forums.malwarebytes.com Open in urlscan Pro
13.225.78.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forums.malwarebytes.com/
Submission: On April 17 via manual (April 17th 2023, 3:24:09 pm UTC) from TR — Scanned from DE

Summary HTTP 80 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 24 domains to perform 80 HTTP transactions. The main IP is 13.225.78.42, located in United States and belongs to AMAZON-02, US. The main domain is forums.malwarebytes.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 6 months.

This is the only time forums.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.225.78.42 13.225.78.42	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
27	2600:9000:225... 2600:9000:225e:3200:1e:ebe7:1480:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	23.38.53.173 23.38.53.173	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.65 13.32.27.65	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:222... 2600:9000:222b:2600:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7e00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.46 18.66.97.46	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
80	28

2 13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net

forums.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:225e:3200:1e:ebe7:1480:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.invisioncic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.53.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-53-173.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:222b:2600:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7e00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-46.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	invisioncic.com content.invisioncic.com — Cisco Umbrella Rank: 92961	407 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	518 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	759 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	157 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	239 KB
3	malwarebytes.com forums.malwarebytes.com www.estore.malwarebytes.com Failed www.malwarebytes.com — Cisco Umbrella Rank: 89381	107 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3425	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6272	6 KB
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 511446	318 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 7525	2 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1007	98 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	374 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	394 B
1	t.co t.co — Cisco Umbrella Rank: 584	378 B
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 22659	19 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
80	24

	Domain	Requested by
27	content.invisioncic.com	forums.malwarebytes.com content.invisioncic.com
4	www.facebook.com	1 redirects forums.malwarebytes.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com forums.malwarebytes.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com forums.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	forums.malwarebytes.com www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	www.google.de	forums.malwarebytes.com
2	region1.analytics.google.com	www.googletagmanager.com
2	munchkin.marketo.net	forums.malwarebytes.com munchkin.marketo.net
2	forums.malwarebytes.com	forums.malwarebytes.com
1	www.google.com	forums.malwarebytes.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	api.company-target.com	scripts.demandbase.com
1	id.rlcdn.com	forums.malwarebytes.com
1	px4.ads.linkedin.com	forums.malwarebytes.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	analytics.twitter.com	forums.malwarebytes.com
1	t.co	forums.malwarebytes.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.malwarebytes.com	www.googletagmanager.com
1	scripts.demandbase.com	forums.malwarebytes.com
1	snap.licdn.com	www.googletagmanager.com
1	unpkg.com	www.googletagmanager.com
1	static.ads-twitter.com	forums.malwarebytes.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	forums.malwarebytes.com
0	www.estore.malwarebytes.com Failed	forums.malwarebytes.com
80	30

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
blog.malwarebytes.com
support.malwarebytes.com
service.malwarebytes.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com
www.invisioncommunity.com
cleantalk.org

Subject Issuer	Validity	Valid
forums.malwarebytes.com Amazon RSA 2048 M02	`2023-02-22` - `2023-08-20`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
content.invisioncic.com Amazon RSA 2048 M01	`2023-02-23` - `2023-08-19`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.malwarebytes.com Amazon RSA 2048 M02	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://forums.malwarebytes.com/
Frame ID: 1901E202614F7D62687F91CA925DF518
Requests: 100 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3B36BC17EB3FCD6DE8DA3B86E8FCEA14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malwarebytes Forums

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

80
Requests

83 %
HTTPS

64 %
IPv6

24
Domains

30
Subdomains

28
IPs

3
Countries

1036 kB
Transfer

3451 kB
Size

28
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/for-home
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/premium/
Title: Malwarebytes for Windows

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mac/
Title: Malwarebytes for Mac

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/vpn
Title: Malwarebytes Privacy VPN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/browserguard
Title: Malwarebytes Browser Guard

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/adwcleaner
Title: Malwarebtyes AdwCleaner

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/chromebook
Title: Malwarebytes for Chromebook

