www.malwarebytes.com Open in urlscan Pro
2600:9000:2156:d800:8:d3fb:39c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.malwarebytes.com/premium/
Submission: On February 14 via api (February 14th 2020, 6:29:13 pm UTC) from US

Summary HTTP 101 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 35 domains to perform 101 HTTP transactions. The main IP is 2600:9000:2156:d800:8:d3fb:39c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on December 6th 2018. Valid for: 2 years.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2600:9000:215... 2600:9000:2156:d800:8:d3fb:39c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	152.195.132.202 152.195.132.202	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
5	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	23.21.50.37 23.21.50.37	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.140.39.77 51.140.39.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
1	13.224.196.121 13.224.196.121	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:382::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.94.49 143.204.94.49	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.123.193 52.214.123.193	16509 (AMAZON-02) (AMAZON-02)
1 2	13.224.196.57 13.224.196.57	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
1	54.243.118.36 54.243.118.36	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:10c... 2a02:26f0:10c:395::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.208.204.25 52.208.204.25	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	99.81.228.121 99.81.228.121	16509 (AMAZON-02) (AMAZON-02)
1	52.206.45.211 52.206.45.211	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	35.158.55.216 35.158.55.216	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
101	42

38 2600:9000:2156:d800:8:d3fb:39c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.132.202 (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.50.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-50-37.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.39.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.perk0mean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-121.fra2.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f38.1e100.net

8019375.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-49.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.123.193 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-123-193.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.196.57 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-57.fra2.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.118.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-118-36.compute-1.amazonaws.com

sample-api-v2.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:10c:395::1d72 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

udgrbq.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.204.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-204-25.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.228.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.45.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-45-211.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.55.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-55-216.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	malwarebytes.com www.malwarebytes.com udgrbq.malwarebytes.com	3 MB
6	yotpo.com staticw2.yotpo.com p.yotpo.com	175 KB
5	vimeo.com player.vimeo.com	6 KB
4	doubleclick.net 2 redirects 8019375.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	facebook.com 1 redirects www.facebook.com	881 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	vimeocdn.com i.vimeocdn.com	468 KB
3	cloudflare.com cdnjs.cloudflare.com	6 KB
2	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com	1 KB
2	avocet.io 1 redirects ads.avocet.io	900 B
2	quora.com a.quora.com q.quora.com	14 KB
2	facebook.net connect.facebook.net	143 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	310 B
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	crazyegg.com script.crazyegg.com sample-api-v2.crazyegg.com	18 KB
2	bing.com bat.bing.com	8 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
2	cookielaw.org cdn.cookielaw.org	26 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	685 B
1	atdmt.com cx.atdmt.com	433 B
1	twitter.com analytics.twitter.com	634 B
1	googleadservices.com www.googleadservices.com	10 KB
1	t.co t.co	448 B
1	licdn.com snap.licdn.com	2 KB
1	demandbase.com scripts.demandbase.com	16 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	perk0mean.com secure.perk0mean.com	403 B
1	ipify.org api.ipify.org	247 B
1	jsdelivr.net cdn.jsdelivr.net	15 KB
1	jquery.com code.jquery.com	30 KB
101	35

	Domain	Requested by
38	www.malwarebytes.com	www.malwarebytes.com www.googletagmanager.com
5	player.vimeo.com	www.malwarebytes.com code.jquery.com
4	staticw2.yotpo.com	www.malwarebytes.com staticw2.yotpo.com
3	www.facebook.com	1 redirects
3	www.google-analytics.com	1 redirects www.malwarebytes.com
3	i.vimeocdn.com	www.malwarebytes.com
3	cdnjs.cloudflare.com	www.malwarebytes.com code.jquery.com
2	p.yotpo.com
2	ads.avocet.io	1 redirects
2	connect.facebook.net	www.malwarebytes.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.malwarebytes.com
2	segments.company-target.com	1 redirects www.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	www.google.de	www.malwarebytes.com
2	www.google.com	1 redirects www.malwarebytes.com
2	8019375.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.com	www.malwarebytes.com
2	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
2	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
1	fonts.gstatic.com
1	fonts.googleapis.com
1	cx.atdmt.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	q.quora.com
1	insight.adsrvr.org	js.adsrvr.org
1	analytics.twitter.com	static.ads-twitter.com
1	udgrbq.malwarebytes.com	code.jquery.com
1	a.quora.com	www.malwarebytes.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	sample-api-v2.crazyegg.com	script.crazyegg.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	t.co	www.malwarebytes.com
1	api.company-target.com	scripts.demandbase.com
1	stats.g.doubleclick.net	1 redirects
1	snap.licdn.com	www.malwarebytes.com
1	scripts.demandbase.com	www.malwarebytes.com
1	js.adsrvr.org	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	static.ads-twitter.com	www.malwarebytes.com
1	secure.perk0mean.com	www.googletagmanager.com
1	api.ipify.org	code.jquery.com
1	cdn.jsdelivr.net	www.malwarebytes.com
1	code.jquery.com	www.malwarebytes.com
101	45

This site contains links to these domains. Also see Links.

Domain
onetrust.com
blog.malwarebytes.com
resources.malwarebytes.com
support.malwarebytes.com
www.youtube.com
press.malwarebytes.com
jobs.malwarebytes.com
my.malwarebytes.com
cloud.malwarebytes.com
forums.malwarebytes.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
de.malwarebytes.com
es.malwarebytes.com
fr.malwarebytes.com
it.malwarebytes.com
pt.malwarebytes.com
br.malwarebytes.com
nl.malwarebytes.com
pl.malwarebytes.com
ru.malwarebytes.com

Subject Issuer	Validity	Valid
*.malwarebytes.com DigiCert SHA2 High Assurance Server CA	`2018-12-06` - `2020-12-09`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
sa437gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-05-17` - `2020-08-19`	2 years	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-14` - `2020-03-22`	6 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.vimeo.com DigiCert SHA2 Secure Server CA	`2018-08-24` - `2020-04-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-26` - `2020-03-25`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-28` - `2020-08-05`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2018-06-08` - `2020-08-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2019-03-18` - `2020-06-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
quora.com Let's Encrypt Authority X3	`2019-12-29` - `2020-03-28`	3 months	crt.sh
udgrbq.malwarebytes.com DigiCert ECC Secure Server CA	`2019-11-26` - `2020-11-30`	a year	crt.sh
*.avocet.io Amazon	`2019-07-06` - `2020-08-06`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-02-02` - `2020-05-02`	3 months	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.malwarebytes.com/premium/
Frame ID: EC75842D4BDBCB08A04BD6EA5360EF72
Requests: 91 HTTP requests in this frame

Frame: https://8019375.fls.doubleclick.net/activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772
Frame ID: 88D9EA609F733C88714594846AAF901E
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884175?loop=1&app_id=122963
Frame ID: 1CF060224F13A3A538E2440B2D167DB4
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884175?loop=1&app_id=122963
Frame ID: B82A4590F3AB221A03B4B83516E5DA03
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884175?loop=1&app_id=122963
Frame ID: 323B9F5AF5BC90FDE1713070E2513CD5
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884175?loop=1&app_id=122963
Frame ID: 6F17053C1CE8F69D0727F52ADE736569
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884110?loop=1&app_id=122963
Frame ID: 355D22C27003E5A44DF853F5E9999BB2
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/369884110?loop=1&app_id=122963
Frame ID: EBDFB00C57AEF36857F24D099B3415C0
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/352360513?loop=1&app_id=122963
Frame ID: 331F168A4E5435878EA9394B00E4F403
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/352360513?loop=1&app_id=122963
Frame ID: BC5440CE562E2FE34931EB3C61615EC2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&upid=r8yigtp&upv=1.1.0
Frame ID: E7135D2897B0FB3BC022CCA6FA63637A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Page Statistics

101
Requests

96 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

42
IPs

8
Countries

3882 kB
Transfer

6122 kB
Size

10
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threats/
Title: Threat Center

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/tech-support-scams/
Title: Scams

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/mbtv/
Title: MBTV

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/authors/
Title: Contributors

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/glossary/
Title: Glossary

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/casestudies/
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#analyst-reports
Title: Analyst Reports

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/webinars/
Title: Webinars

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#infographics
Title: Infographics

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/
Title: View all

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7JQhkZpiyvGPufW2RPBoQ
Title: Training For Home Products

Search URL Search Domain Scan URL

URL: https://press.malwarebytes.com/
Title: News & Press

Search URL Search Domain Scan URL

URL: https://jobs.malwarebytes.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login
Title: My Account

