urlscan.io logo urlscan.io
SecurityTrails logo

go.malwarebytes.com Open in urlscan Pro
104.17.72.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Effective URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWk...
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 7 countries across 30 domains to perform 81 HTTP transactions. The main IP is 104.17.72.206, located in and belongs to CLOUDFLARENET, US. The main domain is go.malwarebytes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time go.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
7 104.17.72.206 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 143.204.207.88 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
2 23.56.213.107 6453 (AS6453)
3 2a00:1450:400... 15169 (GOOGLE)
6 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.250.186.66 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.185.166 15169 (GOOGLE)
2 2a04:4e42:1b::84 54113 (FASTLY)
1 65.9.65.116 16509 (AMAZON-02)
1 51.11.20.152 8075 (MICROSOFT...)
1 212.82.100.181 34010 (YAHOO-IRD)
3 23.44.0.191 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.28.144.124 15224 (OMNITURE)
1 13.32.22.85 16509 (AMAZON-02)
1 143.204.207.85 16509 (AMAZON-02)
2 2 52.30.222.33 16509 (AMAZON-02)
1 2 143.204.207.123 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.12.157 54113 (FASTLY)
2 34.252.40.252 16509 (AMAZON-02)
1 5 104.119.104.207 16625 (AKAMAI-AS)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
1 54.73.172.176 16509 (AMAZON-02)
81 36
1    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go2.malwarebytes.com
7    104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.malwarebytes.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    143.204.207.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-88.fra53.r.cloudfront.net
www.malwarebytes.org
3    2600:9000:206f:400:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.malwarebytes.com
2    23.56.213.107 (Atlanta, United States)

ASN6453 (AS6453, US)
PTR: a23-56-213-107.deploy.static.akamaitechnologies.com
munchkin.marketo.net
3    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
9    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
9812475.fls.doubleclick.net
8019375.fls.doubleclick.net
2    2a04:4e42:1b::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
js.adsrvr.org
1    51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.perk0mean.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
3    23.44.0.191 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-191.deploy.static.akamaitechnologies.com
ct.pinterest.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
805-usg-300.mktoresp.com
1    13.32.22.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-85.fra56.r.cloudfront.net
scripts.demandbase.com
1    143.204.207.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-85.fra53.r.cloudfront.net
api.company-target.com
2    52.30.222.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-222-33.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    143.204.207.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-123.fra53.r.cloudfront.net
segments.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    34.252.40.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-252.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
5    104.119.104.207 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-119-104-207.deploy.static.akamaitechnologies.com
www.pinterest.com
www.pinterest.de
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    54.73.172.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
Apex Domain
Subdomains		 Transfer
11 malwarebytes.com
go2.malwarebytes.com
go.malwarebytes.com
www.malwarebytes.com
123 KB
9 google-analytics.com
www.google-analytics.com
22 KB
8 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
9812475.fls.doubleclick.net
8019375.fls.doubleclick.net
7 KB
6 google.com
www.google.com
adservice.google.com
2 KB
6 bing.com
bat.bing.com
11 KB
5 crazyegg.com
script.crazyegg.com
tracking.crazyegg.com
25 KB
4 pinterest.de
www.pinterest.de
14 KB
4 pinterest.com
ct.pinterest.com
www.pinterest.com
2 KB
4 google.de
www.google.de
892 B
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
4 KB
3 company-target.com
api.company-target.com
segments.company-target.com
2 KB
3 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
3 KB
3 googletagmanager.com
www.googletagmanager.com
164 KB
2 bidr.io
match.prod.bidr.io
1019 B
2 pinimg.com
s.pinimg.com
20 KB
2 googleadservices.com
www.googleadservices.com
16 KB
2 yimg.com
s.yimg.com
7 KB
2 licdn.com
snap.licdn.com
5 KB
2 marketo.net
munchkin.marketo.net
6 KB
2 malwarebytes.org
www.malwarebytes.org
615 B
1 t.co
t.co
454 B
1 twitter.com
analytics.twitter.com
659 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 rlcdn.com
id.rlcdn.com
66 B
1 demandbase.com
scripts.demandbase.com
16 KB
1 mktoresp.com
805-usg-300.mktoresp.com
311 B
1 yahoo.com
sp.analytics.yahoo.com
964 B
1 perk0mean.com
secure.perk0mean.com
255 B
1 unpkg.com
unpkg.com
2 KB
1 googleapis.com
ajax.googleapis.com
33 KB
81 30
Domain Requested by
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
go.malwarebytes.com
7 go.malwarebytes.com go2.malwarebytes.com
go.malwarebytes.com
6 bat.bing.com www.googletagmanager.com
bat.bing.com
go.malwarebytes.com
4 www.pinterest.de s.pinimg.com
go2.malwarebytes.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 www.google.de go.malwarebytes.com
4 www.google.com 1 redirects go.malwarebytes.com
3 ct.pinterest.com s.pinimg.com
go.malwarebytes.com
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 www.googletagmanager.com go.malwarebytes.com
www.googletagmanager.com
3 www.malwarebytes.com go.malwarebytes.com
www.googletagmanager.com
2 insight.adsrvr.org js.adsrvr.org
2 segments.company-target.com 1 redirects go.malwarebytes.com
2 match.prod.bidr.io 2 redirects
2 adservice.google.com 9812475.fls.doubleclick.net
8019375.fls.doubleclick.net
2 8019375.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 9812475.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 px.ads.linkedin.com 2 redirects
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 s.yimg.com go2.malwarebytes.com
s.yimg.com
2 snap.licdn.com www.googletagmanager.com
2 munchkin.marketo.net go.malwarebytes.com
munchkin.marketo.net
2 www.malwarebytes.org 2 redirects
1 tracking.crazyegg.com script.crazyegg.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 www.pinterest.com 1 redirects
1 static.ads-twitter.com go2.malwarebytes.com
1 id.rlcdn.com go.malwarebytes.com
1 api.company-target.com scripts.demandbase.com
1 scripts.demandbase.com go2.malwarebytes.com
1 805-usg-300.mktoresp.com munchkin.marketo.net
1 sp.analytics.yahoo.com go.malwarebytes.com
1 secure.perk0mean.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com go.malwarebytes.com
1 www.linkedin.com 1 redirects
1 unpkg.com www.googletagmanager.com
1 ajax.googleapis.com go.malwarebytes.com
1 go2.malwarebytes.com
81 42