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/android/
Title: Malwarebytes for Android

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ios/
Title: Malwarebytes for iOS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/
Title: Business

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpointprotection/
Title: Endpoint Protection

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-protection/server-security
Title: Endpoint Protection for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpointprotectionandresponse/
Title: Endpoint Protection & Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/edr/server-security
Title: Endpoint Detection & Response for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/incidentresponse/
Title: Incident Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-security
Title: Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business
Title: Business Modules

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/dns-filtering
Title: DNS Filtering

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/vulnerability-patch-management
Title: Vulnerability & Patch Management

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/crowdstrike
Title: Remediation for CrowdStrike®

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/managed-service-providers/
Title: Managed Service Providers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/techbench/
Title: Computer Repair

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/solution-providers
Title: Resellers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/integrations
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/what-is-vpn/
Title: VPN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/antivirus/
Title: Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/malware/
Title: Malware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/android-antivirus/
Title: Android Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mac-antivirus/
Title: Mac Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/hacker/
Title: Hacker

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/cybersecurity/
Title: Cybersecurity

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/identity-theft/
Title: Identity Theft

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/what-is-password-manager/
Title: Password Manager

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ransomware/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/keylogger/
Title: Keylogger

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/adware/
Title: Adware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spyware/
Title: Spyware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/sql-injection/
Title: SQL Injection

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ddos/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/cryptojacking/
Title: Cryptojacking

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/data-breach/
Title: Data Breach

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/computer-virus/
Title: Computer Virus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/social-engineering/
Title: Social Engineering

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/malvertising/
Title: Malvertising

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/emotet/
Title: Emotet

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/trojan/
Title: Trojan

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/exploits/
Title: Exploit

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/backdoor/
Title: Backdoor

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/scam-call/
Title: Scam Call

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spam/
Title: Spam

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/phishing/
Title: Phishing

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/spoofing/
Title: Spoofing

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://service.malwarebytes.com/
Title: Business Support

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/secure
Title: Vulnerability Disclosure

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/articles/4404023501459
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.invisioncommunity.com/
Title: Powered by Invision Community

Search URL Search Domain Scan URL

URL: https://cleantalk.org/ips-cs-4-anti-spam-plugin
Title: IPS spam

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1681745019689%26url%3Dhttps%253A%252F%252Fforums.malwarebytes.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true&e_ipv6=AQKoxENB0Onf5AAAAYeP0IStiU7DNnxfLPzSu7UtCPp2yIHdBP87wB1O9b_irjbZvUmMfTkEqyU1mb_yUZQUUuhC-TRuGQ

Request Chain 96

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&rl=&if=false&ts=1681745020081&cd[content_name]=Home&sw=1600&sh=1200&v=2.9.101&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1681745020080.2091094334&it=1681745019615&coo=false&tm=1&rqm=GET HTTP 302
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&cd[content_name]=Home&coo=false&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ec=0&ev=ViewContent&fbp=fb.1.1681745020080.2091094334&id=1480959392203028&if=false&it=1681745019615&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1681745020081&v=2.9.101

80 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
forums.malwarebytes.com/ 229 KB
30 KB 372ms
31ms Document
text/html 13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-42.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

68339c92e994a046ff7f32abaccc69d70eb51e046937cd6f29b758593acd6751

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 266
alt-svc: h3=":443"; ma=86400
cache-control: no-cache="Set-Cookie", max-age=900, public, s-maxage=900, stale-while-revalidate, stale-if-error
content-encoding: gzip
content-length: 29498
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Mon, 17 Apr 2023 15:19:12 GMT
expires: Mon, 17 Apr 2023 15:34:12 GMT
last-modified: Mon, 17 Apr 2023 15:19:12 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000
vary: Cookie,Accept-Encoding
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-id: nFAziAFaRUvxivVIQeegjqjKXvJv0G3MbvSu5rkvrDATLPj2gqKOdA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ips-loggedin: 0
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff2
forums.malwarebytes.com/applications/core/interface/font/ 75 KB
76 KB 30ms
28ms Font
text/plain 13.225.78.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://forums.malwarebytes.com/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-42.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forums.malwarebytes.com/
Origin: https://forums.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 20:38:05 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 11 Apr 2023 12:13:35 GMT
server: Apache
x-amz-cf-pop: FRA2-C2
age: 67533
etag: "12d68-5f90e6bae59c0"
x-cache: Hit from cloudfront
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-amz-cf-id: TbCoA5Ouy2kocUhufGlFMPInkcftlRd7VoC4F3uRrrRdG1Hax4-DeQ==