Search URL Search Domain Scan URL

URL: https://cloud.malwarebytes.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/sections/360005863113%60%60
Title: Click here

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/categories/360002458014-Malwarebytes-for-Windows%60%60
Title: support

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/
Title: My Account

Search URL Search Domain Scan URL

URL: https://forums.malwarebytes.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.malwarebytes.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.malwarebytes.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://it.malwarebytes.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt.malwarebytes.com/
Title: Português (Portugal)

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/
Title: Português (Brazil)

Search URL Search Domain Scan URL

URL: https://nl.malwarebytes.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.malwarebytes.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://ru.malwarebytes.com/
Title: Pусский

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772 HTTP 302
https://8019375.fls.doubleclick.net/activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772

Request Chain 60

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=493239417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1375386212&gjid=943735273&cid=1405985014.1581704934&tid=UA-3347303-10&_gid=1927110986.1581704934&_r=1&cd20=cmpId%3A51079%3BvarId%3A1796859%7CcmpName%3AA_B%20Test%20New%20Year%20Promo%20_Live%202_6_%20Paused%202_7_%20Live%202_11_%3BvarName%3AVariation&cd1=cmpId%3A51079%3BvarId%3A1796859%7CcmpName%3AA_B%20Test%20New%20Year%20Promo%20_Live%202_6_%20Paused%202_7_%20Live%202_11_%3BvarName%3AVariation&z=600920677 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_gid=1927110986.1581704934&gjid=943735273&_v=j81&z=600920677 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677&slf_rd=1&random=12933034

Request Chain 62

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg&verifyHash=b71e2c7e8485392b110d52d377a9aaec92d3c391

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1056361%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fpremium%252F%26time%3D1581704934320%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320&liSync=true

Request Chain 76

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j HTTP 302
https://ads.avocet.io/s?bounce=true&add=5b8e9b462be173e55d6569fc&ty=j

Request Chain 91

https://sslwidget.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294 HTTP 302
https://widget.us.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294

Request Chain 95

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&rl=&if=false&ts=1581704935272&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes%22%2C%22meta%3Adescription%22%3A%22Malwarebytes%20for%20Windows%20protects%20your%20PC%20from%20advanced%20malware%20and%20ransomware%2C%20replacing%20antivirus%20software%20with%20technologies%20designed%20to%20prevent%20today%27s%20online%20threats.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F%22%2C%22og%3Asite_name%22%3A%22Malwarebytes%22%2C%22og%3Adescription%22%3A%22Malwarebytes%20for%20Windows%20protects%20your%20PC%20from%20advanced%20malware%20and%20ransomware%2C%20replacing%20antivirus%20software%20with%20technologies%20designed%20to%20prevent%20today%27s%20online%20threats.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Fimages%2Fuploads%2F2019%2F10%2F15040055%2Fvideo-image%25403x.png%22%2C%22og%3Atitle%22%3A%22Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22aggregateRating%22%3A%7B%22%40type%22%3A%22AggregateRating%22%2C%22ratingValue%22%3A%224.9%22%2C%22reviewCount%22%3A%22747%22%7D%2C%22name%22%3A%22Malwarebytes%20%7C%20Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%22%7D%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1581704934756.410907243&it=1581704934727&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=7248325253943842932&f=AYzXZ0jdBJzCOaE9NcWnDx7dU_27Zt6TDtDlSWYjQWcXagrA9xyk2tFUC-3xh48ZJniH2mKD0Vmni4xggOFgG_cI&id=1480959392203028&l=3&v=0

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.malwarebytes.com/premium/ 92 KB
18 KB 185ms
121ms Document
text/html 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 1528f4c6f5e74e3bee3eb9e249ef2f851af7fedfa6f6ed1dcc356594d206750d

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /premium/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
content-type: text/html
content-length: 17212
date: Fri, 14 Feb 2020 17:47:27 GMT
server: awselb/2.0
set-cookie: SSID=CAA1aB1iAAAAAADl5kZe1UeDA-XmRl4BAAAAAAAAAAAA5eZGXgBNNYfHAAP7ahsA5eZGXgEAw6gAAbsNFQDl5kZeAQCaqgABBW4VAOXmRl4BACbGAAHyNRsA5eZGXgEAXsMAAa2RGgDl5kZeAQAtswABikEXAOXmRl4BAHDJAAHEsBsA5eZGXgEA; path=/; domain=.malwarebytes.com; expires=Sat, 13-Feb-2021 18:28:53 GMT SSSC=551.G6793370959215806421.1|43203.1379771:43674.1404421:45869.1524106:50014.1741229:50726.1783282:51079.1796859:51568.1814724; path=/; domain=.malwarebytes.com SSRT=5eZGXgABAA; path=/; domain=.malwarebytes.com; expires=Sat, 13-Feb-2021 18:28:53 GMT
rtss: 1-2-14
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
vary: Accept-Encoding
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1 FRA50-C1
pragma: no-cache
expires: Sun, 18 Aug 2019 18:02:21 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-id: ghOUmn11DUSUMe6j0h9FvZ1_0j8IY_SaX4dVCU-lHM0kJn5irl4Gyg==
age: 2485

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 19ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.malwarebytes.com/premium/
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 18:28:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1581704933.dop030.fr8.shc,1581704933.dop030.fr8.t,1581704933.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
cdn.cookielaw.org/consent/ 141 KB
21 KB 36ms
9ms Script
application/x-javascript 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) /
Resource Hash: 59ff0c91b28ba42a5649f719c02f1c1b38477cf3c0fff67b468a8a5e033c49df

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
content-md5: GLtA/HFIPKnZ/sXMD/MDiA==
age: 7896
x-cache: HIT
status: 200
content-length: 20741
x-ms-lease-status: unlocked
last-modified: Tue, 03 Dec 2019 22:03:26 GMT
server: ECAcc (frc/8F1E)
etag: 0x8D7783C9F624EA7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f3c99420-f01e-008f-2252-e396ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 14 Feb 2020 22:28:54 GMT

GET
H2 200 slick.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 87 KB
15 KB 14ms
12ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 386171
cf-ray: 56511abd6db7dfcf-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21023-AMS, cache-fra19144-FRA
server: cloudflare
etag: W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
627 B 14ms
13ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 23731631
cf-ray: 56511abd6afc9ac2-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:26:46 GMT
server: cloudflare
etag: W/"5afd4ad6-6c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 03 Feb 2021 18:28:53 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 slick-theme.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 3 KB
876 B 19ms
18ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 641448
cf-ray: 56511abd6afe9ac2-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:37 GMT
server: cloudflare
etag: W/"5afd4a91-c49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 03 Feb 2021 18:28:53 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 styles.css
www.malwarebytes.com/css/CMS/css/ 272 KB
39 KB 12ms
11ms Stylesheet
text/css 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/CMS/css/styles.css
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d94041bf009ff6659388cc0850edd5d41315b5a98c58f5b4a154f6d0962a64f4

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 00:15:22 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 00:07:43 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xGSO8S_vB19svXLqc0ESoz8XLKJloUQnP68ogUhuJde-jnQ83YwHFw==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 homepage.css
www.malwarebytes.com/css/CMS/css/pages/ 39 KB
5 KB 17ms
16ms Stylesheet
text/css 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/CMS/css/pages/homepage.css?d=123
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b1dacaab85bbf4df63c5d7285c74e67b29bf03565e21f73e1302c7be46f5d44

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 18:28:38 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:39 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GJC2YCW23kfcaH1jNN3_nFxaI_68ANz4BlBIqlCwRpzLVRyw06t0Sw==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 21 KB
7 KB 24ms
22ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 82cb1795a37860a5cfc79636942092b4f42c4db919d2df99752fbc03f11f6f62

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
rtss: 1-2-121
content-length: 6733
sbss: 1
last-modified: Sun, 02 Feb 2020 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: egdHqMN5DiGs2wF3LeqLEkNiFOGiVLws_-t9iEWTFyohjmp2MqyEsg==
expires: Sat, 15 Feb 2020 18:28:53 GMT

GET
H2 200 information.svg
www.malwarebytes.com/__ssobj/static/ 818 B
834 B 24ms
23ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/__ssobj/static/information.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1b918aa10cba77d40f0e0f2a5c814ae151defc4baa989a097d3b1e6852a2534e

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 23:22:22 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
accept-ranges: bytes
rtss: 1-2-65
content-length: 492
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
sbss: 1
x-amz-cf-id: 2VWSgUmrGo5D9F6bhZpBz26cDYvJb5iUybbOlzg_0aAxC8dRKTFuZg==