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.org
Subject Issuer Validity Valid
go.malwarebytes.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.malwarebytes.com
Amazon		 2021-05-26 -
2022-06-24		 a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2021-03-29 -
2022-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
secure.norm0care.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-19		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2020-10-14 -
2021-11-15		 a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2020-10-09 -
2021-10-28		 a year crt.sh
*.company-target.com
Amazon		 2021-08-31 -
2022-09-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2020-07-26 -
2022-07-23		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Frame ID: 51C54A88D43CFF9E4C6F38DB410C4F7F
Requests: 72 HTTP requests in this frame

Frame: https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Frame ID: E1D1E84F4DBE64D56376A0C9765E4DC1
Requests: 2 HTTP requests in this frame

Frame: https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Frame ID: F8A7474AA2C4D5887B66C411C34E1647
Requests: 2 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 9E7BEB9BD31D60B7B38F8A4890C98E5B
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&upid=r8yigtp&upv=1.1.0
Frame ID: 0D06324EBCC3553BBFA1A204DFC6E048
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCA... Page URL
  2. https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

81
Requests

99 %
HTTPS

43 %
IPv6

30
Domains

42
Subdomains

36
IPs

7
Countries

484 kB
Transfer

1306 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4= Page URL
  2. https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.malwarebytes.org/js/jquery-1.11.3.min.js HTTP 301
  • https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Request Chain 6
  • https://www.malwarebytes.org/js/demandbase-forms.js HTTP 301
  • https://www.malwarebytes.com/js/demandbase-forms.js
Request Chain 20
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1632324561348%26url%3Dhttps%253A%252F%252Fgo.malwarebytes.com%252Fpreference-center.html%253Fmkt_unsubscribe%253D1%2526mkt_tok%253DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&liSync=true&e_ipv6=AQJ5CaowCdFVuwAAAXwOIC07zunOHjRwQUjBNEUzYDYh5n50dMDe2UW6MpegGCpCPpKDhowa60Kh
Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0UtLYcmcHviux_APy8uHaA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=0UtLYcmcHviux_APy8uHaA&random=2819406695&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=0UtLYcmcHviux_APy8uHaA&random=2819406695&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 33
  • https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv HTTP 302
  • https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Request Chain 35
  • https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv HTTP 302
  • https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Request Chain 56
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg&verifyHash=135d3a8a25a30219a6e43e05637acf6f7b0c203a
Request Chain 64
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.de/ct.html

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
go2.malwarebytes.com/ 		513 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
HTTP/1.1
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
317950f47bcf865861a0925b8970c15ae67d16e4765bd6f1e06e36283a259762
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
go2.malwarebytes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 22 Sep 2021 15:29:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private, no-cache, no-store, max-age=0
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Set-Cookie
__cf_bm=9_FWR9RA5s6AX7O_7V_s1IQ_hNzyJKVCxh98A.ZeQWE-1632324560-0-Af0ylOdTNp/9hFsnFIrGgISTbNy8CoD9PA4P8ojUqHYQrokSsPoC7tBf0VjhsWpdsEtn1gDYmOOEHtWq+aKqt3U=; path=/; expires=Wed, 22-Sep-21 15:59:20 GMT; domain=.go2.malwarebytes.com; HttpOnly; SameSite=None
Server
cloudflare
CF-RAY
692c91753d9a42cf-FRA
Content-Encoding
gzip
Primary Request preference-center.html
go.malwarebytes.com/ 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2778e580600ffe21478eb964b1982bbf9ad612ced6d519c007045e6dae36ba4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
go.malwarebytes.com
:scheme
https
:path
/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://go2.malwarebytes.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://go2.malwarebytes.com/

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-type
text/html; charset=utf-8
p3p
CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
x-asset-type
LP
vary
*,Accept-Encoding
x-content-type-options
nosniff
x-cache-status
BYPASS
x-mkto-nginx-cache
false
set-cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==;Path=/;Version=1;Secure;Httponly __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=; path=/; expires=Wed, 22-Sep-21 15:59:21 GMT; domain=.go.malwarebytes.com; HttpOnly; Secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692c9177791f4ee5-FRA
content-encoding
gzip
mktLPSupportCompat.css
go.malwarebytes.com/css/ 		2 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/css/mktLPSupportCompat.css
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/css/mktLPSupportCompat.css
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6990
content-length
635
last-modified
Tue, 10 Aug 2021 17:41:11 GMT
server
cloudflare
etag
"341006-633-5c93801e9bbc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
692c917afff74ee5-FRA
expires
Wed, 22 Sep 2021 19:29:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 11:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 22 Sep 2022 11:28:22 GMT
New%20MB%20Logo.png
go.malwarebytes.com/rs/805-USG-300/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.malwarebytes.com/rs/805-USG-300/images/New%20MB%20Logo.png
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30089b6e185937bcf67cd549e00371d1147de80d79457da18acae77e72ce1f92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/rs/805-USG-300/images/New%20MB%20Logo.png
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Sat, 21 Aug 2021 02:58:59 GMT
server
cloudflare
etag
"1901066-1ab8-5ca08f737762c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
692c917b488e4ee5-FRA
content-length
6840
expires
Wed, 22 Sep 2021 15:30:21 GMT
forms2.min.js
go.malwarebytes.com/js/forms2/js/ 		205 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/js/forms2/js/forms2.min.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/js/forms2/js/forms2.min.js
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 17:41:08 GMT
server
cloudflare
age
4031
etag
"1820bca-33210-5c93801bbf500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
692c917b18314ee5-FRA
expires
Wed, 22 Sep 2021 19:29:21 GMT
jquery-1.11.3.min.js
www.malwarebytes.com/js/
Redirect Chain
  • https://www.malwarebytes.org/js/jquery-1.11.3.min.js
  • https://www.malwarebytes.com/js/jquery-1.11.3.min.js
94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:400:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:18:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 23:13:40 GMT
server
Microsoft-IIS/10.0
age
655
x-powered-by
ASP.NET
etag
W/"31cccee0bc7dd71:0"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
cache-control
max-age=900
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
68AHfdawCXljHzqUKjZ17VGVzG9qmQuMB3ROAUYLG1adtvHNttvi4w==

