www.malwarebytes.com Open in urlscan Pro
2600:9000:2512:2200:16:26c7:ff80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malwarebytes.com/
Effective URL:
https://www.malwarebytes.com/
Submission: On May 17 via api (May 17th 2023, 2:56:54 pm UTC) from US — Scanned from US

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 32 domains to perform 137 HTTP transactions. The main IP is 2600:9000:2512:2200:16:26c7:ff80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com. The Cisco Umbrella rank of the primary domain is 79866.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 9th 2022. Valid for: a year.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.106.23 108.138.106.23	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.106.40 108.138.106.40	16509 (AMAZON-02) (AMAZON-02)
1 39	2600:9000:251... 2600:9000:2512:2200:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
3	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
1	18.233.44.28 18.233.44.28	14618 (AMAZON-AES) (AMAZON-AES)
1	99.84.37.38 99.84.37.38	16509 (AMAZON-02) (AMAZON-02)
2	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
4	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
13	104.19.188.97 104.19.188.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.43.158 104.18.43.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
1	104.117.182.74 104.117.182.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
2	23.10.86.114 23.10.86.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.85.61.60 52.85.61.60	16509 (AMAZON-02) (AMAZON-02)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	13.33.60.108 13.33.60.108	16509 (AMAZON-02) (AMAZON-02)
2	172.217.13.110 172.217.13.110	15169 (GOOGLE) (GOOGLE)
2	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1	13.226.34.79 13.226.34.79	16509 (AMAZON-02) (AMAZON-02)
1	13.225.223.33 13.225.223.33	16509 (AMAZON-02) (AMAZON-02)
3 4	108.174.10.20 108.174.10.20	14413 (LINKEDIN) (LINKEDIN)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	54.175.58.106 54.175.58.106	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
2	172.217.13.196 172.217.13.196	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	() ()
2	2607:f8b0:402... 2607:f8b0:4020:805::200e	() ()
9	13.225.223.85 13.225.223.85	() ()
137	38

1 108.138.106.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-23.jfk50.r.cloudfront.net

malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-40.jfk50.r.cloudfront.net

malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2600:9000:2512:2200:16:26c7:ff80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.44.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-44-28.compute-1.amazonaws.com

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-38.ewr52.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-40-58.bunnyinfra.net

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.188.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.158 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.74 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-74.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.10.86.114 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-86-114.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-60.ewr53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.122.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-108.ewr52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-79.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-33.jfk51.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.174.10.20 (United States) 3 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-20.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.58.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-58-106.compute-1.amazonaws.com

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.223.85 (None, )

ASN- ()

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	malwarebytes.com 3 redirects malwarebytes.com — Cisco Umbrella Rank: 4046 www.malwarebytes.com — Cisco Umbrella Rank: 79866 genesis.malwarebytes.com — Cisco Umbrella Rank: 253035 www.estore.malwarebytes.com Failed	663 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	245 KB
9	driftt.com js.driftt.com	84 KB
9	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4307	120 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	22 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 339 www.linkedin.com — Cisco Umbrella Rank: 603	5 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 243 www.google.com — Cisco Umbrella Rank: 2	865 B
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7400	26 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	247 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net	2 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1528 segments.company-target.com — Cisco Umbrella Rank: 1326 api.company-target.com — Cisco Umbrella Rank: 3147	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 343	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	135 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	260 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 629	773 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3129	6 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 12121	2 KB
2	demandbase.com api.demandbase.com — Cisco Umbrella Rank: 12339 scripts.demandbase.com — Cisco Umbrella Rank: 9243	22 KB
1	bizibly.com cdn.bizibly.com	204 B
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 281120	318 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	775 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1013	393 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 825	368 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 637	395 B
1	t.co t.co — Cisco Umbrella Rank: 516	376 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 822	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 651	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 725	5 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	309 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
137	32

	Domain	Requested by
39	www.malwarebytes.com	1 redirects www.malwarebytes.com www.googletagmanager.com
13	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
9	js.driftt.com	www.malwarebytes.com js.driftt.com
9	dev.visualwebsiteoptimizer.com	www.malwarebytes.com dev.visualwebsiteoptimizer.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.malwarebytes.com
4	cdn.bizible.com	www.googletagmanager.com www.malwarebytes.com cdn.bizible.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.facebook.com	www.malwarebytes.com
3	px.ads.linkedin.com	2 redirects www.malwarebytes.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
2	www.google.com	www.malwarebytes.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	id.rlcdn.com	2 redirects
2	munchkin.marketo.net	www.malwarebytes.com munchkin.marketo.net
2	plausible.io	www.malwarebytes.com plausible.io
2	malwarebytes.com	2 redirects
1	cdn.bizibly.com	www.malwarebytes.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	api.company-target.com	scripts.demandbase.com
1	segments.company-target.com	www.malwarebytes.com
1	s.company-target.com	scripts.demandbase.com
1	analytics.twitter.com	www.malwarebytes.com
1	t.co	www.malwarebytes.com
1	unpkg.com	www.googletagmanager.com
1	static.ads-twitter.com	www.malwarebytes.com
1	scripts.demandbase.com	www.malwarebytes.com
1	snap.licdn.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	api.demandbase.com	www.malwarebytes.com
1	genesis.malwarebytes.com	www.malwarebytes.com
1	fonts.googleapis.com	www.malwarebytes.com
0	www.estore.malwarebytes.com Failed	www.malwarebytes.com
137	41

This site contains no links.

Subject Issuer	Validity	Valid
*.malwarebytes.com Amazon RSA 2048 M02	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
malwarebytes.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-03`	8 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
plausible.io R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-23` - `2023-05-24`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.company-target.com R3	`2023-04-19` - `2023-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.malwarebytes.com/
Frame ID: 050DA7053FEDD9C07E212DCDFB881B10
Requests: 116 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: C6F558B4FEADF9D6858806A05AB7A8B3
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F
Frame ID: 7D7FFE6BBF501C8B6245E1A1C2E3F454
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057
Frame ID: 0462587EFC4DC8CA52FD5E028879CDB3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://malwarebytes.com/ HTTP 301
https://malwarebytes.com/ HTTP 301
https://www.malwarebytes.com/ Page URL

Page Statistics

137
Requests

89 %
HTTPS

10 %
IPv6

32
Domains

41
Subdomains

38
IPs

3
Countries

1693 kB
Transfer

5104 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malwarebytes.com/ HTTP 301
https://malwarebytes.com/ HTTP 301
https://www.malwarebytes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.malwarebytes.com/images/homepage/Glow-dot.svg HTTP 301
https://www.malwarebytes.com/images/homepage/glow-dot.svg

Request Chain 86

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJLWk6MGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297JmUB0-EcfBcHImU0iunwhd1w3EB7YpB3FxznKJKPjHk

Request Chain 91

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1684335378301%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true&liSync=true

Request Chain 97

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3&C=1

137 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.malwarebytes.com/
Redirect Chain

http://malwarebytes.com/
https://malwarebytes.com/
https://www.malwarebytes.com/

97 KB
18 KB

369ms
15ms

Document
text/html

2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dd71328593403430e6476cec8f3e19f75626759c4a4bc9d7dbfb5d357f108887

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 14:56:12 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-id: GMl7Mtqyc6AR35G5rqF2NnS-mEHxmDYX0qrr1Wq-jXngpZKaYQR4BQ==
x-amz-cf-pop: JFK50-P7
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: ASP.NET

Redirect headers

age: 67194
cache-control: max-age=86400
content-length: 0
date: Tue, 16 May 2023 20:16:18 GMT
location: https://www.malwarebytes.com/
server: CloudFront
via: 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
x-amz-cf-id: IkAOLVYJlUqvKUmP-Jw2B8ZH3rmWUT72g5F41LxC-me25HAMvzKF5Q==
x-amz-cf-pop: JFK50-P3
x-cache: Hit from cloudfront

GET
H2 200 jquery.min.js Show response
www.malwarebytes.com/js/library/ 87 KB
31 KB 142ms
115ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/library/jquery.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:43:23 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 770
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Fri, 09 Dec 2022 15:53:10 GMT
server: Microsoft-IIS/10.0
etag: W/"1d334156e6bd91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: y22az2G52WcLbUdGH__rl1Z7flKCSLz7LlETGKxaxMlAkiG-3D35cQ==

GET
H2 200 622914.js Show response
dev.visualwebsiteoptimizer.com/lib/ 309 KB
76 KB 265ms
46ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: 11c25d704855752ab516fe4d22c1677a6773d29acc59005bc9cf68a5d4815d22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-computed: true
date: Wed, 17 May 2023 14:56:12 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
etag: W/"1684310986"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache,max-age=0, public, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime: 0.010501000000204