GET
H2 200 836776008_960.png
i.vimeocdn.com/video/ 244 KB
244 KB 23ms
9ms Image
image/png 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/836776008_960.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 205f32eaa9dab5ef671e68c42097fb686e8ce37be869b92d44f1b010850e58ed

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 743560
x-cache: miss, HIT, HIT
status: 200
x-backend-server: varnish
content-length: 249352
viewmaster-server: viewmaster-us-central1-rtz5
x-served-by: cache-dfw18644-DFW, cache-hhn4066-HHN
x-timer: S1581704934.995671,VS0,VE2
etag: 0304332ced917d723c0b3580c1a1f9ed
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Rated-Excellent-horiz_small.png
www.malwarebytes.com/images/uploads/2019/12/17231123/ 9 KB
9 KB 372ms
368ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/12/17231123/Rated-Excellent-horiz_small.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c0aea789c298fcaa0e3cde2466ed24a32d81c1091449cbdd14cd545c450a762

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 28 Jan 2020 21:36:01 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 23:11:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f73181c26c5864e257c4aa3d2265695d"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8965
x-amz-cf-id: xHnCh9CTm3vgmq3ldx4B7OEcW6EdKxI9erZEAkxivIiRfpoXOFduWw==
expires: Wed, 16 Dec 2020 23:11:23 GMT

GET
H2 200 icn-1.svg
www.malwarebytes.com/images/uploads/20190704100415/ 35 KB
27 KB 370ms
367ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/20190704100415/icn-1.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d5aa9eb520886e2ac7d445c4f11b8c2154e373b243fe8d9287c0b87443ca7b

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2019 10:04:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fe43f10164c1eceb395afc0be1810d80"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27321
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: PY2uJoHVtrYAjRnfB0bCPf74gNtdAmntbYR6nCTAzcUS-nkmc8B40w==
expires: Fri, 03 Jul 2020 10:04:15 GMT

GET
H2 200 AntiMalware_Platinum-Copy.png
www.malwarebytes.com/images/uploads/2019/12/17231252/ 96 KB
97 KB 379ms
375ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/12/17231252/AntiMalware_Platinum-Copy.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7c71029ec73f9de9edfd22afc968273a8957619afaf9102e504bc46436faa57

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 23:12:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "5509c4b3d5ae9ed36396600f5145fab2"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98737
x-amz-cf-id: HxLhMHPb61nAphbBaTiVgK61n6uKyZmr2cl_9MqEFIOC_m3aH5A4wQ==
expires: Wed, 16 Dec 2020 23:12:52 GMT

GET
H2 200 icn-4.svg
www.malwarebytes.com/images/uploads/20190704100454/ 30 KB
23 KB 370ms
366ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/20190704100454/icn-4.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2804f80ffc223649a98e446a4acb4de07ce23abce98c7d1747f195b2179efa71

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2019 10:04:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "1d8df41a8e6bd8a854c166efa61c8c39"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23244
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: pLPvjCOyL2M1yeMBpinkqicy4XLapR-Zle0ES9mGUJTFBtPFk_2qjw==
expires: Fri, 03 Jul 2020 10:04:54 GMT

GET
H2 200 icn-5.svg
www.malwarebytes.com/images/uploads/20190704100510/ 5 KB
2 KB 411ms
407ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/20190704100510/icn-5.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59d5c5422610a4a408c388c1ff7a16ddf4ee73df9f08d1953727a79102660b66

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2019 10:05:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "dd16d62b5a827dbf6dd7fe2069397542"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1917
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: U17jLBi9Ql7C0sJTx-zGKALm5bqOhTO9DTDGMQ0z5bzsX4LBJvyfDA==
expires: Fri, 03 Jul 2020 10:05:10 GMT

GET
H2 200 illustration-1.svg
www.malwarebytes.com/images/uploads/2019/10/03122944/ 6 KB
2 KB 415ms
411ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/03122944/illustration-1.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 270de920851099caa2043aefd0aed23e12587607e710a0c4d5493e0d8d73ee62

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Oct 2019 12:29:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "7a91235196c4947866946afb8a640382"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1818
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: 48VF_DcPmHb7YprQstshDBpFmteaGKA_0qol0tIpvX-3ftv07QJZ0w==
expires: Fri, 02 Oct 2020 12:29:44 GMT

GET
H2 200 illustration-2.svg
www.malwarebytes.com/images/uploads/2019/10/03123141/ 4 KB
2 KB 386ms
382ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/03123141/illustration-2.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87b02a7987ffdfd30599afc0123f90f002eaa2688e311c4eecc6b6537408d0d

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Oct 2019 12:31:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b1107df3df422395c5252bab82065d11"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1485
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: qIiofJfyXbjDxFYaoUeUc90KkUlOEw32tzsYKr5c8jnnI8t6ifagNQ==
expires: Fri, 02 Oct 2020 12:31:41 GMT

GET
H2 200 illustration-3.svg
www.malwarebytes.com/images/uploads/2019/10/03123342/ 6 KB
2 KB 381ms
377ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/03123342/illustration-3.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5de483f2ecb94241e9a4f24e8c02673d3c40f9582e0859e35bf91bdc6bebb18

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Oct 2019 12:33:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "28449e7430849d8c35541e478141a280"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1901
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: 89hkVIgrPh3Q7KxGJr1XCYvho5EXH2mHO6MGpz3SMfJgx-XJvbBXRw==
expires: Fri, 02 Oct 2020 12:33:42 GMT

GET
H2 200 826956569_960.png
i.vimeocdn.com/video/ 193 KB
193 KB 13ms
10ms Image
image/png 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/826956569_960.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a67fedf879a6fde2ef212e8685226e649f04efab2ac212263af311cb816388d

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 989332
x-cache: miss, HIT, HIT
status: 200
x-backend-server: varnish
content-length: 197172
viewmaster-server: viewmaster-us-central1-8j29
x-served-by: cache-dfw18625-DFW, cache-hhn4066-HHN
x-timer: S1581704934.043920,VS0,VE1
etag: 18b665f6446878b5897daca979f5fc54
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 MB4-Premium1.png
www.malwarebytes.com/images/uploads/2019/10/21074105/ 603 KB
604 KB 23ms
19ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/21074105/MB4-Premium1.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e63c9628517cdc9b06bb34da2a40e8bd344a8f57d37a521316ae0f296d75e23

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 07:41:06 GMT
server: AmazonS3
age: 16
etag: "79d6248a2a5f31c87ebaaa4893cdcac5"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 617200
x-amz-cf-id: S218gxMk4aski3VB2NjQW9gbDOahrP0TFLBAIGmgGrK52UFn6-4ZPg==
expires: Tue, 20 Oct 2020 07:41:05 GMT

GET
H2 200 RTP-My-Computer2.png
www.malwarebytes.com/images/uploads/2019/10/21074128/ 664 KB
666 KB 398ms
395ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/21074128/RTP-My-Computer2.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1014b5253c3a208490f0cafa8175f6dceb7d1117e9e7152a8a66aa9266b1ed40

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 07:41:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fa79c6ee0b1bc4f9b52b7a916aceef32"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 680301
x-amz-cf-id: 41BHk4SQbtniAOa-UNgCAiJcOB5X8rQK5OgYG3xAkl3Bz7RP6Jv6Qg==
expires: Tue, 20 Oct 2020 07:41:28 GMT

GET
H2 200 Scanning-almost-complete4.png
www.malwarebytes.com/images/uploads/2019/10/21074150/ 327 KB
328 KB 394ms
391ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/21074150/Scanning-almost-complete4.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 875f6613ee5ec4264664ae60a0aac1388569d520a60ceea2f053d5ee9bbecfb1

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 07:41:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "8b1569ec5145f35fa18979038a9abb5e"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 334791
x-amz-cf-id: MU5826wril2fn8lfA7ixlgeLbcJpXQP8yfzi3tXXBatZnVj9XhVd6g==
expires: Tue, 20 Oct 2020 07:41:50 GMT

GET
H2 200 Scan-summary5.png
www.malwarebytes.com/images/uploads/2019/10/21074217/ 323 KB
324 KB 384ms
381ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/21074217/Scan-summary5.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7009d053d9cf047c53abe9a3ac7435fea85ad95a13ea3360802be3457d9161bf

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 07:42:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "9152b464420502323dc05150702c78a4"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 331040
x-amz-cf-id: 83UhQSrA-lPYyzhgv4ulVZFD9xieGwm9OzxLaDrwGab7BOrzNu0IXQ==
expires: Tue, 20 Oct 2020 07:42:17 GMT