Redirect headers

date
Wed, 22 Sep 2021 07:48:56 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server
CloudFront
age
27625
x-edge-origin-shield-skipped
0
location
https://www.malwarebytes.com/js/jquery-1.11.3.min.js
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
w8C3iIDzwKmzctPx6KX-bWXIA-H2rBsMUQtdBNJR49DBDh_ZFRRIJA==
demandbase-forms.js
www.malwarebytes.com/js/
Redirect Chain
  • https://www.malwarebytes.org/js/demandbase-forms.js
  • https://www.malwarebytes.com/js/demandbase-forms.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/demandbase-forms.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:400:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:27:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 23:12:41 GMT
server
Microsoft-IIS/10.0
age
83
x-powered-by
ASP.NET
etag
W/"83427fbdbc7dd71:0"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
cache-control
max-age=900
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
hjP_izBRfjZijqHlhV1coyufCPpRbQuWQ2uqQCoMlltioENt28JBXw==

Redirect headers

date
Wed, 22 Sep 2021 07:48:56 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server
CloudFront
age
27625
x-edge-origin-shield-skipped
0
location
https://www.malwarebytes.com/js/demandbase-forms.js
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
gR2OP10oX-s6ZxfH7O8kxGcFV1cTKy8l0-5B70IMT_Hn7z1LjRjJGw==
munchkin.js
munchkin.marketo.net// 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net//munchkin.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.107 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS
a23-56-213-107.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 01:40:41 GMT
Server
AkamaiNetStorage
ETag
"5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
stripmkttok.js
go.malwarebytes.com/js/ 		2 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/js/stripmkttok.js
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/js/stripmkttok.js
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
67
content-length
678
last-modified
Tue, 10 Aug 2021 17:41:08 GMT
server
cloudflare
etag
"880558-602-5c93801bbf500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
692c917b488d4ee5-FRA
expires
Wed, 22 Sep 2021 19:29:21 GMT
forms2.css
go.malwarebytes.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/js/forms2/css/forms2.css
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/js/forms2/css/forms2.css
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6834
content-length
2623
last-modified
Tue, 10 Aug 2021 17:41:08 GMT
server
cloudflare
etag
"900b9f-3437-5c93801bbf500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
692c917b78e14ee5-FRA
expires
Wed, 22 Sep 2021 19:29:21 GMT
forms2-theme-simple.css
go.malwarebytes.com/js/forms2/css/ 		826 B
331 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.malwarebytes.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/js/forms2/css/forms2-theme-simple.css
pragma
no-cache
cookie
BIGipServerab12web-nginx-app_https=!EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==; __cf_bm=zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.malwarebytes.com
referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6834
content-length
242
last-modified
Tue, 10 Aug 2021 17:41:08 GMT
server
cloudflare
etag
"1820b8a-33a-5c93801bbf500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
692c917b78e24ee5-FRA
expires
Wed, 22 Sep 2021 19:29:21 GMT
gtm.js
www.googletagmanager.com/ 		294 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
554b3f1ed537a065f20a96cdc9a5975ebbfdf53ebad3ab3f001a919c2ce5678d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89341
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 15:29:21 GMT
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref
Ref A: 2437D274DF0C4329982C9995E09F1A9C Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
etag
"80386a5f63aad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9827
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=19719
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2544
date
Wed, 22 Sep 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 16:46:57 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 22 Sep 2021 15:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
+R5xWwARo2LnFGF4HNiJCE3bZDvArabg8NTVO85eGewXuK9zFWk+2xK7TysvoguJnOqoaKdfcG0=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
CS8R7X63SHDBRYT6
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15877427
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e9412a941d9e2178046a5378c46b42d2
cache-control
public, max-age=31536000
cf-ray
692c917c3bc368fb-FRA
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-380232391
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02b446a5902857bf7bd9764048abc424bf92044245c4cd02cf9358df16208956
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39011
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 15:29:21 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Sep 2021 16:19:28 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-380232391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c9b2f25f41b7ff545aff01bca8720881b1f87a4a39980d6ce014fa00969d9c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14064
x-xss-protection
0
server
cafe
etag
13250159043023796785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Sep 2021 15:29:21 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rR...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1632324561348%26url%3Dhttps%253A%252F%252Fgo.malwarebytes.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rR...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_r...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&liSync=true&e_ipv6=AQJ5CaowCdFVuwAAAXwOIC07zunOHjRwQUjBNEUzYDYh5n50dMDe2UW6MpegGCpCPpKDhowa60Kh
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:22 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
OTcIjooupxagZMx2yyoAAA==