GET
H2 200 bootstrap_mwb.min.css
www.malwarebytes.com/css/ 87 KB
15 KB 62ms
38ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/bootstrap_mwb.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:54:30 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 102
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Sun, 09 May 2021 19:59:35 GMT
server: Microsoft-IIS/10.0
etag: W/"677c94d5d45d71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: cPFOBN2Fyvuewawb-8JTcgBCpMk_RqHyyAEJ8A7aIxgNhB6RfDzn4Q==

GET
H2 200 bootstrap_overrides.min.css
www.malwarebytes.com/css/ 18 KB
4 KB 65ms
41ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/bootstrap_overrides.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

07666a985598072ae7c5f72ee83f9be897a6a902742af505e677c34570f8d233

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:31 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 762
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 05 Oct 2022 01:02:30 GMT
server: Microsoft-IIS/10.0
etag: W/"fe10c22456d8d81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: TI4pOXAOVpn2HfD2q9d96kniQhydkCntO4ntPNIJCaN91sUwBCtcLg==

GET
H2 200 font-awesome.min.css
www.malwarebytes.com/css/ 1 KB
968 B 66ms
42ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/font-awesome.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:46:07 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 622
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Tue, 02 Nov 2021 22:58:09 GMT
server: Microsoft-IIS/10.0
etag: W/"c3c2ed1a3dd0d71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: B66mqEcpJPlPfABrCpN_vQXszF1WH9IjR6dbw5KkN7j0OThjeuwhpw==

GET
H2 200 fonts.min.css
www.malwarebytes.com/css/ 7 KB
1 KB 70ms
47ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/fonts.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2e94c801d34ae28280613c77ca16ac28b7fa55d8e3d1c41cb114e79e9cfdb720

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:55:01 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 72
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 14 Apr 2022 17:43:49 GMT
server: Microsoft-IIS/10.0
etag: W/"1f51d332750d81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: feROGtDhS_fkZXDrOK5XCNlT6vb_u7SdNwULF-THbZsUD1u0O4xZSQ==

GET
H2 200 styles.min.css
www.malwarebytes.com/css/ 45 KB
9 KB 66ms
43ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/styles.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b9c47a4bac144454675bb9a1507262c85805d95acbd469535829f9ff78ebfdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:31 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 762
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 05 Oct 2022 01:02:17 GMT
server: Microsoft-IIS/10.0
etag: W/"c0ef341d56d8d81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: t_I2uccxF7NA_buaLWRnpkaBVwaT3mo8ltNSfdQVV5JDIUbyc9FVWg==

GET
H2 200 styles_overrides.min.css
www.malwarebytes.com/css/ 26 KB
6 KB 67ms
44ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/styles_overrides.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7fb3d86d9be3d33bea466266824f157735ac0417bf1c64204de79d2a4acc9a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:31 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 762
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 21 Sep 2022 01:05:05 GMT
server: Microsoft-IIS/10.0
etag: W/"78e8482f56cdd81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: 1fVMdiEUtZCW1iwfUMShYYKHJhMjy_n6Ikm9jXqWeYU_WNfb5jgQuw==

GET
H2 200 masterpage.min.css
www.malwarebytes.com/css/component-project/templates/navwrap/ 25 KB
5 KB 70ms
48ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/component-project/templates/navwrap/masterpage.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

46b429d814a65524f8867dd31118347eb90081088f3b04a14cfcac9bf9b032f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:31 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 762
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 16:47:04 GMT
server: Microsoft-IIS/10.0
etag: W/"b48064ea87ed91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: AegzP-6RoREgP12K3rH_Y0Aycgb0lz9S0-ORBu0hCnjEQc34RIucyg==

GET
H2 200 masterpage-svg.min.css
www.malwarebytes.com/css/component-project/templates/navwrap/ 1 KB
932 B 135ms
112ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/component-project/templates/navwrap/masterpage-svg.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3f08885b09ffefc94c33e586a3f60c3b6aa19b0e908242e4a4eaa428d7e6a6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:31 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 762
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 31 Jan 2023 19:05:08 GMT
server: Microsoft-IIS/10.0
etag: W/"89f0b0efa635d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: vToR4g_IRzRpniZqzp8gN1WdmCaWPB_BmpJNqw25lOTM7OZ99Yc50A==

GET
H2 200 masterpage-home.min.css
www.malwarebytes.com/css/ 1 KB
918 B 135ms
113ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/masterpage-home.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

398fa1a8e57a03ce6d417163b99fde520cfc9ce81235a6886375331b313a9050

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:53:53 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 167
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Thu, 09 Mar 2023 23:07:39 GMT
server: Microsoft-IIS/10.0
etag: W/"b0fb7f1db52d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: p2JXolfZ_-PwSh6SmtTRhlRYQ3MAke3eHZ_6tUSzcdBUBx5Ur_nk6A==

GET
H2 200 animate-on-scroll.min.css
www.malwarebytes.com/css/user-experience/animation/ 25 KB
3 KB 135ms
114ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/user-experience/animation/animate-on-scroll.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:55:01 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 71
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 27 Apr 2022 20:52:25 GMT
server: Microsoft-IIS/10.0
etag: W/"21d730b3785ad81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
x-amz-cf-id: 2FJRfUGpLq8g_kjVVVpysFJr8fpe7JckJYp289jnKZe2Fwf66y7nyA==

GET
H2 200 __bundle.js Show response
www.malwarebytes.com/ 167 KB
38 KB 138ms
117ms Script
text/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/__bundle.js?f=L2pzL3N0cmluZy9zdHJpbmcubWluLmpzLC9qcy9zZXNzaW9uL3Nlc3Npb24ubWluLmpzLC9qcy9jb3VudHJ5Lm1pbi5qcywvanMvZ2xvYmFsX213Yi5taW4uanMsL2pzL3BlcnNvbmFsaXphdGlvbi91c2VyLm1pbi5qcywvanMvbWVkaWEvaW1hZ2VzL2xhenlsb2FkaW5nLm1pbi5qcywvanMvYm9vdHN0cmFwLm1pbi5qcywvanMvbW9kZXJuaXpyLmpzLC9scC9zZW0vYXNzZXRzL2pzL3Jlc3BvbmQubWluLmpzLC9qcy9nbG9iYWwuanMsL2pzL3hzLm1pbi5qcywvanMvdXNlci1leHBlcmllbmNlL2FuaW1hdGlvbi9hbmltYXRlLW9uLXNjcm9sbC5taW4uanN8NzdBNURCRjU2MUM0MDg3RENEOTk1QzkzODk0REY2QzY=

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

29386698ab63b15d965fc27d014bd48bb47a26f74c452966856c0db2aef5fcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:12 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 01 Jan 001 00:00:00 G1T
server: Microsoft-IIS/10.0
etag: W/"170587 - 0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: l7mzqGzrPFA_bIBNMW2lh-xdqmYUGEwchK5TI4wZ_U89JUtuYnZXTA==

GET
H2 200 popper.min.js Show response
www.malwarebytes.com/js/user-experience/tooltip/ 21 KB
8 KB 46ms
20ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/user-experience/tooltip/popper.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:44:12 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 722
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Fri, 09 Dec 2022 16:54:22 GMT
server: Microsoft-IIS/10.0
etag: W/"62f031e3eebd91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: h8TzPTABQoEnf1TyotG-eBW0Vfn8rPyYpov5-XS9sJRmWjf5V25NCg==

GET
H2 200 global-phone.min.js
www.malwarebytes.com/js/ 437 B
871 B 7424ms
7381ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/global-phone.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:36 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 766
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 437
last-modified: Sat, 22 May 2021 18:40:24 GMT
server: Microsoft-IIS/10.0
etag: "69ba2aed394fd71:0"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: bZM7iEHqRkN_Ke7rLD0AQVQ25XtTodDENJev3s-PhB903J5E_xku-w==

GET
H2 200 __bundle.css
www.malwarebytes.com/ 21 KB
6 KB 134ms
114ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/__bundle.css?f=L2Nzcy91c2VyLWV4cGVyaWVuY2UvY2Fyb3VzZWwvc2xpY2subWluLmNzcywvY3NzL3BhZ2VzL2luZGV4Lm1pbi5jc3N8MDREQzVCMUQwMEQ0MzM3RjFCOEFDMTM1NUEzQzQ1QTU=

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c32acd22465b575da2a46454290586e6ef71a647de5218e40980cb039e959e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:12 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 01 Jan 001 00:00:00 G1T
server: Microsoft-IIS/10.0
etag: W/"21802 - 0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: 6_X7hpKnH-1XrUcg01gzw7Jhw7SlRlqC6OVGjNXekz9H13j36cLLxQ==

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 248ms
38ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27da18ee142cce1312d5fe0a4adb16798a5dc6ffd20562b5b9aff527d0325f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 14:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 14:54:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 14:56:13 GMT