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 90ms
31ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74de012da903c56e3eaa2ded05202e536f07595751b2d373eb13a60b5e3a2fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 15:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 15:23:38 GMT

GET
H2 200 341e4a57816af3ba440d891ca87450ff_framework.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 323 KB
60 KB 107ms
26ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c01696df43b2bb81d626c584dc6a05f153307beb47f745e86a5f59dbea30cf92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: 8CPr1yMNYTC9NtkMSnurXOvaEQtsUGbP
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 61147
last-modified: Wed, 12 Apr 2023 11:16:55 GMT
server: AmazonS3
etag: "c654cdaa76c5d7898f69fc627f6ab30b"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2Jbhjb2l9w7GV3_qUm0QuA4Y77eWYDUy8k37ZHCmlgLDZv2u6joeFA==

GET
H2 200 05e81b71abe4f22d6eb8d1a929494829_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 35 KB
7 KB 106ms
25ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/05e81b71abe4f22d6eb8d1a929494829_responsive.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5008d5e9bd10eea3c48217fc3a797895a56aadb808b04dda8381dd35e6544f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: Slq4DkfV32h0klYOqNCM_avjrAKmTeyn
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 6713
last-modified: Wed, 12 Apr 2023 11:16:57 GMT
server: AmazonS3
etag: "662c81ff9a5b04e3eec6773ca9dbad1d"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: di_CBXEpT6I29X7S_CVylrg-v_wBGiLfQh2VfYEymvuQayuiU9JCoA==

GET
H2 200 90eb5adf50a8c640f633d47fd7eb1778_core.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 20 KB
6 KB 122ms
43ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/90eb5adf50a8c640f633d47fd7eb1778_core.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97ad62f275848ac8b0069a4c091db5d1061f0968794f31bce174a683b29bf04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: IRw.0QwSgPxZgD_wTTGF0mHDKIoWBiwj
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 5282
last-modified: Wed, 12 Apr 2023 11:16:52 GMT
server: AmazonS3
etag: "c095b253d3fba435c4d65474c80acc93"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2ugzBVCtZpV-cz5Ra4QyaiHInY3IjdcZM3zgCk__TtiKl9P8ejl5EQ==

GET
H2 200 5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 5 KB
2 KB 122ms
44ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0f39543ae4c15cfe3222f68e358c416dc79cb262c16c8d5b46281a5d850f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: PEgD7MCuYWRV5WF0h.iEiCH2uJ.LZ4mD
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 1204
last-modified: Wed, 12 Apr 2023 11:16:52 GMT
server: AmazonS3
etag: "5c3c523b949cbb61acd0828c69748124"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 021p3PmSRVbmTqLP1TIpl9xwsN5XG5Tg2yVuqSDvXWmGO2UufMxrqQ==

GET
H2 200 62e269ced0fdab7e30e026f1d30ae516_forums.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 15 KB
4 KB 123ms
45ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/62e269ced0fdab7e30e026f1d30ae516_forums.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f6148c0bea7c7fd4e9e4a85446ebda68a753853f25f22618333c901b0a1e3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: N7kTBT81iUaaY_1rXzrOS3ADTUoJVtCv
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 3648
last-modified: Wed, 12 Apr 2023 11:16:53 GMT
server: AmazonS3
etag: "eff9db8c7ae94c1675915887e7ae9f32"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cDDPhCgXYWmASxksK1vVOxe2rNcnqBOQDD8gYrOeHMnk1uHu5mbr3g==