GET
H2 200 blockedpage6.png
www.malwarebytes.com/images/uploads/2019/10/21074244/ 340 KB
341 KB 380ms
377ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/10/21074244/blockedpage6.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9453597cd7387dd0f52ddc2f74749d00072d2bddded33fa138094d9c918618f5

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 07:42:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "b2002421fa02656f0a0d682f48e380f9"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 348272
x-amz-cf-id: Ww-_KnAJVV47-aHrCZIl3vhWIWuBYtMHxso7X_ajHbKrWCYt8HtinA==
expires: Tue, 20 Oct 2020 07:42:44 GMT

GET
H2 200 804223606_960.png
i.vimeocdn.com/video/ 31 KB
31 KB 12ms
9ms Image
image/png 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/804223606_960.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19fd2a427f0daa487aa07a4dae2850fee208ae736ead5655fdd0b50f2c99efc5

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1048907
x-cache: miss, HIT, HIT
status: 200
x-backend-server: varnish
content-length: 31561
viewmaster-server: viewmaster-us-central1-48zp
x-served-by: cache-dfw18637-DFW, cache-hhn4066-HHN
x-timer: S1581704934.043892,VS0,VE1
etag: 8e472e2f0958aa8cbe7bd0afcd8b92a9
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 green-checkmark.png
www.malwarebytes.com/images/CMS/tables/ 692 B
1013 B 390ms
387ms Image
image/png 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/CMS/tables/green-checkmark.png
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 287be3f1dd50b8463a5bddd476955c8b5220293fbafbd150d0011ace1a8e1039

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 09 Aug 2019 18:07:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "4612c9a3e96a186ae4207053b1761951"
x-cache: RefreshHit from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 692
x-amz-cf-id: eG7KQrpWdsIfsjEGhTsw6XYpl_zfdSsQIGKAb73XY3waNJjrd_77lQ==

GET
H2 200 Software-requirements.svg
www.malwarebytes.com/images/uploads/2019/08/21101350/ 2 KB
2 KB 43ms
40ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/08/21101350/Software-requirements.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e4518cd41b1565c923ec74c2f60ce7785917e693eb4aaebfd1dbd646377ca2

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
age: 2
x-cache: Hit from cloudfront
status: 200
content-length: 1174
last-modified: Wed, 21 Aug 2019 10:13:51 GMT
server: AmazonS3
etag: "92205eb6186191413e7fb1e4ba2b1d49"
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RPZi0doQOv0oUOvmBqTpK4U2mh2eX0w0uHweWi-XRtKBUmd9Nn3NOw==
expires: Thu, 20 Aug 2020 10:13:50 GMT

GET
H2 200 Hardware-requirements.svg
www.malwarebytes.com/images/uploads/2019/08/21101448/ 4 KB
2 KB 384ms
382ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/08/21101448/Hardware-requirements.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 506063346372e0c809fe88dcd79b7a3fd19185d370b10b70c0c4f4c929fbf0c3

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 10:14:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "3be8ee6539ae52a7344697d03076a134"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1449
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id: bgxA_IamUtLxuskLuRMV_3jTRyx8d8AeYJfvp0YBSflBqTDgfYETyg==
expires: Thu, 20 Aug 2020 10:14:48 GMT

GET
H2 200 Languages-supported.svg
www.malwarebytes.com/images/uploads/2019/08/21101257/ 5 KB
3 KB 43ms
41ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/08/21101257/Languages-supported.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a96e05abadef5434c168200854d234be133b7b652ee7d8c66e3dd9e4b7b33692

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
age: 2
x-cache: Hit from cloudfront
status: 200
content-length: 2177
last-modified: Wed, 21 Aug 2019 10:12:58 GMT
server: AmazonS3
etag: "2ab3d56e17ae491478a6c20ce195c7a5"
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: HTTJxUUWTa8CC5NROeliniSxo1v5b9xah8FEmCRmQWc84nciW9tXlw==
expires: Thu, 20 Aug 2020 10:12:57 GMT

GET
H2 200 Version.svg
www.malwarebytes.com/images/uploads/2019/08/21101026/ 829 B
846 B 44ms
41ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/uploads/2019/08/21101026/Version.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c41e371b8f4c5cb9e577f890402216448a0d80c6fbce1a6b7002b1d3c09a81d4

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
age: 2
x-cache: Hit from cloudfront
status: 200
content-length: 448
last-modified: Wed, 21 Aug 2019 10:10:27 GMT
server: AmazonS3
etag: "2680e8dd5c4945d8cf56c477c91e165d"
content-type: image/svg+xml
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0NoxidFFMM8sPxgZgr0GP9p8iF6y7_hpHbGHkxp4q8s_OrIDgjz9eg==
expires: Thu, 20 Aug 2020 10:10:26 GMT

GET
H2 200 head.js Show response
www.malwarebytes.com/js/cms/ 706 B
1 KB 7ms
7ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/head.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d443262e11c8bc284b4b606a0bcc82579080a7ef2dc4278d75ed7c5a2079023

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 04 Feb 2020 23:27:34 GMT
server: AmazonS3
age: 16
etag: "28dedb2bd4a0a1435c3440e6cc2d06d1"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 706
x-amz-cf-id: l2VN3nINwE0NpAHC8m4fKKebhxnBeP4owJ0BQPwXLexDY-OyekmqlQ==

GET
H2 200 useragent.js Show response
www.malwarebytes.com/js/cms/ 1 KB
919 B 9ms
9ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/useragent.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1857dda3806aebd4b106c739d937d1989a6f1a5983cf80b47a5194b6538abf64

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:45 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VhgAjnkKHk8HGh8hkC9zpmR9hWAyPsjbyfIi6LLGiRyhNjd28MkQjQ==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/cms/ 14 KB
6 KB 14ms
10ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/modernizr.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:45 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fTP0oTad4YIvs0FiTfdLTdCdDWFDBxiEQYpdqygjd8f0t8sgMyTGYA==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.js Show response
www.malwarebytes.com/js/cms/ 67 KB
14 KB 15ms
11ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/bootstrap.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:45 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ym8Amr4H9jO2hxstWXxAqeMlSETmps3hii03ZTFxfJem_gOSqvfCKQ==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 globalnav.js Show response
www.malwarebytes.com/js/cms/ 3 KB
1 KB 16ms
12ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/globalnav.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2859b559a1328627ae171d641dcb91c99f9d66e3b461d92dc8b0fc896279c410

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Oct 2019 23:12:39 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: njC7cYLpBSaAKiaH1GQuZms94E3N8NrKXVOruQQUaosGw63Z3iW2qQ==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 nav-resize.js Show response
www.malwarebytes.com/js/cms/ 11 KB
4 KB 16ms
12ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/nav-resize.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527f5743db62b7f9d19fb4b1910eb56d63f76f50b0e0180b63eb67d374642099

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:39 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:45 GMT
server: AmazonS3
age: 16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _9eM3ceOrLuoCFsw7Zj_V3yCn7kKQtQe1gk9EG-xmCUKqui-60S09w==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 global.js Show response
www.malwarebytes.com/js/cms/ 21 KB
8 KB 21ms
18ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/cms/global.js?0718
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 362a91355c92cf8c201cbc1550ad42e99b6ff7a6efff6ef23cb48c67127c1f43

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:40 GMT
content-encoding: gzip
last-modified: Tue, 27 Aug 2019 16:28:45 GMT
server: AmazonS3
age: 15
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZWJ9d7dIFIykCH_qVUFZ7LiV7bpD1IfSB8edk8FuuJPNsWAaFs_UIw==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 24ms
7ms Script
application/javascript 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c889f8be02dd3f558aa62eecb48553fb5a306c9fff0951bd97ff3b40a46875e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 25
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits: 23
Connection: keep-alive
X-VServer: infra-playproxy-a-1
Content-Length: 5205
X-Xss-Protection: 1; mode=block
X-Served-By: cache-fra19152-FRA
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1581704934.062463,VS0,VE0
Date: Fri, 14 Feb 2020 18:28:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Expires: Fri, 14 Feb 2020 18:58:29 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/5.8.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 7ms
7ms Stylesheet
text/css 152.195.132.202
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/5.8.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.132.202 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E90) /
Resource Hash: 8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
content-md5: QUIL1wx8Mtfr+Ayjhkcfjw==
age: 8167
x-cache: HIT
status: 200
content-length: 5561
x-ms-lease-status: unlocked
last-modified: Tue, 19 Nov 2019 18:50:58 GMT
server: ECAcc (frc/8E90)
etag: 0x8D76D216AA5E19A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bb020903-101e-0060-5d51-e39dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 14 Feb 2020 22:28:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
38 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bab654321ce92b3f6fa74fb632132b63c57717ce14c506fc297569363b1ff3e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39022
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 18:28:54 GMT