GET
H2 200 __bundle.css
www.malwarebytes.com/ 2 KB
963 B 135ms
114ms Stylesheet
text/css 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/__bundle.css?f=L2NvbXBvbmVudHMvY29sdW1ucy9jb2x1bW5zLm1pbi5jc3MsL2NvbXBvbmVudHMvYmFubmVyLTItY2FyZHMvYmFubmVyLTItY2FyZHMubWluLmNzc3xGNUE3OEQwNkE0Mjk4NzYwNTE4Nzc5MDRDNDAxNTZCNA==

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

43613264f05340d470ed611ce60827dcc7453d00279920cb60a7790b69432c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:12 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 01 Jan 001 00:00:00 G1T
server: Microsoft-IIS/10.0
etag: W/"1567 - 0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: vnNq6P9AmeoBdx_eTsZ0HOZWWHbBABt8Mw-_NvdIzbfsPcEkB_BgZw==

GET
H2 200 optimus-systems.webp
www.malwarebytes.com/images/partners/ 2 KB
2 KB 7424ms
7382ms Image
image/webp 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/partners/optimus-systems.webp

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:44:39 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 702
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 1832
last-modified: Wed, 21 Apr 2021 02:05:43 GMT
server: Microsoft-IIS/10.0
etag: "78bd4d65236d71:0"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: mr9d6-ybkbvBTu_aZDovhtMhnWi_vv-4L_axOllwLScvKps9PmmD8g==

GET
H2 200 avtest_certified_homeuser_2022-10_tp.png
www.malwarebytes.com/images/badges/avtest/2022/ 13 KB
13 KB 7431ms
7389ms Image
image/png 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/badges/avtest/2022/avtest_certified_homeuser_2022-10_tp.png

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Wed, 17 May 2023 14:53:53 GMT
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 13224
last-modified: Wed, 14 Dec 2022 21:40:29 GMT
server: Microsoft-IIS/10.0
etag: "da2674af410d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: ZvBkhN-xntaTHSkIjOJLZowZX7te0mHOqYj2tgbIZp0ZSp9SG3YAxg==

GET
H2 200 g2-endpoint-protection-platform-leader-spring-2023.png
www.malwarebytes.com/images/corporate/ 11 KB
12 KB 7435ms
7394ms Image
image/png 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/corporate/g2-endpoint-protection-platform-leader-spring-2023.png

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:54:44 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 97
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 11505
last-modified: Thu, 30 Mar 2023 18:00:32 GMT
server: Microsoft-IIS/10.0
etag: "ac584d853163d91:0"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: RuDUH5lNqZLSPD9kPUTyNTNMHUBS2SjUddwkIWRasW4SEJb00y6evA==

GET
H2 200 mrg-effitas-certification-360-q4-2022-white.png
www.malwarebytes.com/images/corporate/badges/mrg-effitas/ 18 KB
18 KB 7435ms
7394ms Image
image/png 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/corporate/badges/mrg-effitas/mrg-effitas-certification-360-q4-2022-white.png

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Wed, 17 May 2023 14:53:53 GMT
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 158
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 17948
last-modified: Fri, 14 Apr 2023 17:17:52 GMT
server: Microsoft-IIS/10.0
etag: "76250bf56ed91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: duVrXNP9P5JOpV-cA6FLCOjgs8I8IKvAClEl4Q76k9A-8w2YAjVjMA==

GET
H2 200 __bundle.js Show response
www.malwarebytes.com/ 17 KB
6 KB 117ms
46ms Script
text/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/__bundle.js?f=L2pzL3VzZXItZXhwZXJpZW5jZS9hbmltYXRpb24vYW5pbWF0ZS1vbi1zY3JvbGwubWluLmpzLC9qcy91c2VyLWV4cGVyaWVuY2Uvc2Nyb2xsLm1pbi5qcywvanMvdXNlci1leHBlcmllbmNlL25hdmlnYXRpb24ubWluLmpzfDI0RjNGNDI3MjA1RUYzRjg2QkZDMTNGNjFEMkQzNzg2

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2c1e633718b0d9a2eb871c62b56def58c5380b77ca94d24ec63711ceb1c178f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:13 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 01 Jan 001 00:00:00 G1T
server: Microsoft-IIS/10.0
etag: W/"17299 - 0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: bgTnU2N3dcrBrBozESDqxnl-R5r779r61FxrA_BUkCQVh62ez0SrHw==

GET
H2 200 footer.min.js
www.malwarebytes.com/js/ 4 KB
2 KB 7424ms
7383ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/footer.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:51:51 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 270
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 02 Nov 2022 00:33:56 GMT
server: Microsoft-IIS/10.0
etag: W/"de24cb52eed81:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: L_ZVbsQetX1vkwgOZCYm9ur7ftWFjzPmqolJVsy8L7SrclRyD_FjDg==

GET
H2 200 utilities.js Show response
www.malwarebytes.com/js/ 16 KB
6 KB 73ms
27ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/utilities.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

96f10cb1562df204de8de3aed1b619b7fa0f7d8854138c0a9f23bc575afe3f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:43:54 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 738
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Thu, 19 Jan 2023 16:04:33 GMT
server: Microsoft-IIS/10.0
etag: W/"f0579ab81f2cd91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: nktf3Jxqeoa-hlQJdscLkhNChecX0mZ5WhnrzoarWa2trZqERHjZpA==

GET
H2 200 masterpage.min.js Show response
www.malwarebytes.com/js/pages/ 91 B
522 B 109ms
0ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/pages/masterpage.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

456f446bebf9baeef961399fc77c0297a4cd18a15dd601a7d9c5092bea89e1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:46:11 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 601
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 91
last-modified: Fri, 03 Mar 2023 17:43:40 GMT
server: Microsoft-IIS/10.0
etag: "6dd0c4b0f74dd91:0"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: IR3hYLrsWejvNeedfCRrekvFEAXijvAydYPuOMUH4_uHWW_pg9Y0jQ==

GET
H2 200 __bundle.js Show response
www.malwarebytes.com/ 45 KB
12 KB 206ms
25ms Script
text/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/__bundle.js?f=L2pzL3VzZXItZXhwZXJpZW5jZS9jYXJvdXNlbC9zbGljay5taW4uanMsL2pzL3BhZ2VzL2luZGV4X2JvdHRvbS5taW4uanN8MzNGQUJFODJGNzg2M0QxRDJDOTQwQzM4MDdEM0VDQjU=

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

18285073be09ee89c8667e44bb228eef7df6905e67f0d49e499343f0d47064f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:13 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
last-modified: Mon, 01 Jan 001 00:00:00 G1T
server: Microsoft-IIS/10.0
etag: W/"46122 - 0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
x-amz-cf-id: 48M0ETqxmRz4yGQK9pHHy-YPI2jA5inrt9EH9PS9j-NQ4i4E3Ct38A==

GET
H2 200 gtm.js
www.googletagmanager.com/ 351 KB
107 KB 465ms
53ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109336
x-xss-protection: 0
last-modified: Wed, 17 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 14:56:15 GMT

GET
H3 200 gv.gif Show response
dev.visualwebsiteoptimizer.com/ 788 B
544 B 85ms
49ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/gv.gif?a=622914&u=https%3A%2F%2Fwww.malwarebytes.com%2F
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: 92173c11730492d91a2e26d8fb9c27987a0f67ba97e38195942c4774fcd4de3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:14 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H2 200 tpc Show response
dev.visualwebsiteoptimizer.com/ 34 B
112 B 140ms
16ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/tpc?a=622914&r=0.16385461375830146
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: f284aa2076b2bf07a6ecd3560b458e07fe95fbec17ac850183dcaa5b11d63eb5

Request headers

Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 17 May 2023 14:56:13 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H3 200 dyn Show response
dev.visualwebsiteoptimizer.com/ 271 B
226 B 88ms
60ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/dyn
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: c38a53a74fde799bf483707743fb4bb14e4c556f87a3e5392c0054ff7c93198a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:14 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 8 KB
2 KB 87ms
59ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=622914&settings_type=2&vn=7.0&u=https%3A%2F%2Fwww.malwarebytes.com%2F&exc=57|106|111|114|120|138|160|163|165|112
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash: bba9fd051d96c0e6d163b0ee8b108f3a2d2f732700be22d061085375dc2c9bd9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:14 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1
etag: W/"1684310986"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 421 B
603 B 283ms
28ms XHR
application/json 18.233.44.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__bundle.js?f=L2pzL3N0cmluZy9zdHJpbmcubWluLmpzLC9qcy9zZXNzaW9uL3Nlc3Npb24ubWluLmpzLC9qcy9jb3VudHJ5Lm1pbi5qcywvanMvZ2xvYmFsX213Yi5taW4uanMsL2pzL3BlcnNvbmFsaXphdGlvbi91c2VyLm1pbi5qcywvanMvbWVkaWEvaW1hZ2VzL2xhenlsb2FkaW5nLm1pbi5qcywvanMvYm9vdHN0cmFwLm1pbi5qcywvanMvbW9kZXJuaXpyLmpzLC9scC9zZW0vYXNzZXRzL2pzL3Jlc3BvbmQubWluLmpzLC9qcy9nbG9iYWwuanMsL2pzL3hzLm1pbi5qcywvanMvdXNlci1leHBlcmllbmNlL2FuaW1hdGlvbi9hbmltYXRlLW9uLXNjcm9sbC5taW4uanN8NzdBNURCRjU2MUM0MDg3RENEOTk1QzkzODk0REY2QzY=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.44.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-44-28.compute-1.amazonaws.com
Software: /
Resource Hash: c076d12f8506efbac8fe7ae90d218f3b546e36b13b4cd5ad6ca40d22065f15f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://www.malwarebytes.com
date: Wed, 17 May 2023 14:56:14 GMT
content-length: 421
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 460 B
1 KB 256ms
76ms XHR
application/json 99.84.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.demandbase.com/api/v2/ip.json?key=TcuHErVpEQlFNgsvW0BgkLmoffXoRf8c17jto6PU