GET
H2 200 76e62c573090645fb99a15a363d8620e_forums_responsive.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 6 KB
2 KB 124ms
46ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/76e62c573090645fb99a15a363d8620e_forums_responsive.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1099b3d49cec3d8e97ac307dd1db309dc9af5aa69c134db3cfd7d90eafb8df9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: zBEhK6HoSryA_JVamFgPnd94MG_v58RV
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 1408
last-modified: Wed, 12 Apr 2023 11:16:57 GMT
server: AmazonS3
etag: "f6b69720d18ae8c6c450207ae7812092"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UF3Ep4pUZr0KXhhXim-WxAD-37uqe287-MMK2QCmautFeqv8mSZMCA==

GET
H2 200 258adbb6e4f3e83cd3b355f84e3fa002_custom.css.gz
content.invisioncic.com/Mmalware/css_built_28/ 887 B
932 B 125ms
47ms Stylesheet
text/css 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/css_built_28/258adbb6e4f3e83cd3b355f84e3fa002_custom.css.gz?v=d815db93211681298208
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3001a3960df32de0715d410de98ec7a468c546e5c6ddf98b2bcaef28666e32af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:17:00 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: tM.1oQLqA0dSiHKxtNBFguvy3pRoNMby
x-amz-cf-pop: FRA60-P4
age: 446799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
content-length: 447
last-modified: Wed, 12 Apr 2023 11:16:56 GMT
server: AmazonS3
etag: "d4600f2fa1dbbd939fdb12b5e8a7b238"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bbnFcTTHyuH3oZPZhuAI7K9mKWwE3tpl_DUgY6LXOz7FVZKjwzYtKQ==

GET
H2 200 MWB4_FreeDownload_728x90_v1.jpg.5b008278530bf816655dbb1ec796173c.jpg
content.invisioncic.com/Mmalware/monthly_2020_08/ 16 KB
16 KB 137ms
136ms Image
image/jpeg 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_08/MWB4_FreeDownload_728x90_v1.jpg.5b008278530bf816655dbb1ec796173c.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c6d9bea582fd9ea44e6f647006f9ef8b4af0c15199ff20bd524186913eb9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 06:14:33 GMT
x-amz-version-id: MNnZHAJMYhDJUF.vMbK1qXLuHRyyzGm1
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 11092146
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 16292
last-modified: Tue, 25 Aug 2020 00:41:21 GMT
server: AmazonS3
etag: "f0356d9351192b59bc7db4b160684b81"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: io63eUqmeVBUSGOw6ZDJYedD_CwzGCnd4YnWrTA4BSrO1o_vMgQ2Fw==

GET
H2 200 root_library.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 378 KB
124 KB 55ms
53ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_library.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ed74434fbba747bd03602d4759a4cad81ae35216b619e4e7cd4c7eedb80b373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: fuuYgITuxtvSE2pCvEd9WlVU5Jobu48V
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 126518
last-modified: Wed, 12 Apr 2023 11:16:54 GMT
server: AmazonS3
etag: "f242d0db06dd34fdd933995daee3eed6"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zHApE1M-lCSmrF_ieSOxDPhR9LB8mnGl8KP6ZpJhR2t0ltZrT-xvow==

GET
H2 200 root_js_lang_1.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 103 KB
33 KB 109ms
108ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_js_lang_1.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7de9e50846ac517dff317c49b3eda4d791a9d84e9c89478dfd4e392ec69ee286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: _MlgyXQZakbxsUv3nP1XsSoeEqOUoSc2
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 32856
last-modified: Wed, 12 Apr 2023 11:16:53 GMT
server: AmazonS3
etag: "e309487d99bdedfebd2ff7b58a8c322b"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bW4tEJXZ7sZHDb1POOoios0EMSwGGH5HX-Hy1Lkdzir72hXP0Finzg==