GET
H2 200 Graphik-Medium.otf
www.malwarebytes.com/css/fonts/ 134 KB
135 KB 27ms
25ms Font
binary/octet-stream 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Graphik-Medium.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Request headers

Referer: https://www.malwarebytes.com/css/CMS/css/styles.css
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:40 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2019 16:28:41 GMT
server: AmazonS3
age: 15
etag: "e22e3d7ea60d4fefb8c405da47136ab7"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 137664
x-amz-cf-id: CUJNDtRbZ7c3-YBMM6vO5YoWK2X09dJNRXhcBze8lObxqfSETvi3IQ==

GET
H2 200 Graphik-Light.otf
www.malwarebytes.com/css/fonts/ 132 KB
132 KB 28ms
26ms Font
binary/octet-stream 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Graphik-Light.otf
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc

Request headers

Referer: https://www.malwarebytes.com/css/CMS/css/styles.css
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:40 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2019 16:28:41 GMT
server: AmazonS3
age: 15
etag: "aef67591eda07354b91e3a98df6335fa"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 134752
x-amz-cf-id: GlPPh6C-gD1gbfhN4DCVlQB2YUsuxdl23HlLd2uqmat_pG552bHo9g==

GET
H2 200 play-button.svg
www.malwarebytes.com/images/CMS/video/ 681 B
1008 B 380ms
380ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/CMS/video/play-button.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a538bd1a9e67a615d8d17ed9a31d6db429f129c84a9ca6559a3318136fd4dc5f

Request headers

Referer: https://www.malwarebytes.com/css/CMS/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Thu, 12 Dec 2019 22:13:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "d466988f077ab2557eec4269bbf76a0a"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 681
x-amz-cf-id: l7EJH8qZGfXxRn5OVq8kiDoC3oNSE76U7V_DHPaiZIPVvJZjclLrvg==

GET
H2 200 quote-opening.svg
www.malwarebytes.com/images/CMS/slickslider/ 698 B
1 KB 7ms
7ms Image
image/svg+xml 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/CMS/slickslider/quote-opening.svg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b240c31d03c973bc53f910b57bfbfda79a6413e3e9c05a1731112474e3600b6

Request headers

Referer: https://www.malwarebytes.com/css/CMS/css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Tue, 04 Feb 2020 23:28:02 GMT
server: AmazonS3
age: 2
etag: "0e5eb4cef5b66065ad54dea96eef285f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 698
x-amz-cf-id: qstQfAmhn5dX8f1DA0gye2EHwYKxVHRr4rEDpEipNXMal7uzHrF0JA==

GET
H2 200 socicon.woff
www.malwarebytes.com/css/fonts/ 20 KB
20 KB 7ms
7ms Font
binary/octet-stream 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

Referer: https://www.malwarebytes.com/css/CMS/css/styles.css
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:40 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 17:00:46 GMT
server: AmazonS3
age: 15
etag: "1657c09e2f39e574d79de040639def87"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20472
x-amz-cf-id: DsEkb7Ifm8dsXUsutEgjZwcjmeRHGAIbNQNdxEw5tBhzXKjZM24wmw==

GET
H/1.1 200
OK / Show response
api.ipify.org/ 63 B
247 B 414ms
96ms Script
application/javascript 23.21.50.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery33108623881114648582_1581704934021&_=1581704934022
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.50.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-50-37.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 62063e127efc3cbe5fcced85f66c745bed206c5dcce0635f978ab8ffec3840fc

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 63
Vary: Origin
Content-Type: application/javascript

GET
H2 200 ard.png
www.malwarebytes.com/__ssobj/ 0
462 B 26ms
26ms Image
text/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/__ssobj/ard.png?6793370959215806421_1-551-1581704933&n=1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
rtss: 1-2-3
content-length: 0
sbss: 1
pragma: no-cache
last-modified: Fri, 15 Nov 2019 02:22:47 GMT
server: Apache
content-type: text/javascript
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
x-amz-cf-id: DUzEVOh9byTbtW5K2CN5As6sJnn6JKGWOYyVZWQP8KBxlATf8K6nxg==
expires: -1

GET
H2 204 track Show response
www.malwarebytes.com/__ssobj/ 0
360 B 33ms
33ms XHR
text/plain 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/track?event=ssPageloadTimer&value=0.001&x=1581705282014-1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.malwarebytes.com/premium/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 03:00:48 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 204
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 1-2-41
x-amz-cf-id: v70jdhAeXBioZdtVzyqs35zW4bYJLTh5BJEipmOrbw9P3JZymKMALw==
sbss: 1
expires: -1

GET
H2 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 4 KB
4 KB 15ms
15ms Image
image/gif 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ajax-loader.gif

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
cf-cache-status: HIT
age: 26338858
cf-ray: 56511abeccdc9ac2-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 4178
last-modified: Thu, 17 May 2018 09:25:37 GMT
server: cloudflare
etag: "5afd4a91-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Wed, 03 Feb 2021 18:28:54 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.011

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 15ms
15ms Script
application/javascript 2600:9000:2156:d800:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 23:06:40 GMT
server: AmazonS3
age: 1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LNGF_Ij77mIgLOOM6fEFXTcYJXbGzSera5-x27dyzFzcbr91DD_hPA==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6922
date: Fri, 14 Feb 2020 16:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 14 Feb 2020 18:33:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
8 KB 57ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:53 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: CA0A4F2B1D4D4CE5A326488716C0DFEB Ref B: FRAEDGE0112 Ref C: 2020-02-14T18:28:54Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7297

GET
H/1.1 200
OK 172061.js Show response
secure.perk0mean.com/js/ 16 B
403 B 170ms
23ms Script
text/javascript 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.perk0mean.com/js/172061.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 18:28:54 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 51ms
7ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
age: 36913
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4041-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1581704934.298059,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9afb70da93f170ec44d82700c5e841f7b8582ec62594c8c66dbea01acc3f9631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 18:28:54 GMT

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 49 KB
17 KB 18ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330686f3eff2b985531ecd76001935a23da27add88b4c3faf063d00609debd23

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 15:03:54 GMT
server: cloudflare
age: 12281
cf-polished: origSize=49820
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3600
cf-ray: 56511abf1b94d6c1-FRA
access-control-allow-origin: *
cf-bgj: minify

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 35ms
9ms Script
application/x-javascript 13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.83.200 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 13 Feb 2020 19:31:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2020 19:16:48 GMT
Server: AmazonS3
Age: 82668
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: Rs8x5trqTmrZA9LtqJAlMbhAhKlCwThLJ5LBg7hyVUNVb-qxa-Pp-g==

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 59 KB
16 KB 27ms
9ms Script
application/javascript 13.224.196.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-121.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 013d85b536328a8a8e3cf2cbd2be9d4a8a6ca1fe005c757fb6431f8afa5bfe89

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: yH2O.DCYk_WxHiZuzhN184wihhQ_HSxW
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 17:44:00 GMT
server: AmazonS3
age: 2229
date: Fri, 14 Feb 2020 17:51:46 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UknIutmQ41ovflcySLRAo_zx5prTGo5vjGx_PdOlD9KHgI2rQCSOnA==
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 61ms
61ms Script
application/x-javascript 2a02:26f0:10c:382::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=60458
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772
8019375.fls.doubleclick.net/ Frame 88D9
Redirect Chain

https://8019375.fls.doubleclick.net/activityi;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772?
https://8019375.fls.doubleclick.net/activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281....