Redirect headers

date
Wed, 22 Sep 2021 15:29:22 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1632324561348&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&liSync=true&e_ipv6=AQJ5CaowCdFVuwAAAXwOIC07zunOHjRwQUjBNEUzYDYh5n50dMDe2UW6MpegGCpCPpKDhowa60Kh
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
KVzCeIoupxZA955XPysAAA==
4072696.js
bat.bing.com/p/action/ 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4072696.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: CBEC53EE8D574E7498E1BD581948DD23 Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
collect
stats.g.doubleclick.net/j/ 		4 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3347303-10&cid=1819231965.1632324561&jid=2082995616&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&gjid=1450953118&_gid=1979504152.1632324561&_u=aGBAgEAjAAAAAE~&z=853822257
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 15:29:21 GMT
content-type
text/plain
access-control-allow-origin
https://go.malwarebytes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=pageview&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=2082995616&gjid=1450953118&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=106279250
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
10110317.json
s.yimg.com/wi/config/ 		46 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10110317.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:22 GMT
x-content-type-options
nosniff
age
0
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
M5NGHDZX41XQM5F4
x-amz-id-2
mQOAbi0QQeJPDaa/lqjupbUfPgJxXN8lTBr1d/+BKm/Q1otYCRSIZHj/zQM7QAmYhcOMevdNvQs=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Mon, 05 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Sat, 31 Jul 2021 04:48:16 GMT
server
ATS
etag
"cc3d0e0815ad7ef45a521c2a63b65393"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
t1HBn5w9YatPOKrzg1L4mhqDLWfX4l9q
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/octet-stream
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=1632324561480&cv=9&fst=1632324561480&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34c1559b5f9c1aecad7f43c831b149b9f7d0e2fa02e287281e1a73cf3992092b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1194
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/380232391/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/380232391/?random=1632324561483&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e09663ac6ce6407ba00d3724d65154d4e48a31aae56db105bace66a2a43f36ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3347303-10&cid=1819231965.1632324561&jid=2082995616&_u=aGBAgEAjAAAAAE~&z=2147238198
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3347303-10&cid=1819231965.1632324561&jid=2082995616&_u=aGBAgEAjAAAAAE~&z=2147238198
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/380232391/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.de/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=0UtLYcmcHviux_APy8uHaA&random=2819406695&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/380232391/?random=234833217&cv=9&fst=1632324561483&num=1&label=_XHlCK3XlI0CEMfFp7UB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&auid=4531816.1632324561&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=0UtLYcmcHviux_APy8uHaA&random=2819406695&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/380232391/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/380232391/?random=1632324561480&cv=9&fst=1632322800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&async=1&fmt=3&is_vtc=1&random=3144873975&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/380232391/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/380232391/?random=1632324561480&cv=9&fst=1632322800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&async=1&fmt=3&is_vtc=1&random=3144873975&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/160/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/160/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.107 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS
a23-56-213-107.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Feb 2021 02:54:38 GMT
Server
AkamaiNetStorage
ETag
"19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4811
Expires
Fri, 31 Dec 2021 15:29:21 GMT
activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-ce...
9812475.fls.doubleclick.net/ Frame E1D1
Redirect Chain
  • https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-...
  • https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2...
592 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
aa40d5f102089b18f608394bdf992a2c3a6127f1a4b541c74440dac6018894dc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9812475.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.malwarebytes.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 22 Sep 2021 15:29:21 GMT
expires
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
486
x-xss-protection
0
set-cookie
IDE=AHWqTUl9fcSf2M6Z1UOpkoSYjoQhW_H2HmXQkx6XfEHnYvFMqYyeG35sJPneyTORFnE; expires=Mon, 17-Oct-2022 15:29:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 22 Sep 2021 15:29:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
fastly-restarts
1
x-cdn
fastly
etag
"be0de9f37bc515448fb9440e478cda10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%...
8019375.fls.doubleclick.net/ Frame F8A7
Redirect Chain
  • https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.htm...
  • https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwar...
814 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
46fb8429adf3d4517b57ba74ac5bd7286aa0c49cfb1a667431811e33fa0d0c61
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8019375.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.malwarebytes.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 22 Sep 2021 15:29:21 GMT
expires
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
484
x-xss-protection
0
set-cookie
IDE=AHWqTUng2R442_1s3m7EtSxpMWXygUh2WXIR1RIK8f4ToBVwEJb9GYZQNVMdBMKwIlY; expires=Mon, 17-Oct-2022 15:29:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 22 Sep 2021 15:29:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 02:51:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
45455
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/x-javascript
Via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
-2fLp3YC-HkzqlpSXl8lS7za47x4waqUDYMx3erAv7BGM44fvENbNw==
172061.js
secure.perk0mean.com/js/ 		16 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.perk0mean.com/js/172061.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 15:29:21 GMT
Server
Kestrel
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
no-store, must-revalidate
Connection
keep-alive
Expires
0
demandbase-forms.js
www.malwarebytes.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:400:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:28:24 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 23:12:41 GMT
server
Microsoft-IIS/10.0
age
57
x-powered-by
ASP.NET
etag
W/"178b70bdbc7dd71:0"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
cache-control
max-age=900
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
eSUKdzQRgYtG_kI8xGg5yotXKkoqLgxt6rCpR58QFagbhLatfsw1Ww==
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-930356311
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c619cba7f9125caf13ce31100514f2fcb491543f6f0cc26ee4c8d08826f49d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39212
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 15:29:21 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=94777a80-fbe7-4619-8e81-4589f3e28f27&sid=dc0564a01bb911ecbd625913e1512fbc&vid=dc059cb01bb911ec88eb830de1390a83&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&r=http%3A%2F%2Fgo2.malwarebytes.com%2F&lt=1164&evt=pageLoad&msclkid=N&sv=1&rn=426752
