e6bd779d2e2dd6fedf618d5aa70cf2ebd7ee2ab8
7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09
8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270
80ac8548037a7878edd91fd417514656e1541d36d1acd239daf94134081a26e8
80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93
865bd4ece0b197f219858f3e24543e38b78e56705b0c5bccd85d419cebc34ecb
867b3cec541df7e0781040ad4c704be8aebae48f42cd370f66f6ed5d799a0f69
88192d9a0093c05814d865a67998245f91adaed930871eb77daccd169876c16b
883108c823814c1e6894480a10f719187b16b86b3a27f8fa21a7f63d54f61642
88d11792cf5b77e35cac2d8f57a7cb7faea97f29d4d062fcb1ebf65f9e5f7762
8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8c58a438125e389f81b62999773d8d6cb9e25828bb6049248faa04c12d2bc8a7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9135a463355e1dd77ef383464e33d0cc180739bce2cee040991acd208ba602d4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9cb38a9181ece02d9ed0ca15ac4ffb8722fe3d577e48b393aba866aa3fbf7ea3
9f68028dde11cf4dc833bcb5612acba5377d41697f728eb625bf9f8ab4289320
a196eb5557b9a8bd1752f3d901342a766f0faac96c67a062c468fc41e89f024c
a36b7eb6683f2a69db005a986886bfceaf4aedfd1328e15bec22455758e06e5d
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4c45aaa088eb16698ff1fe4e5e928b8524b75853c9261591225626b58828ea4
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
a890fddd708f9793f8c43fbff62ef61a4f1ec0eae90205fd124bb7e834612f1d
aa64ac562a55ea1dc64bcb02101cd7174718268a31f8753bae4ea294e9fb7a62
ac4c028fbf93221cb39278eaa10117bc7ab403348322fd6fd622b1b03d2cd45c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9
af7da680ecf923bfa4611dc740b03d9f5d269a29b73f14ebb5378e9cef9c31e9
afa8bf67f6e449586d176b4555c952c96367c05e22f77f49c3101a19f79f4b4a
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b0d67d7c3b55e621d1d3a9716b98e1458867aadda327367686748752bccb4247
b358b127d95abf969d41c6d9a9e24d713b169574c4b0853cd7075a98b84f3a9d
b62dde7da247db61e0451ec75faf5f6431caf0223e583758bba707f81578b719
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
ba6d338448d1c48b85d9021186f8ac079958c2c0a664a3b3455b8a611d30c3c7
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
beced4c0fb075b16b749c30c246375052b32d2e6337b27bc7b720766778051ac
bf7369f5d7be2742f77a0332d7e6abf8ceb7e139b556a8d810d63e0efa8d07c3
c0befa99132ff5ca76f2cb4cb2ffeec5e7cd91464eeaab4c70ca53f5701ac74b
c15825ab2f48168897fd1ad58c944506a22330c23c0e1343e131c97674feb2c6
c4f74b02ce64c1bc1166ff6be0b2c0e05e243a93932f34dced5e4d0b45603fee
c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c94531eed7b28e06a929e1a001be4c117d296a8159c395aae04e5986c2e0dca2
cc66564f28ce75f1163d19a8cc24af86585ac54d0a353711e8da41870244f988
d1e2636f0735347445e5f5ee8fc8786d0cf65fc2295e34f69582eab2d1ef6e96
d5381a285f7b3b63e72b7cfdac6205939c3c8fd96f9a4e27c2970ca0d447c937
d5928bd00e6b20a4bf5fb7ad67d62cccb36ece351a4ce8ad77cc41269e6ca91d
d5dbdf92525679908490a5d29c6fc62f8129163b935a882b29bb7fb2b14558c8
d6889d59082471b1f783482e170d1c3c8eff2f6769a3617eacfe2c933c2ce5f7
d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a
d8e4e4bb8b1a03d4b4ddfc3302ff553b82b9766c85b7865cbae8ac3c3c8b3dde
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd11966745fb3e90b5865f48bd2257a50493e57567ac910336cc3023ecba59b5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df9eec77780d071a2def5665a05435c4e19664cf3c4ded0f0c3ad44b568c4a2a
e2866ce88c039ac23c69091c95ee33bca5af44ddc567c8ead739df8019f3face
e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed
e39d35c8a5ec1caad172929e3192c46b61710fe70e4f225ef44836cf52d2a747
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d08bae70ed238be5dd51ddabcaeda3cdb6b6675028f812a9c989cbdd2422f3
e96cc20278c5b50b9eb86346ea58433166ca20ae6ef64a54b81b3b0061ef8265
e9ed569d8f08a8b0751fd4c4edaf8bedfa44565f597508afe45be8e26eaad30b
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
edf5d541caca5cdba1417802ad63b784c665a0a9a4186f1a1ac4e43e1a24439f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f093dbe9df46fb2804382864895301c693d4166e88201bb7941ffb8c6709798e
f1deeace7555b02c9a21589f281c687e09c3932778f8103b3131c8b01872ef25
f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f2d028894ae453bb127c83d5fef512afb253fe8e127bf0209abd43181ffb56e2
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da
f720bcff8fcd00281b5aaf2db45e62e14f89c3ccad3ca764609aca3808521d78
f73b833d385e5fe7b794b709c3ea1a234b525a2f0483c582b607fc9d14f580f8
f7ab4e71b5d1b24b8b730f57af5b0e31f700677b5139940cc6d100ba830b490e
f81c584815fbcc770f3bfce88703dbafa775b5acd11288d47cdf6c9c8d204581
f83bf27efc9687dccfca895cb58466c95d7d2ebb78fcd05b72c352d01e450d68
f86e08b2390d477db93fb1f6549ef75530790c121d24a531a6acb0c0b811fceb
f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848
fe980e5f89baab97df2740e249bd216d83c43668b4186e37fb2d7f3dfd9402c8
ff134c43365b1b3008ee1723bcae86e950ba0f7b2e01f0fba71df106bb9713bb

www.malwarebytes.com Open in urlscan Pro 2600:9000:2190:9c00:16:26c7:ff80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

100 %HTTPS

49 %IPv6

47 Domains

69 Subdomains

59 IPs

8 Countries

2236 kBTransfer

6282 kBSize

4 Cookies

27 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:2190:9c00:16:26c7:ff80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

100 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

59
IPs

8
Countries

2236 kB
Transfer

6282 kB
Size

4
Cookies

256 HTTP transactions
0 data transactions