0
0

24ms
23ms

Document
text/html

172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019375.fls.doubleclick.net/activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8019375.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.malwarebytes.com/premium/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 14 Feb 2020 18:28:54 GMT
expires: Fri, 14 Feb 2020 18:28:54 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 426
x-xss-protection: 0
set-cookie: IDE=AHWqTUktDh9tDTeZpi0JJLCNRFxl3mFDn1pHiTAhXwm-rQ4kbUaOcOVlfGCFyWzd; expires=Wed, 10-Mar-2021 18:28:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 14 Feb 2020 18:28:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019375.fls.doubleclick.net/activityi;dc_pre=CKaD_oXW0ecCFT3kuwgdvz0IQQ;src=8019375;type=malwa000;cat=malwa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6449987979281.772?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 14-Feb-2020 18:43:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=493239417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20for%20Windows%20-%20PC%20Ant...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_gid=1927110986.1581704934&gjid=943735273&_v=j81&z=600920677
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677&slf_rd=1&random=12933034

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677&slf_rd=1&random=12933034

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3347303-10&cid=1405985014.1581704934&jid=1375386212&_v=j81&z=600920677&slf_rd=1&random=12933034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 428 B
935 B 75ms
55ms XHR
application/json 143.204.94.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&page_title=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&key=5527c2aa519592df7d44a24d0105731b&src=tag
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-49.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f233cc8fe8296fc6033ef89726334c4cdae1919fad074f982365d61a561ce5aa

Request headers

Referer: https://www.malwarebytes.com/premium/
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
request-id: ded63b8d-5026-4492-95cc-4024dcec3828
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LbYKtQhfgxd4lHByWkNNk5eF5b1e7plziJuJiZvIbkWYURjIaTHHhA==
expires: Thu, 13 Feb 2020 18:28:54 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg&verifyHash=b71e2c7e8485392b110d52d377a9aaec92d3c391

26 B
408 B

96ms
95ms

Image
image/gif

13.224.196.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg&verifyHash=b71e2c7e8485392b110d52d377a9aaec92d3c391
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-57.fra2.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 4a01b17ecd5ac7a4
X-Amz-Cf-Id: f27IbwdU7hxn6gVO0AeVt4KneK18QBPQyGu99ovYlxDfK4yw7lXQPA==

Redirect headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAP1LU68jc4AAF0sLjLKMg&verifyHash=b71e2c7e8485392b110d52d377a9aaec92d3c391
Connection: keep-alive
trace-id: 6eaf933d1377a858
Content-Length: 0
X-Amz-Cf-Id: S1cx7zEVLo5ZfIahG5_jeweDybAGb0uZd18LCITyAzviKiV6SXGiJw==

GET
H2 204 0
bat.bing.com/action/ 0
147 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&Ver=2&mid=ad762ab7-5f6c-aee1-14dc-6102e2510338&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&p=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&r=&lt=397&evt=pageLoad&msclkid=N&rn=125390
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 14 Feb 2020 18:28:53 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2940E59335334501A6C6B91302C07A73 Ref B: FRAEDGE0112 Ref C: 2020-02-14T18:28:54Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 174ms
128ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Fri, 14 Feb 2020 18:28:54 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d5803ab6b581f700a589a8fe465ce981
x-transaction: 003ea0c6001de0b0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1056361%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fpremium%252F%26time%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320&liSync=true

0
41 B

109ms
109ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320&liSync=true
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: CyYT+0FY8xUAUOb37ioAAA==

Redirect headers

date: Fri, 14 Feb 2020 18:28:54 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: DUEr9UFY8xXw7sEMrSoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1056361&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&time=1581704934320&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=493239417&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEAB~&jid=&gjid=&cid=1405985014.1581704934&tid=UA-3347303-10&_gid=1927110986.1581704934&cd20=cmpId%3A51079%3BvarId%3A1796859%7CcmpName%3AA_B%20Test%20New%20Year%20Promo%20_Live%202_6_%20Paused%202_7_%20Live%202_11_%3BvarName%3AVariation&cd1=cmpId%3A51079%3BvarId%3A1796859%7CcmpName%3AA_B%20Test%20New%20Year%20Promo%20_Live%202_6_%20Paused%202_7_%20Live%202_11_%3BvarName%3AVariation&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Berlin&cd12=BE&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&z=1184417202

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 31 Jan 2020 01:28:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1270798
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 36ms
16ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 8273558640064030436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 18:28:54 GMT

GET
H/1.1 200
OK MzM5MjI3fDE1NzA3NTM0NDI= Show response
sample-api-v2.crazyegg.com/n/812893/ 49 B
767 B 427ms
113ms XHR
text/html 54.243.118.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sample-api-v2.crazyegg.com/n/812893/MzM5MjI3fDE1NzA3NTM0NDI=?v=7&user_script_version=1581606233

Requested by

Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.118.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-118-36.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

ac1f13ef5e79977690d2c9c449a17e5fd0175c4c37f0c64c7589eb3d1347d86d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/premium/
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1581704934474&cv=9&fst=1581704934474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&tiba=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af9f62788842eddcd31ed97cbf09f9d3694043bced5ae67de5e21489e0d57a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
122 B 20ms
20ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1581704934474&cv=9&fst=1581703200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&tiba=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=2406328690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1581704934474&cv=9&fst=1581703200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&tiba=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=2406328690&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/ 418 KB
115 KB 258ms
237ms Script
text/javascript 2a02:26f0:10c:395::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/widget.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:395::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

bf6b2d046bbf48a95cef373c9408017b68f3d4e1a9872cd8dff8118017950d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200, 200 OK
access-control-max-age: 86400
x-xss-protection: 1; mode=block
x-request-id: 0b29ea88-e0eb-4199-a16d-2b5614487e1f
x-runtime: 0.020647
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"a78f9b62322377b45ead9fe6f9e20c7f"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2961
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: ir3whLGN12f9J5FtrFh0wgHWoBJ/etepdEV8Qou92VLkf/ZrDGEIQxbpUhZI8G5YsmHmBM7w+LD874m0RA0oTw==
x-fb-trip-id: 1850256238
date: Fri, 14 Feb 2020 18:28:54 GMT, Fri, 14 Feb 2020 18:28:54 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 23ms
7ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/premium/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
age: 3039
x-cache: HIT, HIT
status: 200
date: Fri, 14 Feb 2020 18:28:54 GMT
content-length: 13681
x-amz-id-2: 38CkKUezcwIDcWGDJKV59jQkjGK+UX76TF1NTGfwnNWUlCQN5pe3Ti9N1BBcT9admkof6BxqK3Q=
x-served-by: cache-bwi5139-BWI, cache-hhn4053-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1581704935.703173,VS0,VE0
etag: "f32ebb1e93a72c0a57add6d07f688510"
vary: Accept-Encoding
x-amz-request-id: E40A28802C3D9D12
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 740

GET
H2 200 ld.js Show response
udgrbq.malwarebytes.com/js/ld/ 29 KB
10 KB 150ms
17ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://udgrbq.malwarebytes.com/js/ld/ld.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 15 Feb 2020 18:28:54 GMT

GET
H/1.1

200
OK

s Show response
ads.avocet.io/
Redirect Chain

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avocet.io/s?bounce=true&add=5b8e9b462be173e55d6569fc&ty=j

0
417 B

34ms
34ms

Script
application/javascript

52.208.204.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avocet.io/s?bounce=true&add=5b8e9b462be173e55d6569fc&ty=j
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.204.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-204-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 18:28:54 GMT
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Location: /s?bounce=true&add=5b8e9b462be173e55d6569fc&ty=j
Date: Fri, 14 Feb 2020 18:28:54 GMT
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 79
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
634 B 193ms
143ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Fri, 14 Feb 2020 18:28:54 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: dd09a833f5b9226c089d883a483a63bb
x-transaction: 0008db0e0030668a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET 369884175
player.vimeo.com/video/ Frame 1CF0 0
0

GET
H/1.1 200
OK 369884175
player.vimeo.com/video/ Frame B82A 0
0 250ms
250ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/369884175?loop=1&app_id=122963

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.malwarebytes.com/premium/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-9
X-Vimeo-DC: ge
Content-Encoding: gzip
Content-Length: 4826
Accept-Ranges: bytes
Date: Fri, 14 Feb 2020 18:28:54 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19152-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1581704935.721163,VS0,VE242
Vary: Accept-Encoding

GET 369884175
player.vimeo.com/video/ Frame 323B 0
0

GET
H/1.1 200
OK 369884175
player.vimeo.com/video/ Frame 6F17 0
0 259ms
247ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/369884175?loop=1&app_id=122963

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.malwarebytes.com/premium/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-9
X-Vimeo-DC: ge
Content-Encoding: gzip
Content-Length: 4825
Accept-Ranges: bytes
Date: Fri, 14 Feb 2020 18:28:54 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19142-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1581704935.729211,VS0,VE240
Vary: Accept-Encoding

GET 369884110
player.vimeo.com/video/ Frame 355D 0
0

GET
H/1.1 200
OK 369884110
player.vimeo.com/video/ Frame EBDF 0
0 181ms
170ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/369884110?loop=1&app_id=122963