GET
H2 200 root_framework.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 435 KB
100 KB 110ms
108ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_framework.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc983ac55ea31e89a0146e9d8effc5edf02a3b9151bd063a12be0c21381c27b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: ZNAholF3rUPoYKiIf2sQ_bHleO8kkTlB
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 101767
last-modified: Wed, 12 Apr 2023 11:16:55 GMT
server: AmazonS3
etag: "9145e00ded138fb63bf3bf6eb04d1038"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: J5RfzeH6DD6e4glu81ZI72D47_YkxT8thc5WAPs3gvlEc1ZdB5eajQ==

GET
H2 200 global_global_core.js.gz Show response
content.invisioncic.com/Mmalware/javascript_core/ 37 KB
9 KB 110ms
108ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_core/global_global_core.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20235537da974859e3c01f9d661660bedf4c5ee48088837d94937fda5912d6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: QlL2yDEWRiB.LlisNX2nX1qbZeLEfrUW
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 8993
last-modified: Wed, 12 Apr 2023 11:16:55 GMT
server: AmazonS3
etag: "b4fc6a0635196747115e4b22559bc0c8"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: woy_jUnD4J7IfrOo92fH4dsbZXD5HC6d0wU7BoRH-2IKmJQyrs0dYg==

GET
H2 200 root_front.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 103 KB
23 KB 111ms
110ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_front.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b1dd32c5490d6e3c102e125aa5396d6bbc7feb1386728018f7921bdc446a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: ILf7mVbdu0bsUdWwVuyMescVdVdgGWV2
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 23245
last-modified: Wed, 12 Apr 2023 11:16:53 GMT
server: AmazonS3
etag: "1a297a7255f449d48c0d999c40ada91e"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pd41jl-pBKCXA4_oFmvKAWH-qwBr98wKMeqp_b-VmTfHpJjulf0qxg==

GET
H2 200 front_front_core.js.gz Show response
content.invisioncic.com/Mmalware/javascript_core/ 37 KB
9 KB 117ms
115ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_core/front_front_core.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8630c0923da6afe8a75f877d5ea5987e9ad623d0d3c28a7473ea8a4c41aecefa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: EqaXdALxYYcox9LgXJPJ6sGi9oyNkItH
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 8846
last-modified: Wed, 12 Apr 2023 11:16:56 GMT
server: AmazonS3
etag: "c13112a45e2802ab44156979dd5a8e38"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0a5wklbti3luRkoTgzG9TntKx4-mFlaKzR0wHTni5PZFkWa5MVZoRA==

GET
H2 200 front_front_forum.js.gz Show response
content.invisioncic.com/Mmalware/javascript_forums/ 7 KB
2 KB 110ms
109ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_forums/front_front_forum.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38c93a1675e592e7ff8709d4932e7c235a6f809996431e2685443d763e06d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:26:44 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: QO5N3ItCXyxjyAiRK1SmC1P_I1vQmLh0
x-amz-cf-pop: FRA60-P4
age: 32215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2027
last-modified: Wed, 12 Apr 2023 11:16:56 GMT
server: AmazonS3
etag: "96eaeb057ae4adc1f02df8e70bc122d2"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rSQzlu5zUunsV0lY1irOWexjuwl_8APVVsf0_UjkImqOTmhZ-NrfrA==

GET
H2 200 front_app.js.gz Show response
content.invisioncic.com/Mmalware/javascript_cloud/ 5 KB
2 KB 116ms
114ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_cloud/front_app.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f124fa95609f20c04ba5f434a7360e4813b14641fb33b099f67b149d0f7bb3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: iEqzemm47CA9oUWAG0TWGIOx62iDG2NU
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1753
last-modified: Wed, 12 Apr 2023 11:16:55 GMT
server: AmazonS3
etag: "65d74ba8a67c0fb400cd17966373d7bb"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _3dwfoqVCMw9Hcacd1k7COA43z7L3b1qX_iY6UpXjyOw_A2jKryW_w==