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 896983A092104C819C2FFBF509CFA630 Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=94777a80-fbe7-4619-8e81-4589f3e28f27&sid=dc0564a01bb911ecbd625913e1512fbc&vid=dc059cb01bb911ec88eb830de1390a83&vids=0&ec=form&gc=USD&tpp=1&en=Y&evt=custom&msclkid=N&rn=202597
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 85943E981E4B488A90F6B2D84E8B2859 Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=94777a80-fbe7-4619-8e81-4589f3e28f27&sid=dc0564a01bb911ecbd625913e1512fbc&vid=dc059cb01bb911ec88eb830de1390a83&vids=0&ec=form&gc=USD&tpp=1&en=Y&evt=custom&msclkid=N&rn=945204
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 8752E0397CD54AFE9FF353A08BF74FB7 Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=94777a80-fbe7-4619-8e81-4589f3e28f27&sid=dc0564a01bb911ecbd625913e1512fbc&vid=dc059cb01bb911ec88eb830de1390a83&vids=0&ec=form&gc=USD&tpp=1&en=Y&evt=custom&msclkid=N&rn=780560
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 48E0EFD2EE184A5FB52E256E137F4B17 Ref B: FRAEDGE1321 Ref C: 2021-09-22T15:29:21Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2022%20Sep%202021%2015%3A29%3A21%20GMT&n=0&.yp=10110317&f=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&e=http%3A%2F%2Fgo2.malwarebytes.com%2F&enc=UTF-8&yv=1.10.1&tagmgr=gtm
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:21 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Wed, 22 Sep 2021 15:29:21 GMT
main.e7fd5392.js
s.pinimg.com/ct/lib/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.e7fd5392.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"30ff292a4ebc0e59d7e191b6f654384a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18816
access-control-expose-headers
X-CDN
/
ct.pinterest.com/user/ 		492 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1632324561623
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.0.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3bfee946323a3893d0e5353838678166f085f9f00dbc24af2bca09c545959d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:22 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.54042c17.1632324562.39540023
x-envoy-upstream-service-time
1
x-pinterest-rid
8148867738331795
pin-unauth
dWlkPVl6SmtNV013TXpFdFpqTXdNQzAwWm1ZMUxXRXpNMkl0WXpKbFpXUXlOakJqTWpSag
access-control-allow-origin
https://go.malwarebytes.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
346
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv%22%2C%22ref%22%3A%22http%3A%2F%2Fgo2.malwarebytes.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22e7fd5392%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1632324561624
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.0.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:22 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.54042c17.1632324562.39540026
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
3930259117224118
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=*;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe...
adservice.google.com/ddm/fls/z/ Frame E1D1 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=*;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Requested by
Host: 9812475.fls.doubleclick.net
URL: https://9812475.fls.doubleclick.net/activityi;dc_pre=CKaWnO3ykvMCFfMW0wodoQ8PAg;src=9812475;type=conve0;cat=forms000;ord=1;num=9599127849684;gtm=2wg9k0;auiddc=4531816.1632324561;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9812475.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=*;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt...
adservice.google.com/ddm/fls/z/ Frame F8A7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=*;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Requested by
Host: 8019375.fls.doubleclick.net
URL: https://8019375.fls.doubleclick.net/activityi;dc_pre=CO7jnO3ykvMCFTID0wodcn4A8A;src=8019375;type=conta0;cat=conta00;ord=4287047204431;gtm=2wg9k0;auiddc=4531816.1632324561;u1=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv;~oref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019375.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
805-usg-300.mktoresp.com/webevents/ 		2 B
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1632324561672&_mchCn=preference-center&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1632324561671-38667&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&_mchWs=j1RR&_mchHo=go.malwarebytes.com&_mchPo=&_mchRu=%2Fpreference-center.html&_mchPc=https%3A&_mchVr=160&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Fgo2.malwarebytes.com%2F&_mchQp=mkt_unsubscribe%3D1__-__mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/160/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://go.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 22 Sep 2021 15:29:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
1b7c8d81-62ab-4296-a8e8-a9486f7a3b99
HWyTnY16.min.js
scripts.demandbase.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/HWyTnY16.min.js
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
IE5IzYwU4gx7oNbzFWwbL4ZS6nSJjwBv
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 23:24:47 GMT
server
AmazonS3
age
102
etag
W/"c890c8c9866d4d0ee9b287e7db203091"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Wed, 22 Sep 2021 15:27:40 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
crO1FhSyeN1GLx4d1187ZQPQHOvlnUo8PmFgMp296AOCwesYGtwIbw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1632324561695&cv=9&fst=1632324561695&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3ea773791c87f3f755b76dc31a345dad638ffe223638300729eef7709c9cb8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1194
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930356311/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930356311/?random=1632324561695&cv=9&fst=1632322800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&async=1&fmt=3&is_vtc=1&random=3097057198&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930356311/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930356311/?random=1632324561695&cv=9&fst=1632322800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&ref=http%3A%2F%2Fgo2.malwarebytes.com%2F&async=1&fmt=3&is_vtc=1&random=3097057198&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ip.json
api.company-target.com/api/v2/ 		422 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=http%3A%2F%2Fgo2.malwarebytes.com%2F&page=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&page_title=&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-85.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
539bb6fc4500e8ab9fa8863a167e4c774d5be3348f9d752ca00f5678e3b54d19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
request-id
b8fcc44a-4c20-4b34-9046-434f2b6b9c99
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://go.malwarebytes.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4FQDtJEZbK1CrFOkNVmnYHk7LvY0mW5mDiU4J90WwUIplpG_HpVqgw==
expires
Tue, 21 Sep 2021 15:29:21 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg&verifyHash=135d3a8a25a30219a6e43e05637acf6f7b0c203a
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg&verifyHash=135d3a8a25a30219a6e43e05637acf6f7b0c203a
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-123.fra53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:22 GMT
Via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
ddfc4a998f7e1545
X-Amz-Cf-Id
V0cLo8lRKl51c5pP07R4qicSSdkyhUEcJwvWhCr7p4wOHcoF1vWPpg==