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.84.37.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-37-38.ewr52.r.cloudfront.net

Software

nginx /

Resource Hash

8d87884986b0bb2359708c0d0f2459668860b2b3e1efced8d90166d039a259c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:14 GMT
Identification-Source: CENTRAL
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 bbd8e04847ca75cbdb3355db0ad9cec4.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Amz-Cf-Pop: EWR52-C4
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Request-ID: a7c796f3-146e-416b-91c1-d654ab37d904
Pragma: no-cache
Server: nginx
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.malwarebytes.com
Access-Control-Expose-Headers: x-amz-cf-id
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
Vary: Accept-Encoding, Origin
Api-Version: v2
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: vQZL__fIQZLHJL91XZCFJiuQjvSdcXwjNy5M8to3Y0RiYWqn9FMJDA==
Expires: Tue, 16 May 2023 14:56:14 GMT

GET
H2 200 graphik-regular.otf
www.malwarebytes.com/css/fonts/ 128 KB
52 KB 7433ms
7364ms Font
font/otf 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/fonts/graphik-regular.otf

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.malwarebytes.com/css/fonts.min.css
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:44:14 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 731
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 14:21:31 GMT
server: Microsoft-IIS/10.0
etag: W/"2d511589727dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: https://www.malwarebytes.com
cache-control: max-age=900
x-amz-cf-id: ZjN69m0ehVQ3u2CTRMg5x7rpUZqpKcT1OldAPO3pEUq1tqwDMGqBVg==

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 419ms
19ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

138-199-40-58.bunnyinfra.net

Software

BunnyCDN-NY1-885 /

Resource Hash

107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:15 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 885
cdn-cachedat: 05/17/2023 09:46:41
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 18d1a8e80e4f5bab0cd13642d630d79d
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 masterpage-svg.svg
www.malwarebytes.com/images/component-project/templates/navwrap/ 45 KB
16 KB 7414ms
7392ms Other
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/images/component-project/templates/navwrap/masterpage-svg.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:44:18 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 727
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Tue, 31 Jan 2023 19:04:56 GMT
server: Microsoft-IIS/10.0
etag: W/"b88534e8a635d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
x-amz-cf-id: STngKSXVtJ42AzffsKFiGgyf01ozcLGj7bNYBircwG3c76nHTMxm6Q==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 524ms
51ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:35:54 GMT
x-content-type-options: nosniff
age: 1221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 14:35:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 567ms
94ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:22:17 GMT
x-content-type-options: nosniff
age: 362038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 10:22:17 GMT

GET
H2 200 malwarebytes-state-of-malware-report-2023.jpg
www.malwarebytes.com/images/corporate/ 72 KB
72 KB 7454ms
7454ms Image
image/jpeg 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/corporate/malwarebytes-state-of-malware-report-2023.jpg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Wed, 17 May 2023 14:55:43 GMT
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 42
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 73655
last-modified: Fri, 17 Mar 2023 20:44:24 GMT
server: Microsoft-IIS/10.0
etag: "a63515421159d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: 73fqP_DuDTPyPqFRHPrdpaEEivuXJuVMrU8sW-gJUKTmfbfBTAOGwA==

GET
H2 200 homepage-background-full.jpg
www.malwarebytes.com/images/homepage/ 44 KB
44 KB 7415ms
7397ms Image
image/jpeg 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/homepage-background-full.jpg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__bundle.css?f=L2Nzcy91c2VyLWV4cGVyaWVuY2UvY2Fyb3VzZWwvc2xpY2subWluLmNzcywvY3NzL3BhZ2VzL2luZGV4Lm1pbi5jc3N8MDREQzVCMUQwMEQ0MzM3RjFCOEFDMTM1NUEzQzQ1QTU=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/__bundle.css?f=L2Nzcy91c2VyLWV4cGVyaWVuY2UvY2Fyb3VzZWwvc2xpY2subWluLmNzcywvY3NzL3BhZ2VzL2luZGV4Lm1pbi5jc3N8MDREQzVCMUQwMEQ0MzM3RjFCOEFDMTM1NUEzQzQ1QTU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Wed, 17 May 2023 14:46:24 GMT
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 628
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 44599
last-modified: Wed, 21 Dec 2022 22:50:43 GMT
server: Microsoft-IIS/10.0
etag: "a91ca88e15d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: SH94QJBUcExxoZasQcfd-hqisc1PyY8c1ouLwm6dEZOAL3TAPrW95w==

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edeb26e6a28275d4604d59ff58ff4f495e924616400667429c678bf9df65cf31

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 336ms
123ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:51:07 GMT
x-content-type-options: nosniff
age: 363908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 09:51:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 315ms
112ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:01:31 GMT
x-content-type-options: nosniff
age: 338084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:01:31 GMT

GET
H2 200 world-map-abstract-40.svg
www.malwarebytes.com/images/homepage/ 747 KB
157 KB 7216ms
7186ms Image
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/world-map-abstract-40.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 14:53:53 GMT
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 157
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
last-modified: Wed, 11 Jan 2023 21:56:18 GMT
server: Microsoft-IIS/10.0
etag: W/"66a0e088726d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
x-amz-cf-id: l2RWmWsbkDNiM7vnE1IZoSdSGme3Y1tWEcwDFKbk8RjQCK6ctWpjEg==

GET
H2 200 star-rating.svg
www.malwarebytes.com/images/homepage/ 983 B
1 KB 7215ms
7185ms Image
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/star-rating.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:50:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 372
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 983
last-modified: Wed, 21 Dec 2022 23:07:59 GMT
server: Microsoft-IIS/10.0
etag: "d324b4119115d91:0"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: a5R_jJfbZvrxEDK2x1z6rW-6ce6eT6UzFc07FlwUuSNSbykKY59ZXg==

GET
H2 200 100-percent-2.svg
www.malwarebytes.com/images/homepage/ 8 KB
4 KB 7151ms
7122ms Image
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/100-percent-2.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:43:22 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 780
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 21 Dec 2022 23:03:12 GMT
server: Microsoft-IIS/10.0
etag: W/"b58958669015d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
x-amz-cf-id: Zr8U9N5v-ssi1pN7ybJEzal45GVRLGDSVyT-dw3RnjqRm1KFI-ItrA==

GET
H2 200 chevron-left.svg
www.malwarebytes.com/images/homepage/ 212 B
667 B 7131ms
7130ms Image
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/chevron-left.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/__bundle.css?f=L2Nzcy91c2VyLWV4cGVyaWVuY2UvY2Fyb3VzZWwvc2xpY2subWluLmNzcywvY3NzL3BhZ2VzL2luZGV4Lm1pbi5jc3N8MDREQzVCMUQwMEQ0MzM3RjFCOEFDMTM1NUEzQzQ1QTU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Wed, 17 May 2023 14:53:44 GMT
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 157
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 212
last-modified: Wed, 21 Dec 2022 22:50:55 GMT
server: Microsoft-IIS/10.0
etag: "133d89af8e15d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: if3rVgl8fQWO4iwfOQsjwRmAIeNgTT14rhkAT7uIkThl7hp33Y0a4g==

GET
H2 200 chevron-right.svg
www.malwarebytes.com/images/homepage/ 212 B
649 B 7196ms
7196ms Image
image/svg+xml 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/chevron-right.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/__bundle.css?f=L2Nzcy91c2VyLWV4cGVyaWVuY2UvY2Fyb3VzZWwvc2xpY2subWluLmNzcywvY3NzL3BhZ2VzL2luZGV4Lm1pbi5jc3N8MDREQzVCMUQwMEQ0MzM3RjFCOEFDMTM1NUEzQzQ1QTU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:53:44 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
age: 157
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 212
last-modified: Wed, 21 Dec 2022 22:50:51 GMT
server: Microsoft-IIS/10.0
etag: "ac648ad8e15d91:0"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: nf3hZijigwQr-RIMF8ChOeRy6RHVhsXxn7a8_yKTwtgKDksZILV0cw==