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.malwarebytes.com/premium/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-6
X-Vimeo-DC: ge
Content-Length: 5032
Accept-Ranges: bytes
Date: Fri, 14 Feb 2020 18:28:54 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19131-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1581704935.734948,VS0,VE158
Vary: Accept-Encoding

GET 352360513
player.vimeo.com/video/ Frame 331F 0
0

GET
H/1.1 200
OK 352360513
player.vimeo.com/video/ Frame BC54 0
0 117ms
105ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/352360513?loop=1&app_id=122963

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.malwarebytes.com/premium/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 14 Feb 2020 18:35:25 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-3
X-Vimeo-DC: ge
Content-Length: 10024
Accept-Ranges: bytes
Date: Fri, 14 Feb 2020 18:28:54 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19145-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1581704935.736959,VS0,VE99
Vary: Accept-Encoding

GET
H2 200 up
insight.adsrvr.org/track/ Frame E713 0
0 103ms
35ms Document
text/html 99.81.228.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&upid=r8yigtp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-228-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&upid=r8yigtp&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.malwarebytes.com/premium/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.malwarebytes.com/premium/

Response headers

status: 200
date: Fri, 14 Feb 2020 18:28:54 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a2cb39207cb9dabbea6933bb1a07b22fb8ab38e0b020d388da58890d56963c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: EIgp9bNaTMen0zqHTFuxIx9021Ui+ldyFxsmBOfGAQRwFktDjapZc0335NFGPiqyvyVQ3F+CMqtdx7U9Az7bRA==
x-fb-trip-id: 1850256238
date: Fri, 14 Feb 2020 18:28:54 GMT, Fri, 14 Feb 2020 18:28:54 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
347 B 405ms
102ms Image
image/gif 52.206.45.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?j=1&u=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&tag=ViewContent&ts=1581704934732
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.45.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-45-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 18:28:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: 81,a6508dc6ab1155673c6515185b90d777,10.0.4.176,3304,83.97.23.30,,23207905587,1,1581704935.089,0.001,,.,0,0,0.000,0.000,-,0,0,197,403,201,10,26847,,,,,,,
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 22ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&rl=&if=false&ts=1581704934757&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581704934756.410907243&it=1581704934727&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT, Fri, 14 Feb 2020 18:28:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 14 Feb 2020 18:28:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
203 B 22ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&rl=&if=false&ts=1581704934758&cd[content_name]=Premium&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581704934756.410907243&it=1581704934727&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 18:28:54 GMT, Fri, 14 Feb 2020 18:28:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 14 Feb 2020 18:28:54 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294
https://widget.us.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294

1 KB
1 KB

305ms
112ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 863
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:54 GMT
location: https://widget.us.criteo.com/event?a=53449&v=5.5.0&p0=e%3Dvp%26p%3D1&p1=e%3Ddis&adce=1&tld=malwarebytes.com&dtycbr=294
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 widget.css
staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/ 451 KB
46 KB 215ms
214ms Stylesheet
text/css 2a02:26f0:10c:395::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/widget.css?widget_version=2020-01-12_14-21-29

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:395::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

643ed280993ec281c1ddbd542d107534740743c7d5897014ba7af79f778a0370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200, 200 OK
access-control-max-age: 86400
content-length: 46798
x-xss-protection: 1; mode=block
x-request-id: 7196d53d-14ab-4ad8-8e2d-3d778f36651a
x-runtime: 0.073100
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"41975772d39dd8a867eb3066d6a5fa6c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2972
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 batch Show response
staticw2.yotpo.com/ 2 KB
850 B 136ms
136ms XHR
application/json 2a02:26f0:10c:395::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:395::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

53f065d4d98901b98d887e0a3c7b29d997f313d765e6496e03b49d0ea41c779d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.malwarebytes.com/premium/
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200, 200 OK
vary: Accept-Encoding
content-length: 306
x-xss-protection: 1; mode=block
x-request-id: a97c7db5-a980-41be-bf13-71259b6dcd2a
x-runtime: 0.021721
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"8deae7b05ddeb0454d6dd6d20dbc6eab"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.malwarebytes.com
cache-control: public, max-age=3000
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 30ms
7ms Image
image/gif 35.158.55.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Malwarebytes%20for%20Windows%20-%20PC%20Antivirus%20Replacement%20%7C%20Malwarebytes&se_va=pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN&cx=eyJwdl91dWlkIjo4MDU1MzU1NTN9&dtm=1581704935160&tid=110060&vp=1600x1200&ds=1600x8052&vid=1&duid=4f6eca236e973630&p=web&tv=js-0.13.2&fp=9134934&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.55.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-55-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 18:28:55 GMT
Cache-Control: max-age=86400, private
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Sat, 15 Feb 2020 18:28:55 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&rl=&if=false&ts=1581704935272&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malw...
https://cx.atdmt.com/?c=7248325253943842932&f=AYzXZ0jdBJzCOaE9NcWnDx7dU_27Zt6TDtDlSWYjQWcXagrA9xyk2tFUC-3xh48ZJniH2mKD0Vmni4xggOFgG_cI&id=1480959392203028&l=3&v=0

42 B
433 B

54ms
40ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=7248325253943842932&f=AYzXZ0jdBJzCOaE9NcWnDx7dU_27Zt6TDtDlSWYjQWcXagrA9xyk2tFUC-3xh48ZJniH2mKD0Vmni4xggOFgG_cI&id=1480959392203028&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Feb 2020 18:28:55 GMT, Fri, 14 Feb 2020 18:28:55 GMT, Fri, 14 Feb 2020 18:28:55 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 18:28:55 GMT, Fri, 14 Feb 2020 18:28:55 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=7248325253943842932&f=AYzXZ0jdBJzCOaE9NcWnDx7dU_27Zt6TDtDlSWYjQWcXagrA9xyk2tFUC-3xh48ZJniH2mKD0Vmni4xggOFgG_cI&id=1480959392203028&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
685 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 18:28:55 GMT
server: ESF
date: Fri, 14 Feb 2020 18:28:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Feb 2020 18:28:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1354618
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H2 200 yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 12 KB
12 KB 31ms
12ms Font
application/font-woff 2a02:26f0:10c:395::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2020-01-12_14-21-29
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:395::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: c8097ea8134c1f6ae531e0289366af1df66646652472ee7adedbf0b87d700571

Request headers

Referer: https://staticw2.yotpo.com/pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN/widget.css?widget_version=2020-01-12_14-21-29
Origin: https://www.malwarebytes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 18:28:55 GMT
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200
content-length: 12148
last-modified: Sun, 09 Feb 2020 17:47:12 GMT
server: nginx
etag: "5e4045a0-2f74"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 21 Feb 2020 18:28:55 GMT

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 7ms
7ms Image
image/gif 35.158.55.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=category_page&se_va=pddC6TNa3YaS9RbwJIZ4g3cy7imwudCgsC1LipMN&cx=eyJwdl91dWlkIjo4MDU1MzU1NTMsImRvbWFpbl9rZXkiOlsiTUJBTS1XSU5ET1dTIiwiTUJBTS1XSU5ET1dTIl0sImNvdW50X3Byb2R1Y3RzIjoyLCJkYXRhX3NvdXJjZSI6ImRlZmF1bHQifQ&dtm=1581704936311&tid=153014&vp=1600x1200&ds=1600x8052&vid=1&duid=4f6eca236e973630&p=web&tv=js-0.13.2&fp=9134934&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.55.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-55-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.malwarebytes.com/premium/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 18:28:56 GMT
Cache-Control: max-age=86400, private
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Sat, 15 Feb 2020 18:28:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/369884175?loop=1&app_id=122963

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/369884175?loop=1&app_id=122963

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/369884110?loop=1&app_id=122963

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/352360513?loop=1&app_id=122963