Redirect headers

Date
Wed, 22 Sep 2021 15:29:22 GMT
Via
1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AABQvU7ClpgAAB5_a_Wbjg&verifyHash=135d3a8a25a30219a6e43e05637acf6f7b0c203a
Connection
keep-alive
trace-id
1822eea007a05e97
Content-Length
0
X-Amz-Cf-Id
-SghMYM1KUWdnWwu5h-4wwnxIktA9ZkTKlfNlnFeuevQUQ5zQru1Dw==
464526.gif
id.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:21 GMT
via
1.1 google
alt-svc
clear
content-length
0
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1%26mkt_tok%3DODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&z=147189189
Requested by
Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/preference-center.html?mkt_unsubscribe=1&mkt_tok=ODA1LVVTRy0zMDAAAAF_rRW_un-rPc3Ke1sZXxqAhaBVhWkca8uMZIIDPY8CuWTchvCDMiHa4fpWA83Oit2JpiG_DajRRQdUqIdxLXOdQRw3I9vQ1NFpnU6X2NXw7y509ahv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2893.js
script.crazyegg.com/pages/scripts/0081/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
432729
cf-polished
origSize=4899
cf-ray
692c9186ad382bd6-FRA
ce-version
11.1.331
last-modified
Fri, 17 Sep 2021 15:17:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 15:29:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=19718
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-SH
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000061-IAD, cache-fra19161-FRA
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=jtuxrxn&ct=0:fyckj1z&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.40.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-40-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
ct.pinterest.com/md/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.0.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://go.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 15:29:23 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.54042c17.1632324563.3954111b
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
8370641103106759
expires
Sat, 01 Jan 2000 00:00:00 GMT
ct.html
www.pinterest.de/ Frame 9E7B
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.de/ct.html
423 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.119.104.207 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-119-104-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5551abbcb256a346e9c55810e330380b4a58d65726ae30458b7f83768e5f49ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-bdc6ae3b02bc9c8441745d640f757276' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3528418494615642; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.pinterest.de
:scheme
https
:path
/ct.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.malwarebytes.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-bdc6ae3b02bc9c8441745d640f757276' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3528418494615642; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-bdc6ae3b02bc9c8441745d640f757276' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
113
pinterest-generated-by
coreapp-webapp-prod-0a03df5c
content-encoding
gzip
pinterest-version
44410ad
referrer-policy
origin
x-pinterest-rid
3528418494615642
date
Wed, 22 Sep 2021 15:29:24 GMT
content-length
284
set-cookie
csrftoken=9001a9fa06bae0f13fb24a87786c425e; path=/; expires=Thu, 22 Sep 2022 15:29:24 GMT; samesite=lax; secure _pinterest_sess=TWc9PSYwRFpYZk45WTJ1YVhld2tLQy9EMjRQcDBRVGdLQkRnV2pvOE5SWmNBa3NNU0FJcDZBYUNqZCtneGROVytqSGkyUXIyQXBNdTZpR3ZVV0dPUEsxaUIwTUszTGlNY2k1Ynp6d3YwdWx5Nno2eW43a3ZhY3QwUGgyRy8wbUtlYVQ2ciZlQVJYV0tsajFvbHp3ZzBZUktlQTdGZ08wTHM9; path=/; expires=Sat, 17 Sep 2022 15:29:24 GMT; samesite=none; secure; httponly _auth=0; path=/; expires=Sat, 17 Sep 2022 15:29:24 GMT; secure; httponly _pinterest_referrer=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.pinterest.com _routing_id="12ab7715-d58c-4d2b-a293-b018e649616d"; Max-Age=86400; Path=/; HttpOnly
akamai-grn
0.64dac817.1632324564.1813a9af
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.de/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
110
pinterest-generated-by
coreapp-webapp-prod-0a03ee88
content-encoding
gzip
pinterest-version
44410ad
referrer-policy
origin
x-pinterest-rid
1676426730071372
date
Wed, 22 Sep 2021 15:29:23 GMT
set-cookie
_routing_id="2a4d2626-3772-41be-a25a-c2d8ec2277a7"; Max-Age=86400; Path=/; HttpOnly
akamai-grn
0.64dac817.1632324563.1813a4d0
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
up
insight.adsrvr.org/track/ Frame 0D06 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&upid=r8yigtp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.40.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-40-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=8mirph5&ref=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&upid=r8yigtp&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.malwarebytes.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=25&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=1463195561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=50&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=693821834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=75&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=1124474958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=95&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=427447279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=298158353&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&dr=http%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=100&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=1819231965.1632324561&uid=7F0EC872-9EFF-4707-80F0-AB2F1939CB3E&tid=UA-3347303-10&_gid=1979504152.1632324561&gtm=2wg9k0MKSKW3&z=1606468799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 11:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12933
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2893.json
script.crazyegg.com/pages/data-scripts/0081/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3d83647ee5f86abc678859cd01698a4bd6f86fb8dee536e9dd17fa613ad780