GET
H2

200

glow-dot.svg
www.malwarebytes.com/images/homepage/
Redirect Chain

https://www.malwarebytes.com/images/homepage/Glow-dot.svg
https://www.malwarebytes.com/images/homepage/glow-dot.svg

126 KB
92 KB

322ms
47ms

Image
image/svg+xml

2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.malwarebytes.com/images/homepage/glow-dot.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:46:23 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 598
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Wed, 21 Dec 2022 22:50:58 GMT
server: Microsoft-IIS/10.0
etag: W/"80ebe2b08e15d91:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=900
x-amz-cf-id: 0Nl9bfrOL_lsSUNGGC6o4lOgA9H3yhG67OLARiJUT5E7dqPDfsBIQQ==

Redirect headers

date: Wed, 17 May 2023 14:51:07 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: JFK50-P7
age: 315
x-powered-by: ASP.NET
x-frame-options: DENY
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
location: https://www.malwarebytes.com/images/homepage/glow-dot.svg
cache-control: max-age=900
content-length: 180
x-amz-cf-id: rK4aW2yWlsIzT5SwFSLjW70ln2lYXeLljsg6zo9WSx7DwReus_rQ_A==

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 27ms
21ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=622914&d=malwarebytes.com&u=D8CF2851A259178F6E6AC9F7B18D0ACC3&h=bc26ce009a1daaabc6d77a9f5be47125&r=0.4878914455666379

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:15 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 tag-cd3ea13a700e54105c8f6dd550bcf7ab.js
dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/ 13 KB
4 KB 76ms
50ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/tag-cd3ea13a700e54105c8f6dd550bcf7ab.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 17 May 2023 08:09:31 GMT
server: gnv1
etag: "64648bbb-fdd"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4061

GET
H3 200 tag-e616135aa3a3627db7a34a898efbcb65.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/ 96 KB
24 KB 62ms
36ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-e616135aa3a3627db7a34a898efbcb65.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
Origin: https://www.malwarebytes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:15 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 17 May 2023 08:09:31 GMT
server: gnv1
etag: "64648bbb-60b6"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24758

POST
H2 202 event
plausible.io/api/ 2 B
474 B 525ms
100ms XHR
text/plain 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 May 2023 14:56:16 GMT
cdn-edgestorageid: 885
cdn-cachedat: 05/17/2023 14:56:16
cdn-pullzone: 682664
application: 10.0.0.3
content-length: 2
x-request-id: F1_2Gb7q4_-A8jkEKn6G
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: d5ea9b90c421605a0eae5a584e299175
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 434ms
35ms Script
application/javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JYwMFRCSwBZdNsd6Nb17qg==
age: 76553
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6766
x-ms-lease-status: unlocked
last-modified: Mon, 15 May 2023 05:31:33 GMT
server: cloudflare
etag: 0x8DB5505A539041E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9bb37d11-701e-0119-5b60-87b2db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4c4ab9f42ec-EWR

GET
H3 200 worker.js
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 134ms
133ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:16 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 17 May 2023 08:09:30 GMT
server: gnv1
etag: "64648bba-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 82971089-2677-4e1e-8fab-44444f76330b.json
cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/ 5 KB
2 KB 416ms
38ms XHR
application/x-javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/82971089-2677-4e1e-8fab-44444f76330b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g6oxYUr6RsqFpoQ8tbrUrQ==
age: 54581
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1810
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 22:04:11 GMT
server: cloudflare
etag: 0x8DB30A186B4B61C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ecbe5b2-701e-0156-4a8a-6276c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4c7eabe19f7-EWR
expires: Thu, 18 May 2023 14:56:16 GMT

GET
H2 200 location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 71 B
309 B 628ms
104ms XHR
application/json 104.18.43.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.43.158 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c8cb4cbac7c2aa6-LAX
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202302.1.0/ 405 KB
98 KB 32ms
32ms Script
application/javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +3NcDg7IRUqn5oCiPaN6Hg==
age: 54421
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99858
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:12 GMT
server: cloudflare
etag: 0x8DB211B3FF3862E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c029008f-f01e-012a-64e1-5aebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4cc2d3142ec-EWR

GET
H2 200 en.json
cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/3641a057-7579-4d49-9841-25b88bd526ef/ 53 KB
14 KB 56ms
45ms Fetch
application/x-javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/3641a057-7579-4d49-9841-25b88bd526ef/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XCIL5IJJAdHsswsI21vnmA==
age: 66608
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13853
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 22:04:17 GMT
server: cloudflare
etag: 0x8DB30A18AA27D34
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b49c690-301e-00bb-5a8a-623912000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4cccef319f7-EWR
expires: Thu, 18 May 2023 14:56:17 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 106 KB
28 KB 386ms
24ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 May 2023 14:56:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xQY2PcNC+e57/lVK8jL9LfzsIerZiBoxoDR+G2sle1WGpuvS5KKhSmEF4Xvs2HclQtF9kt6mK5NpsNw9x1jjzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 416ms
24ms Script
application/x-javascript 104.117.182.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-74.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=59667
accept-ranges: bytes
content-length: 4777

GET
H2 200 bat.js
bat.bing.com/ 40 KB
12 KB 418ms
33ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 17 May 2023 14:56:17 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FBD93F9B3AA41DF8EAFB46F6F552015 Ref B: EWR30EDGE0220 Ref C: 2023-05-17T14:56:17Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 analytics.js
www.google-analytics.com/ 51 KB
21 KB 390ms
22ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 May 2023 13:22:23 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5634
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 17 May 2023 15:22:23 GMT

GET
H/1.1 200
OK munchkin.js
munchkin.marketo.net/ 1 KB
1 KB 138ms
41ms Script
application/x-javascript 23.10.86.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.86.114 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-86-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 HWyTnY16.min.js
scripts.demandbase.com/ 74 KB
21 KB 132ms
41ms Script
application/javascript 52.85.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-60.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: bH0rTQWFKS.7UMRFDlXC9wgJuzE5JNec
content-encoding: gzip
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
date: Wed, 17 May 2023 14:39:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: EWR53-P1
age: 1027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 02:33:39 GMT
server: AmazonS3
etag: W/"0151d8c859f8a4b5456f17f90e42652f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: MKtHeWYQulANuMcHnO2nElqcKe9WCAta2H2XDJSByhJJKOdLaP7oww==

GET
H2 200 demandbase-forms.js
www.malwarebytes.com/js/ 3 KB
1 KB 4894ms
4892ms Script
application/javascript 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:49:44 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P7
age: 397
x-powered-by: ASP.NET
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"83427fbdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: v4xmfXOCNl7sENwIhETmdwRC3eEy3XETQxdVgsZXDorqSAggWBZK9w==

GET
H2 200 uwt.js
static.ads-twitter.com/ 56 KB
15 KB 125ms
38ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000101-IAD

GET
H2 200 web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 503ms
111ms Script
application/javascript 104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6142598
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GTY1B896RCKB6K5GA7PC90AR-lga
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c8cb4d06d5b434c-EWR

GET
H2 200 js
www.googletagmanager.com/gtag/ 188 KB
67 KB 70ms
69ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68840
x-xss-protection: 0
last-modified: Wed, 17 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 May 2023 14:56:17 GMT

GET
H2 200 bizible.js
cdn.bizible.com/scripts/ 67 KB
25 KB 228ms
23ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1DD2) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 21:45:15 GMT
server: ECS (nyb/1DD2)
age: 5824
etag: "33a91df5184d91:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25471

GET tag.js
www.estore.malwarebytes.com/proxydirectory/tags/445691266569/ 0
0

GET
H2 200 js
www.googletagmanager.com/gtag/ 271 KB
85 KB 99ms
98ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 May 2023 14:56:17 GMT

GET
H2 200 otFlat.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 13 KB
3 KB 42ms
40ms Fetch
application/json 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JiPvkoWr8q46ry2my9HtEQ==
age: 66577
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:05 GMT
server: cloudflare
etag: 0x8DB211B3B953477
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 51dfdaf6-101e-000d-3de1-5a37ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4ce286f19f7-EWR

GET
H2 200 otPcPanel.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/v2/ 63 KB
12 KB 48ms
47ms Fetch
application/json 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: L46Lh0RO9Nev4QxmjN/1xA==
age: 55033
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12592
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:07 GMT
server: cloudflare
etag: 0x8DB211B3CF8FFC7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 018055fb-901e-00f9-4de1-5a1206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4ce287119f7-EWR