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malwarebytes.com/	1970-01-19 16:07:20	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Feb+14+2020+19%3A28%3A54+GMT%2B0100+(Central+European+Standard+Time)&version=5.8.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Fpremium%2F&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSOC Value: 83.97.23.30
.doubleclick.net/	1970-01-19 16:43:20	Name: IDE Value: AHWqTUktDh9tDTeZpi0JJLCNRFxl3mFDn1pHiTAhXwm-rQ4kbUaOcOVlfGCFyWzd
.malwarebytes.com/	1970-01-19 07:23:11	Name: _gid Value: GA1.2.1927110986.1581704934
.malwarebytes.com/	1970-01-19 16:07:20	Name: SSRT Value: 5uZGXgADAA
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSResetOC Value: true
.malwarebytes.com/	1970-01-19 07:21:44	Name: _gat Value: 1
.malwarebytes.com/	1970-01-20 00:52:56	Name: _ga Value: GA1.2.1405985014.1581704934
.malwarebytes.com/	1969-12-31 23:59:59	Name: SSSC Value: 551.G6793370959215806421.1\|43203.1379771:43674.1404421:45869.1524106:50014.1741229:50726.1783282:51079.1796859:51568.1814724
.malwarebytes.com/	1970-01-19 16:07:23	Name: SSID Value: CAA1aB1iAAAAAADl5kZe1UeDA-XmRl4BAAAAAAAAAAAA5eZGXgBNNYfHAAP7ahsA5eZGXgEAw6gAAbsNFQDl5kZeAQCaqgABBW4VAOXmRl4BACbGAAHyNRsA5eZGXgEAXsMAAa2RGgDl5kZeAQAtswABikEXAOXmRl4BAHDJAAHEsBsA5eZGXgEA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.malwarebytes.com/js/cms/nav-resize.js(Line 268) Message: There is no hero section
console-api	log	URL: https://www.malwarebytes.com/premium/(Line 1141) Message: setSSOC:83.97.23.30

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019375.fls.doubleclick.net
a.quora.com
ads.avocet.io
analytics.twitter.com
api.company-target.com
api.ipify.org
bat.bing.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.vimeocdn.com
insight.adsrvr.org
js.adsrvr.org
match.prod.bidr.io
p.yotpo.com
player.vimeo.com
px.ads.linkedin.com
q.quora.com
sample-api-v2.crazyegg.com
script.crazyegg.com
scripts.demandbase.com
secure.perk0mean.com
segments.company-target.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
staticw2.yotpo.com
stats.g.doubleclick.net
t.co
udgrbq.malwarebytes.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
player.vimeo.com
104.244.42.131
104.244.42.133
13.224.196.121
13.224.196.57
13.225.83.200
143.204.94.49
151.101.112.157
151.101.113.2
151.101.114.109
151.101.12.217
152.195.132.202
172.217.22.38
172.217.22.66
178.250.0.163
2001:4de0:ac19::1:b:1a
23.21.50.37
2600:9000:2156:d800:8:d3fb:39c0:93a1
2606:4700::6810:5914
2606:4700::6811:4004
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:816::2003
2a00:1450:4001:817::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a02:26f0:10c:382::25ea
2a02:26f0:10c:395::1d72
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
35.158.55.216
51.140.39.77
52.206.45.211
52.208.204.25
52.214.123.193
54.243.118.36
74.119.119.150
99.81.228.121
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
013d85b536328a8a8e3cf2cbd2be9d4a8a6ca1fe005c757fb6431f8afa5bfe89
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
0b240c31d03c973bc53f910b57bfbfda79a6413e3e9c05a1731112474e3600b6
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
1014b5253c3a208490f0cafa8175f6dceb7d1117e9e7152a8a66aa9266b1ed40
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1528f4c6f5e74e3bee3eb9e249ef2f851af7fedfa6f6ed1dcc356594d206750d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1857dda3806aebd4b106c739d937d1989a6f1a5983cf80b47a5194b6538abf64
19e4518cd41b1565c923ec74c2f60ce7785917e693eb4aaebfd1dbd646377ca2
19fd2a427f0daa487aa07a4dae2850fee208ae736ead5655fdd0b50f2c99efc5
1a2cb39207cb9dabbea6933bb1a07b22fb8ab38e0b020d388da58890d56963c0
1a67fedf879a6fde2ef212e8685226e649f04efab2ac212263af311cb816388d
1b918aa10cba77d40f0e0f2a5c814ae151defc4baa989a097d3b1e6852a2534e
205f32eaa9dab5ef671e68c42097fb686e8ce37be869b92d44f1b010850e58ed
270de920851099caa2043aefd0aed23e12587607e710a0c4d5493e0d8d73ee62
2804f80ffc223649a98e446a4acb4de07ce23abce98c7d1747f195b2179efa71
2859b559a1328627ae171d641dcb91c99f9d66e3b461d92dc8b0fc896279c410
287be3f1dd50b8463a5bddd476955c8b5220293fbafbd150d0011ace1a8e1039
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
330686f3eff2b985531ecd76001935a23da27add88b4c3faf063d00609debd23
362a91355c92cf8c201cbc1550ad42e99b6ff7a6efff6ef23cb48c67127c1f43
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c0aea789c298fcaa0e3cde2466ed24a32d81c1091449cbdd14cd545c450a762
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
425328ed7a60e35938fa92fc7ba5f5af96b53f9608bb41b8a07c0f91e8bdefcd
4b1dacaab85bbf4df63c5d7285c74e67b29bf03565e21f73e1302c7be46f5d44
506063346372e0c809fe88dcd79b7a3fd19185d370b10b70c0c4f4c929fbf0c3
527f5743db62b7f9d19fb4b1910eb56d63f76f50b0e0180b63eb67d374642099
53f065d4d98901b98d887e0a3c7b29d997f313d765e6496e03b49d0ea41c779d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
59d5c5422610a4a408c388c1ff7a16ddf4ee73df9f08d1953727a79102660b66
59ff0c91b28ba42a5649f719c02f1c1b38477cf3c0fff67b468a8a5e033c49df
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076
5e63c9628517cdc9b06bb34da2a40e8bd344a8f57d37a521316ae0f296d75e23
61d5aa9eb520886e2ac7d445c4f11b8c2154e373b243fe8d9287c0b87443ca7b
62063e127efc3cbe5fcced85f66c745bed206c5dcce0635f978ab8ffec3840fc
643ed280993ec281c1ddbd542d107534740743c7d5897014ba7af79f778a0370
6645374e0d2b311ed79c9ad71e00f9bd6eb1e4507180d3fdd1106ce017d3c3e7
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7009d053d9cf047c53abe9a3ac7435fea85ad95a13ea3360802be3457d9161bf
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
82cb1795a37860a5cfc79636942092b4f42c4db919d2df99752fbc03f11f6f62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875f6613ee5ec4264664ae60a0aac1388569d520a60ceea2f053d5ee9bbecfb1
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
9453597cd7387dd0f52ddc2f74749d00072d2bddded33fa138094d9c918618f5
9afb70da93f170ec44d82700c5e841f7b8582ec62594c8c66dbea01acc3f9631
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9d443262e11c8bc284b4b606a0bcc82579080a7ef2dc4278d75ed7c5a2079023
a538bd1a9e67a615d8d17ed9a31d6db429f129c84a9ca6559a3318136fd4dc5f
a7c71029ec73f9de9edfd22afc968273a8957619afaf9102e504bc46436faa57
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a87b02a7987ffdfd30599afc0123f90f002eaa2688e311c4eecc6b6537408d0d
a96e05abadef5434c168200854d234be133b7b652ee7d8c66e3dd9e4b7b33692
ac1f13ef5e79977690d2c9c449a17e5fd0175c4c37f0c64c7589eb3d1347d86d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af9f62788842eddcd31ed97cbf09f9d3694043bced5ae67de5e21489e0d57a00
bab654321ce92b3f6fa74fb632132b63c57717ce14c506fc297569363b1ff3e7
bf6b2d046bbf48a95cef373c9408017b68f3d4e1a9872cd8dff8118017950d78
c41e371b8f4c5cb9e577f890402216448a0d80c6fbce1a6b7002b1d3c09a81d4
c8097ea8134c1f6ae531e0289366af1df66646652472ee7adedbf0b87d700571
c889f8be02dd3f558aa62eecb48553fb5a306c9fff0951bd97ff3b40a46875e0
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
d94041bf009ff6659388cc0850edd5d41315b5a98c58f5b4a154f6d0962a64f4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5de483f2ecb94241e9a4f24e8c02673d3c40f9582e0859e35bf91bdc6bebb18
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f233cc8fe8296fc6033ef89726334c4cdae1919fad074f982365d61a561ce5aa

www.malwarebytes.com Open in urlscan Pro 2600:9000:2156:d800:8:d3fb:39c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

101 Requests

96 %HTTPS

49 %IPv6

35 Domains

45 Subdomains

42 IPs

8 Countries

3882 kBTransfer

6122 kBSize

10 Cookies

36 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:2156:d800:8:d3fb:39c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

96 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

42
IPs

8
Countries

3882 kB
Transfer

6122 kB
Size

10
Cookies

101 HTTP transactions
0 data transactions