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
cf-cache-status
HIT
age
432727
ce-version
11.1.331
content-length
1349
timing-allow-origin
*
last-modified
Fri, 17 Sep 2021 15:17:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
692c9186dce84a9d-FRA
adsct
analytics.twitter.com/i/ 		31 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dbe643cb-eeaf-428e-b1c3-b2cc52d60212&tw_document_href=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 22 Sep 2021 15:29:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a846edfb4d3cb8bb9f3a6b2b2780385264a87223fbd3ec281a3327ef51489948
x-transaction
f5e26c7f6ff344be
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=dbe643cb-eeaf-428e-b1c3-b2cc52d60212&tw_document_href=https%3A%2F%2Fgo.malwarebytes.com%2Fpreference-center.html%3Fmkt_unsubscribe%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 22 Sep 2021 15:29:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e81bb57fdc941fc301ddffb8207e78a0767d41b2489c27e72d5559f1ba727a48
x-transaction
18ba251169a28cf4
expires
Tue, 31 Mar 1981 05:00:00 GMT
11.1.331.js
script.crazyegg.com/pages/versioned/common-scripts/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 25 Aug 2021 14:00:21 GMT
server
cloudflare
age
432731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
692c9186fdf92bd6-FRA
content-length
21512
2893.json
script.crazyegg.com/pages/sampling-data-scripts/0081/ 		46 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0081/2893.json?t=453423
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 15:29:23 GMT
content-encoding
gzip
cf-cache-status
HIT
age
432727
ce-version
11.1.331
content-length
65
timing-allow-origin
*
last-modified
Fri, 17 Sep 2021 15:17:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
692c91871d5b4a9d-FRA
clock
tracking.crazyegg.com/ 		26 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1632324563129
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.172.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
df8bd3342821e5e03265de1d15c0fe73ae69d8cac4c75ff5b2f7654305745c17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Sep 2021 15:29:23 GMT
cache-control
no-store
server
awselb/2.0
content-length
26
content-type
text/plain
/
www.pinterest.de/_/_/csp_report/ Frame 9E7B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?rid=3528418494615642
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.119.104.207 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-119-104-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-e60230621c89bf2f11d6fb417266ee8b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6658748019615995; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-e60230621c89bf2f11d6fb417266ee8b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6658748019615995; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.64dac817.1632324564.1813aea4
content-security-policy-report-only
script-src 'nonce-e60230621c89bf2f11d6fb417266ee8b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
28
vary
User-Agent, Accept-Encoding
x-pinterest-rid
6658748019615995
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
44410ad
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 22 Sep 2021 15:29:24 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03d643
/
www.pinterest.de/_/_/csp_report/ Frame 9E7B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.119.104.207 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-119-104-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-9ac588d3823c192b0e94588eb4cb3c12' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1899362013099361; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-9ac588d3823c192b0e94588eb4cb3c12' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1899362013099361; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.64dac817.1632324564.1813aec7
content-security-policy-report-only
script-src 'nonce-9ac588d3823c192b0e94588eb4cb3c12' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
27
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1899362013099361
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
44410ad
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 22 Sep 2021 15:29:24 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03f48a
/
www.pinterest.de/_/_/csp_report/ Frame 9E7B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: go2.malwarebytes.com
URL: http://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAF_rRW_uptJ6nMtRsNXhWHEuUgJd_UfWWpIp_zFBENMX6GjdlYCe5CUFuCAviwf5N3WHWiF3_4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.119.104.207 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-119-104-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-9591c51ae96dba66b6afbcdf64422168' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1417064244839477; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-9591c51ae96dba66b6afbcdf64422168' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1417064244839477; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.64dac817.1632324564.1813aecd
content-security-policy-report-only
script-src 'nonce-9591c51ae96dba66b6afbcdf64422168' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
28
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1417064244839477
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
44410ad
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Wed, 22 Sep 2021 15:29:24 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03ea03

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| mktoPreFillFields function| $ function| jQuery function| $jQ object| MktoForms2 object| dataLayer object| jQuery112407113504983060537 string| fieldIds object| fields function| expandFormFields function| showAllFields function| hideFormFields function| demandbaseLoaded object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| _linkedin_data_partner_id string| GoogleAnalyticsObject function| ga object| dotq object| gaplugins object| gaGlobal object| gaData object| webVitals function| cwv_dlv function| gtag function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| uetq object| YAHOO function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| pintrk function| ttd_dom_ready function| TTDUniversalPixelApi object| MunchkinTracker function| __extends object| Demandbase object| __db function| DBSegment number| demandbaseMarketoFormId string| __mktTokVal function| twq object| tradedeskTag boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| twttr string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| CE2BH