GET
H2 200 otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 5 KB
2 KB 44ms
43ms Fetch
application/json 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Jvkuxf9W6+kYQ5KH9WFg0A==
age: 49818
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:06 GMT
server: cloudflare
etag: 0x8DB211B3C9D30EB
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3582565a-701e-0156-5be1-5a76c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4ce287219f7-EWR

GET
H2 200 otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 21 KB
4 KB 43ms
42ms Fetch
text/css 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 55033
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 03:55:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ca60e9e9-901e-00f2-3be1-5a0a72000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8cb4ce287319f7-EWR

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
601 B 35ms
33ms Image
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 60210
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 430dc7c9-601e-0124-70b1-8707fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8cb4cf78ef42ec-EWR

GET
H2 200 ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 497 B
494 B 31ms
30ms Fetch
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 55033
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d2ad3d87-001e-005d-53c2-8728e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8cb4cfba6f19f7-EWR

GET
H2 200 MWB_logo_M_RGB.png
cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/d90c2010-80ed-4a4b-8a31-17ccd1d0c206/c324b79e-a0a5-430d-82fd-8f9f79f1a5b6/ 53 KB
53 KB 112ms
109ms Image
image/png 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/d90c2010-80ed-4a4b-8a31-17ccd1d0c206/c324b79e-a0a5-430d-82fd-8f9f79f1a5b6/MWB_logo_M_RGB.png

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: McgP443mQJqrfGNzmbRFUg==
content-length: 53945
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 22:31:52 GMT
server: cloudflare
etag: 0x8DA91E9ED65F781
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fd957a2a-f01e-0108-34e1-5a85c0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4d079de42ec-EWR

GET
H2 200 MWB_logo_horizontal_RGB.png
cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/a680236c-07ce-4a67-a071-5da64e5e3464/07803b7b-54a7-4883-929b-d87cd6799c27/ 46 KB
46 KB 102ms
100ms Image
image/png 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/a680236c-07ce-4a67-a071-5da64e5e3464/07803b7b-54a7-4883-929b-d87cd6799c27/MWB_logo_horizontal_RGB.png

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g65E4kh32bbdSPqSevAl8Q==
content-length: 47111
x-ms-lease-status: unlocked
last-modified: Fri, 16 Sep 2022 19:40:37 GMT
server: cloudflare
etag: 0x8DA981B5438DC42
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2fb60c79-001e-017b-14e1-5af503000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c8cb4d079df42ec-EWR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 33ms
31ms Image
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 May 2023 14:56:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 71149
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bed475ff-601e-0149-251c-88add3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c8cb4d079e042ec-EWR

GET
H/1.1 200
OK munchkin.js
munchkin.marketo.net/163/ 11 KB
5 KB 133ms
130ms Script
application/x-javascript 23.10.86.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.86.114 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-10-86-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 25 Aug 2023 14:56:18 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 330ms
49ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=bf818106-1062-47ff-b26f-62c4382f6663&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95f7787e-49cc-4395-bc00-71bae9dd48bf&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 8
date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: fa35b492af71f07b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fa00310c57bd73b9c0288c989c2851448a3bca5e58e62e0901beb2a4c604a0d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 332ms
51ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bf818106-1062-47ff-b26f-62c4382f6663&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95f7787e-49cc-4395-bc00-71bae9dd48bf&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 10
date: Wed, 17 May 2023 14:56:17 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 84a804ca24db4f3a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3193b8a2e29483d88152155c8550c7b8ac6c1e1ab426003cb8cde0a11d6dbb26
content-length: 43

GET
H2 200 sync
s.company-target.com/s/ Frame C6F5 634 B
977 B 83ms
26ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 14:56:18 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJLWk6MGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297JmUB0-EcfBcHImU0iunwhd1w3EB7YpB3FxznKJKPjHk

26 B
409 B

113ms
34ms

Image
image/gif

13.33.60.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297JmUB0-EcfBcHImU0iunwhd1w3EB7YpB3FxznKJKPjHk
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: HTTP/1.1
Server: 13.33.60.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-108.ewr52.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:18 GMT
Via: 1.1 fcd9aaae3f7bd20d13dd07c7cf616378.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 8de6efe0e2aa83cd
X-Amz-Cf-Id: QL2UmCQh61Lv1es0aE4aZTLhZAbc-hfEqUUsO26xW65JZE2AB7CbpA==

Redirect headers

date: Wed, 17 May 2023 14:56:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297JmUB0-EcfBcHImU0iunwhd1w3EB7YpB3FxznKJKPjHk
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 751ms
348ms Ping
text/plain 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je35a0&_p=202118932&_gaz=1&gdid=dYWJhMj&cid=584440631.1684335378&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&sid=1684335378&sct=1&seg=0&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_group=Homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 418ms
46ms Ping
text/plain 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=584440631.1684335378&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ip.json
api.company-target.com/api/v2/ 4 KB
1 KB 523ms
214ms XHR
application/json 13.226.34.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2F&page_title=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-79.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 May 2023 14:56:18 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: f540f489-1569-4093-8081-e3b7531ec27b
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.malwarebytes.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8Jy5RhxDNuMa9XN1a-OKcMzS01yjby50s_Ba0dLFXAFkLJo7z2pYlg==
expires: Tue, 16 May 2023 14:56:18 GMT

GET
H2 200 token
cdn.linkedin.oribi.io/partner/2594100/domain/malwarebytes.com/ 36 B
368 B 421ms
19ms XHR
application/json 13.225.223.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/malwarebytes.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-33.jfk51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:38:22 GMT
content-encoding: gzip
via: 1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1076
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: XPDMmXpxjR4bPPhHovjRBjpeyoZCsSej7mKBJvX1S0CKl4B8ElLCOw==

GET
H/1.1

200
OK

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1684335378301%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true&liSync=true

0
600 B

30ms
29ms

Image
application/javascript

108.174.10.20
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true&liSync=true
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: HTTP/1.1
Server: 108.174.10.20 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-20.fwd.linkedin.com
Software: Play /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:19 GMT
Server: Play
X-Li-Pop: prod-lva1-x
LinkedIn-Action: 1
X-Li-Fabric: prod-lva1
Content-Type: application/javascript
X-LI-Proto: http/1.1
Connection: keep-alive
content-length: 0
X-LI-UUID: AAX75OP+LiuCkF9oCcKchg==

Redirect headers

Date: Wed, 17 May 2023 14:56:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; script-src-attr 'report-sample' 'none'; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
LinkedIn-Action: 1
Content-Security-Policy-Report-Only: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-uri https://www.linkedin.com/security/csp?f=mhs_l&ro=true
Connection: keep-alive
content-length: 0
X-LI-UUID: AAX75OP9Ro1jsHuDHJnzpA==
Pragma: no-cache
Server: Play
X-Li-Pop: prod-lva1-x
X-Frame-Options: sameorigin
X-Li-Fabric: prod-lva1
Location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1684335378301&url=https%3A%2F%2Fwww.malwarebytes.com%2F&cookiesTest=true&liSync=true
Cache-Control: no-cache, no-store
X-LI-Proto: http/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 identity.js
connect.facebook.net/signals/plugins/ 64 KB
20 KB 22ms
21ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 May 2023 14:56:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KDLlTeckkJmODdS9PvAgkKMhVo7uhRXLaCcwXZ/J+cFrcwe02D0sgNEsqqpjqmZMxzyag8fWrYk+m4GMgcMoQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1480959392203028
connect.facebook.net/signals/config/ 301 KB
86 KB 28ms
28ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 May 2023 14:56:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88329
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6Tl1JQz4CSyK/nDUkh/JMoWAXns5f2XKgGClG92jR3jgjGfZVJhwtwPmlYuqWtDwxY0UlQgeSAiDHjwDVc5uew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 19ms
17ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 May 2023 15:38:41 GMT

GET
H2 204 4072696.js
bat.bing.com/p/action/ 0
136 B 32ms
31ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

/ ARR/3.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 17 May 2023 14:56:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66C66108A9BD41AB901F672E46C26858 Ref B: EWR30EDGE0220 Ref C: 2023-05-17T14:56:18Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 39ms
38ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=a03dfaf9-ab38-4fa7-b473-c1927c0e2b70&sid=faa02580f4c211ed8ce0877846237f24&vid=faa074f0f4c211edba8d4b7bd453d240&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&p=https%3A%2F%2Fwww.malwarebytes.com%2F&r=&evt=pageLoad&sv=1&rn=958761

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 May 2023 14:56:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B6748D8FA78F4AE5BFAB9AB7C1B30ED2 Ref B: EWR30EDGE0220 Ref C: 2023-05-17T14:56:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C6F5
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3&C=1

43 B
766 B

28ms
27ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 May 2023 14:56:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 17 May 2023 14:56:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1700232978&external_user_id=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame C6F5 43 B
393 B 438ms
37ms Image
image/gif 54.175.58.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.58.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-58-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 17 May 2023 14:56:18 GMT
server: nginx
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C6F5 42 B
775 B 2837ms
169ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=8d972fd8-1938-47d3-8d3e-8814cb5c5fa3&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 164ms
36ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1684335378433&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1684335378431-72699&_mchHo=www.malwarebytes.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:56:18 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: c0952974-205c-49a0-99b8-a9c741767b2a

POST
H2 200 collect
stats.g.doubleclick.net/j/ 2 B
149 B 215ms
48ms XHR
text/plain 142.251.16.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-3347303-10&cid=584440631.1684335378&jid=1340074712&uid=C8F9F587-2148-40F1-B7E2-233A275CCF22&gjid=1323959728&_gid=875989461.1684335378&_u=aCDAgEAjAAAAAEAAIg~&z=737139285

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 17 May 2023 14:56:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 52ms
17ms Image
image/gif 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=202118932&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAAAAIg~&jid=1340074712&gjid=1323959728&cid=584440631.1684335378&uid=C8F9F587-2148-40F1-B7E2-233A275CCF22&tid=UA-3347303-10&_gid=875989461.1684335378&gtm=45He35a0n71MKSKW3&z=2005952737

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 18:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75198
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1181ms
31ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&rl=&if=false&ts=1684335378536&cd[content_name]=Home&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1684335378532.195971509&it=1684335378316&coo=false&tm=1&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 May 2023 14:56:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 1181ms
32ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&rl=&if=false&ts=1684335378547&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1684335378532.195971509&it=1684335378316&coo=false&tm=1&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 May 2023 14:56:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 1081ms
61ms Image
image/gif 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-3347303-10&cid=584440631.1684335378&jid=1340074712&_u=aCDAgEAjAAAAAEAAIg~&z=1732877828

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 10ms
9ms Image
image/gif 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=202118932&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAgEAjAAAAAEAAIg~&jid=&gjid=&cid=584440631.1684335378&uid=C8F9F587-2148-40F1-B7E2-233A275CCF22&tid=UA-3347303-10&_gid=875989461.1684335378&gtm=45He35a0n71MKSKW3&cd2=28880598&cd3=SMB&cd4=Software%20%26%20Technology&cd5=Locator%20Technologies%20LLC&cd6=Locator%20Technologies&cd7=Software%20%26%20Technology&cd8=Data%20%26%20Technical%20Services&cd9=%241M%20-%20%245M&cd10=Small&cd11=Santa%20Monica&cd12=CA&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=US&cd18=locatortechnologies.com&cd24=8&z=1847054583

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 18:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75198
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 674ms
33ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&rl=&if=false&ts=1684335379056&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes%22%2C%22meta%3Adescription%22%3A%22Protect%20your%20home%20and%20business%20PCs%2C%20Macs%2C%20iOS%20and%20Android%20devices%20from%20the%20latest%20cyber%20threats%20and%20malware%2C%20including%20ransomware.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2F%22%2C%22og%3Asite_name%22%3A%22Malwarebytes%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fimages%2Fmalwarebytes-meta.png%22%2C%22og%3Adescription%22%3A%22Protect%20your%20home%20and%20business%20PCs%2C%20Macs%2C%20iOS%20and%20Android%20devices%20from%20the%20latest%20cyber%20threats%20and%20malware%2C%20including%20ransomware.%22%2C%22twitter%3Atitle%22%3A%22Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Acreator%22%3A%22%40malwarebytes%22%2C%22twitter%3Asite%22%3A%22%40malwarebytes%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fimages%2Fmalwarebytes-meta.png%22%2C%22twitter%3Adescription%22%3A%22Protect%20your%20home%20and%20business%20PCs%2C%20Macs%2C%20iOS%20and%20Android%20devices%20from%20the%20latest%20cyber%20threats%20and%20malware%2C%20including%20ransomware.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22us-en%22%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2F%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1684335378532.195971509&it=1684335378316&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 May 2023 14:56:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 intl-sites.json
www.malwarebytes.com/js/ 890 B
1 KB 549ms
311ms XHR
text/html 2600:9000:2512:2200:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/intl-sites.json

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:2200:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:22 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
via: 1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: JFK50-P7
x-powered-by: ASP.NET
x-frame-options: DENY
x-cache: Miss from cloudfront
content-type: text/html
cache-control: private
content-length: 890
x-amz-cf-id: Q0yOQmTfojr82FqmixZFFi_PaVAog7JV4301RsupQDjgWfhlmXCgRQ==

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
2 KB 611ms
137ms Script
text/javascript 2607:f8b0:4020:807::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1684335382819&cv=11&fst=1684335382819&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2F&hn=www.googleadservices.com&frm=0&tiba=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&did=dYWJhMj&gdid=dYWJhMj&auid=1845029195.1684335377&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 153ms
16ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=957dd82206a04161f732fc1a103c7710&_biz_s=973e38&_biz_l=https%3A%2F%2Fwww.malwarebytes.com%2F&_biz_t=1684335383010&_biz_i=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&_biz_n=0&rnd=20285&cdn_o=a&_biz_z=1684335383014
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D07) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:23 GMT
last-modified: Sun, 14 May 2023 13:19:12 GMT
server: ECS (nyb/1D07)
age: 265031
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 187ms
43ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=957dd82206a04161f732fc1a103c7710&_biz_s=973e38&_biz_l=https%3A%2F%2Fwww.malwarebytes.com%2F&_biz_t=1684335383326&_biz_i=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&rnd=41127&cdn_o=a&_biz_z=1684335383327
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D33) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:23 GMT
last-modified: Sun, 14 May 2023 20:10:05 GMT
server: ECS (nyb/1D33)
age: 240378
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 xdc.js
cdn.bizible.com/ 116 B
546 B 256ms
35ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=957dd82206a04161f732fc1a103c7710&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.05.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D31) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:56:22 GMT
content-encoding: gzip
server: ECS (nyb/1D31)
etag: E9F38050
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 219

GET
H2 200 u
cdn.bizible.com/m/ 43 B
122 B 227ms
6ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A805-USG-300%26token%3A_mch-malwarebytes.com-1684335378431-72699&_biz_u=957dd82206a04161f732fc1a103c7710&_biz_s=973e38&_biz_l=https%3A%2F%2Fwww.malwarebytes.com%2F&_biz_t=1684335383332&_biz_i=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&_biz_n=1&rnd=900122&cdn_o=a&_biz_z=1684335383546
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D16) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:23 GMT
last-modified: Sun, 14 May 2023 13:19:47 GMT
server: ECS (nyb/1D16)
age: 264996
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
154 B 232ms
48ms Image
image/gif 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1684335382819&cv=11&fst=1684332000000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2F&frm=0&tiba=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2736912104&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 187ms
70ms Image
image/gif 2607:f8b0:4020:805::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=202118932&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=25%20percent&_u=aDDAgEAjAAAAAEAAIg~&jid=&gjid=&cid=584440631.1684335378&uid=C8F9F587-2148-40F1-B7E2-233A275CCF22&tid=UA-3347303-10&_gid=875989461.1684335378&gtm=45He35a0n71MKSKW3&z=1103197825

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 01:17:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49154
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 188ms
67ms Image
image/gif 2607:f8b0:4020:805::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=202118932&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=50%20percent&_u=aDDAgEAjAAAAAEAAIg~&jid=&gjid=&cid=584440631.1684335378&uid=C8F9F587-2148-40F1-B7E2-233A275CCF22&tid=UA-3347303-10&_gid=875989461.1684335378&gtm=45He35a0n71MKSKW3&z=1417180357

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 01:17:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49154
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 241ms
80ms Ping
text/plain 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je35a0&_p=202118932&gdid=dYWJhMj&cid=584440631.1684335378&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fwww.malwarebytes.com%2F&sid=1684335378&sct=1&seg=0&dt=Cyber%20Security%20Software%20%26%20Anti-Malware%20%7C%20Malwarebytes&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 May 2023 14:56:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7ghicgw4nish.js
js.driftt.com/include/1684335600000/ 220 KB
62 KB 366ms
77ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1684335600000/7ghicgw4nish.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: I6o.sKE_bgxcXARSPYssvurm96qI8KTV
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 17 May 2023 14:56:26 GMT
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Tue, 16 May 2023 17:01:07 GMT
server: istio-envoy
etag: W/"acadc8cb0364466910d866ff45907224"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jxWKlVjKci5AyIbtrFmJ64-AR9CtOYouA8ToDp0u40d2rCUGw1PyAA==

GET
H2 200 core
js.driftt.com/ Frame 7D7F 2 KB
1 KB 151ms
64ms Document
text/html 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1684335600000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 14:56:26 GMT
etag: W/"460804a9bdb6a270a8b17c3d6982d09c"
last-modified: Tue, 16 May 2023 17:00:51 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-id: L3OeWPbpNSXQk08yAqAYQR7xY0VwLppU3f4mteEOHCu7h-ymAPy3NA==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: HhqMPNYVkjb9FUUDwuXpQCLNULwD_N0.
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 13