28 Cookies

Domain/Path Name / Value
go.malwarebytes.com/ Name: BIGipServerab12web-nginx-app_https
Value: !EAUORv33M2AXTRXw/jjXoMq3bOgvMt2sZV6aKASZfTUxA4DNoR5U4GwHjiA9vuSjOKJfQLh5NLXsMA==
.go.malwarebytes.com/ Name: __cf_bm
Value: zvd.IHfS9oXT8X7ayi32syErwk7icMrTrBTq.JHZ09o-1632324561-0-AZBWoULjxHBKpizZwcaif+jiWwhN6qi5NQ5eycfKytt4A7agvg6kqBuHfGae+3QYygVZoihQ0KAn/vKhust7Glo=
.malwarebytes.com/ Name: _gcl_au
Value: 1.1.4531816.1632324561
.malwarebytes.com/ Name: gaUserID
Value: 7F0EC872-9EFF-4707-80F0-AB2F1939CB3E
.malwarebytes.com/ Name: _ga
Value: GA1.2.1819231965.1632324561
.malwarebytes.com/ Name: _gid
Value: GA1.2.1979504152.1632324561
.bing.com/ Name: MUID
Value: 2E61E2A21F2B6877135DF2181EF96924
.malwarebytes.com/ Name: _dc_gtm_UA-3347303-10
Value: 1
.malwarebytes.com/ Name: __gtm_referrer
Value: http%3A%2F%2Fgo2.malwarebytes.com%2F
.malwarebytes.com/ Name: _uetsid
Value: dc0564a01bb911ecbd625913e1512fbc
.malwarebytes.com/ Name: _uetvid
Value: dc059cb01bb911ec88eb830de1390a83
.doubleclick.net/ Name: IDE
Value: AHWqTUng2R442_1s3m7EtSxpMWXygUh2WXIR1RIK8f4ToBVwEJb9GYZQNVMdBMKwIlY
.malwarebytes.com/ Name: _mkto_trk
Value: id:805-USG-300&token:_mch-malwarebytes.com-1632324561671-38667
.yahoo.com/ Name: A3
Value: d=AQABBNFLS2ECEAaWTG9aXWbkgZ1y7KIpKycFEgEBAQGdTGFVYQAAAAAA_SMAAA&S=AQAAAjsZ3ET0re70ynjHiEhWsZo
.linkedin.com/ Name: UserMatchHistory
Value: AQIcrbIK1eHYqwAAAXwOICuh_AvNct2xl9uEemVmz7Q-ZWe-1lfIF8BLLGTfpF757BBUeD83CR7Y0A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJFzlUwRoFmTwAAAXwOICuhBjLeaVTntN9fzqBxYAHEyzWn-fHNTrGIGC3j5d6njKKb44WN7Gxc3hZFIwTScw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2face9b1-0c0b-445f-8347-dced13cf2a80"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2220:u=1:x=1:i=1632324561:t=1632410961:v=2:sig=AQHGXxh52qSacdA0xN5oosBdivDk4MTh"
.bidr.io/ Name: bito
Value: AABQvU7ClpgAAB5_a_Wbjg
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202109221529226bf21710-3a1d-4646-8330-96150c6fac2bAQEH0ja5ECqMHDg5_piqHEkKM4g7IXRT"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzIzMjQ1NjI7MjswMjF4Rkj4xWdpoyZQ4WcAfOwnV97WxTvAejuobccTnSoroQ==
.company-target.com/ Name: tuuid
Value: cd46f5c7-1e4e-4314-bf67-320dd43d087e
.company-target.com/ Name: tuuid_lu
Value: 1632324562
.go.malwarebytes.com/ Name: _pin_unauth
Value: dWlkPVl6SmtNV013TXpFdFpqTXdNQzAwWm1ZMUxXRXpNMkl0WXpKbFpXUXlOakJqTWpSag
.twitter.com/ Name: personalization_id
Value: "v1_VMWAk3Eo9IFC9sTsN6t9xA=="

3 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-bdc6ae3b02bc9c8441745d640f757276' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019375.fls.doubleclick.net
805-usg-300.mktoresp.com
9812475.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
analytics.twitter.com
api.company-target.com
bat.bing.com
ct.pinterest.com
go.malwarebytes.com
go2.malwarebytes.com
googleads.g.doubleclick.net
id.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
s.yimg.com
script.crazyegg.com
scripts.demandbase.com
secure.perk0mean.com
segments.company-target.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
www.malwarebytes.org
www.pinterest.com
www.pinterest.de
104.119.104.207
104.17.71.206
104.17.72.206
104.244.42.197
104.244.42.3
108.174.10.14
13.32.22.85
142.250.185.166
142.250.186.66
143.204.207.123
143.204.207.85
143.204.207.88
151.101.12.157
192.28.144.124
212.82.100.181
23.44.0.191
23.56.213.107
2600:9000:206f:400:16:26c7:ff80:93a1
2606:4700::6810:7daf
2606:4700::6813:9308
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:801::2004
2a00:1450:4001:802::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c04::9b
2a02:26f0:6c00:296::25ea
2a04:4e42:1b::84
34.252.40.252
35.244.174.68
51.11.20.152
52.30.222.33
54.73.172.176
65.9.65.116
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
02b446a5902857bf7bd9764048abc424bf92044245c4cd02cf9358df16208956
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
1e3d83647ee5f86abc678859cd01698a4bd6f86fb8dee536e9dd17fa613ad780
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
30089b6e185937bcf67cd549e00371d1147de80d79457da18acae77e72ce1f92
317950f47bcf865861a0925b8970c15ae67d16e4765bd6f1e06e36283a259762
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20
34c1559b5f9c1aecad7f43c831b149b9f7d0e2fa02e287281e1a73cf3992092b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bfee946323a3893d0e5353838678166f085f9f00dbc24af2bca09c545959d18
46fb8429adf3d4517b57ba74ac5bd7286aa0c49cfb1a667431811e33fa0d0c61
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659
539bb6fc4500e8ab9fa8863a167e4c774d5be3348f9d752ca00f5678e3b54d19
554b3f1ed537a065f20a96cdc9a5975ebbfdf53ebad3ab3f001a919c2ce5678d
5551abbcb256a346e9c55810e330380b4a58d65726ae30458b7f83768e5f49ec
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
aa40d5f102089b18f608394bdf992a2c3a6127f1a4b541c74440dac6018894dc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
c3ea773791c87f3f755b76dc31a345dad638ffe223638300729eef7709c9cb8f
c619cba7f9125caf13ce31100514f2fcb491543f6f0cc26ee4c8d08826f49d7d
c9b2f25f41b7ff545aff01bca8720881b1f87a4a39980d6ce014fa00969d9c40
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df8bd3342821e5e03265de1d15c0fe73ae69d8cac4c75ff5b2f7654305745c17
e09663ac6ce6407ba00d3724d65154d4e48a31aae56db105bace66a2a43f36ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2778e580600ffe21478eb964b1982bbf9ad612ced6d519c007045e6dae36ba4
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3