GET
H2 200 chat
js.driftt.com/core/ Frame 0462 2 KB
1 KB 129ms
50ms Document
text/html 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1684335600000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 17 May 2023 14:56:26 GMT
etag: W/"460804a9bdb6a270a8b17c3d6982d09c"
last-modified: Tue, 16 May 2023 17:00:51 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-id: cspHO9urC-Otbxty6dLUAuk3oIxHD6NTN1o5_8LWXLNUUYI3eaxbYg==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: HhqMPNYVkjb9FUUDwuXpQCLNULwD_N0.
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 13

GET
H2 200 runtime~main.ab54bfc8.js
js.driftt.com/core/assets/js/ Frame 0462 6 KB
3 KB 61ms
53ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab54bfc8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:00:50 GMT
x-amz-version-id: Gs1OcaZBZkTyTnNaGBA1dnP1qbjFcqTl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 78936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Tue, 16 May 2023 16:27:54 GMT
server: istio-envoy
etag: W/"dab9520cee082d589e7870b51998498a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTTa1qonOuhlosGdjlM4OCNYQ5QXjbNL9POpNZxbsFnk83KZbx6bUg==

GET
H2 200 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 35 KB
13 KB 67ms
59ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:57:38 GMT
x-amz-version-id: 2JWi8Ku6vc.KCpNqgtX7CdHSCSgh2O6x
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4309128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 02 Mar 2023 16:14:46 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X1qJbNiye-og9e_AeYNBFGM3fP8X9zpZYkmw6Ln_lb9RiuzcG2H7Fw==

GET
H2 200 main~493df0b3.8b2c72a3.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 7 KB
3 KB 70ms
63ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.8b2c72a3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1684335373057
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: PEKJf28yFXtQsHpFTSgRcYwUyvcrWHpZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 438415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Thu, 11 May 2023 20:21:38 GMT
server: istio-envoy
etag: W/"fbe50ae663ea71c43233c4d8a81585e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ysn9OVkN8sGIknarpF2GoZ2QB2c_OZvftWsWsRedSFysew-lTQ4M8Q==

GET
H2 200 runtime~main.ab54bfc8.js
js.driftt.com/core/assets/js/ Frame 7D7F 6 KB
0 63ms
26ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab54bfc8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:00:50 GMT
x-amz-version-id: Gs1OcaZBZkTyTnNaGBA1dnP1qbjFcqTl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 78936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Tue, 16 May 2023 16:27:54 GMT
server: istio-envoy
etag: W/"dab9520cee082d589e7870b51998498a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FsecloqfIQ9yCuMyl5Ml2NoEZ5Dw-T2XlpFiQohIfTn7hXQA1eGjSQ==

GET
H2 200 9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 7D7F 35 KB
0 63ms
28ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:57:38 GMT
x-amz-version-id: 2JWi8Ku6vc.KCpNqgtX7CdHSCSgh2O6x
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4309128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 02 Mar 2023 16:14:46 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xVZE-b_CLtvTQr7UZHPPIS47qOM2NwXvTPNC7mdxlQ4UdiTQ9RSjoQ==

GET
H2 200 main~493df0b3.8b2c72a3.chunk.js
js.driftt.com/core/assets/js/ Frame 7D7F 7 KB
0 65ms
29ms Script
application/javascript 13.225.223.85

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.8b2c72a3.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=0eaba7f6-9479-40db-b8b1-7202a22a7fc7&sessionStarted=1684335386.313&campaignRefreshToken=2558e56a-d5e4-415d-a75b-91a768dfccbd&hideController=false&pageLoadStartTime=1684335373057&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.malwarebytes.com%2F
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: PEKJf28yFXtQsHpFTSgRcYwUyvcrWHpZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 438415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Thu, 11 May 2023 20:21:38 GMT
server: istio-envoy
etag: W/"fbe50ae663ea71c43233c4d8a81585e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YPaLRTc9IUVUBINLRjHA1me4XG2HcqdBHNZdCuTeUIYV-edoRNtlUg==

GET 51.558be3c5.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 24.6f929cdc.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 41.b4fc4de2.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

GET 18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame 0462 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.estore.malwarebytes.com
URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/24.6f929cdc.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Domain: js.driftt.com
URL: https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/tpc?a=622914&r=0.16385461375830146, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/lib/622914.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/tpc?a=622914&r=0.16385461375830146, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
analytics.google.com
analytics.twitter.com
api.company-target.com
api.demandbase.com
bat.bing.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
connect.facebook.net
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
js.driftt.com
malwarebytes.com
munchkin.marketo.net
partners.tremorhub.com
pixel.rubiconproject.com
plausible.io
px.ads.linkedin.com
s.company-target.com
scripts.demandbase.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
unpkg.com
www.estore.malwarebytes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
js.driftt.com
www.estore.malwarebytes.com
104.117.182.74
104.16.122.175
104.18.43.158
104.19.188.97
104.244.42.133
104.244.42.3
108.138.106.23
108.138.106.40
108.174.10.20
13.225.223.33
13.225.223.85
13.226.34.79
13.33.60.108
138.199.40.58
142.251.16.157
146.75.28.157
152.199.2.76
172.217.13.110
172.217.13.163
172.217.13.168
172.217.13.196
18.233.44.28
192.28.144.124
192.40.39.223
204.79.197.200
216.239.38.178
23.10.86.114
2600:9000:2512:2200:16:26c7:ff80:93a1
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:807::2002
31.13.71.36
31.13.71.7
34.96.102.137
34.96.71.22
35.190.60.146
52.85.61.60
54.175.58.106
69.173.151.100
99.84.37.38
07666a985598072ae7c5f72ee83f9be897a6a902742af505e677c34570f8d233
0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
11c25d704855752ab516fe4d22c1677a6773d29acc59005bc9cf68a5d4815d22
18285073be09ee89c8667e44bb228eef7df6905e67f0d49e499343f0d47064f7
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
27da18ee142cce1312d5fe0a4adb16798a5dc6ffd20562b5b9aff527d0325f48
29386698ab63b15d965fc27d014bd48bb47a26f74c452966856c0db2aef5fcad
2c1e633718b0d9a2eb871c62b56def58c5380b77ca94d24ec63711ceb1c178f0
2e94c801d34ae28280613c77ca16ac28b7fa55d8e3d1c41cb114e79e9cfdb720
398fa1a8e57a03ce6d417163b99fde520cfc9ce81235a6886375331b313a9050
3f08885b09ffefc94c33e586a3f60c3b6aa19b0e908242e4a4eaa428d7e6a6bf
43613264f05340d470ed611ce60827dcc7453d00279920cb60a7790b69432c02
456f446bebf9baeef961399fc77c0297a4cd18a15dd601a7d9c5092bea89e1d7
46b429d814a65524f8867dd31118347eb90081088f3b04a14cfcac9bf9b032f8
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7fb3d86d9be3d33bea466266824f157735ac0417bf1c64204de79d2a4acc9a3f
801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b
8d87884986b0bb2359708c0d0f2459668860b2b3e1efced8d90166d039a259c0
92173c11730492d91a2e26d8fb9c27987a0f67ba97e38195942c4774fcd4de3d
96f10cb1562df204de8de3aed1b619b7fa0f7d8854138c0a9f23bc575afe3f2e
a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b
b9c47a4bac144454675bb9a1507262c85805d95acbd469535829f9ff78ebfdcd
bba9fd051d96c0e6d163b0ee8b108f3a2d2f732700be22d061085375dc2c9bd9
c076d12f8506efbac8fe7ae90d218f3b546e36b13b4cd5ad6ca40d22065f15f7
c32acd22465b575da2a46454290586e6ef71a647de5218e40980cb039e959e0d
c38a53a74fde799bf483707743fb4bb14e4c556f87a3e5392c0054ff7c93198a
dd71328593403430e6476cec8f3e19f75626759c4a4bc9d7dbfb5d357f108887
edeb26e6a28275d4604d59ff58ff4f495e924616400667429c678bf9df65cf31
f284aa2076b2bf07a6ecd3560b458e07fe95fbec17ac850183dcaa5b11d63eb5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

www.malwarebytes.com Open in urlscan Pro 2600:9000:2512:2200:16:26c7:ff80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

137 Requests

89 %HTTPS

10 %IPv6

32 Domains

41 Subdomains

38 IPs

3 Countries

1693 kBTransfer

5104 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:2512:2200:16:26c7:ff80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

89 %
HTTPS

10 %
IPv6

32
Domains

41
Subdomains

38
IPs

3
Countries

1693 kB
Transfer

5104 kB
Size

137 HTTP transactions
1 data transactions