GET
H2 200 front_front_realtime.js.gz Show response
content.invisioncic.com/Mmalware/javascript_cloud/ 13 KB
4 KB 114ms
112ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_cloud/front_front_realtime.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b99b45bf156d9402a42d4ceaa87ad266bce8cc2cbdb3a3bba8fa8b53da11460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: hX5Z._R1c9xg1D6mdwm2vLZ6RMWkdcBq
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3405
last-modified: Wed, 12 Apr 2023 11:16:55 GMT
server: AmazonS3
etag: "d8f803354d80bc3489be9bf5c348b26f"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NVZ4_vysda5xrOn8l0UyoYMqrARLuijIRxFdEM0hYr-A3k3iFaB8zA==

GET
H2 200 root_map.js.gz Show response
content.invisioncic.com/Mmalware/javascript_global/ 2 KB
853 B 112ms
110ms Script
text/javascript 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.invisioncic.com/Mmalware/javascript_global/root_map.js.gz?v=d815db93211681712603
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 019b5508e05ebbd6c5b9c5565bdf0af312af2f2b59d9069ea427b4bc0c892ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:25:02 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-version-id: PRNcM7yYe32INR7ufoN1G_NMipUl.1w0
x-amz-cf-pop: FRA60-P4
age: 32317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 365
last-modified: Mon, 17 Apr 2023 06:23:24 GMT
server: AmazonS3
etag: "b2eff119bcbb0bc6a636b84bb3ee900c"
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HBQXePaZGBcZZIcG1Vd8xA1fyo7SikjwHyXrEwR1v-8rOPGotYeDSA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 343 KB
105 KB 84ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5cebe4431087d5b676223929b30e0a096485487fa1d93e4622de941f1632c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106961
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Apr 2023 15:23:38 GMT

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f83bf4a19892f304aa6d2b0da65ba8ff813d6110929bd67e80eadf86f3a1156

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdde63bc260d0ada7601c950a899193ce8ee989de9b7e36c44157484ea534e82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b587f0c6319e33903301d839b05c7f3e3426fad71a15ffc50b0757d8cc0f7ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca5f9b08b76f00ab3632a51ed6f2a6aa3aa427aec6db8fbb4ce952a0b3e8c1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c0ff21e4ee41b3ee32a815456b83d13afe655f079221643294e4de381e2de9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acd5ff4a218c579247501adbe60bc96d157a1906a92c035160a90438887d5630

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 809f117d47f047ac89da5dcad3fdd756783fa93653ba8ea19e9f2df539ef0c95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd6a0ee4e3f9800b36c861e0e0aa42c66edd087b1e3b798f466b4cce91fed2be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd37e715dd3c8674ce5a243ca78b54a1a0c0419b3b7b1133fb789c0faca913d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1976e6b6b718550dd25d75df398799eeddfc224b04fa7a0080137c35ab697c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ca00d6f6b966a5f395a46400c43e0894aee2737a5eb847e1425cae4bd24cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59261bb3a172c9c93e7e3d023796952afc886f23302bd859d164fb77b2bcaccb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5171a80e9331d4c8b6ec7170a9f659ebbdd0e6f91dcfef8c4591f824d66f5c64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1aeeef5664eb4444991c5500b77269837885343d142b051ce5b611734d14da6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6b4ec7cd5d5aa517b976252e99355dba55295d0faba04121e9009b75e24ed8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 865bcf5111d47e6cded1b5549257f4ff16c9dea5567a92b06677168298cb083d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e5a2722e28ff4ec06d44261bab151efdd2dadfdc76e802d278d11325f590b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f4751ebeeb5bd8861b9474e6dfe926c5df5c9938455906c1cf3a9c9245debd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 066243b2d26a3ecac6f76049658b4258257991b0be86be05be8103f140750575

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4535ed9052f704376bdeb8e51316fdfc6eff920bc860eb09aa0839375ebafad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 283 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11a7acb711c1b56dc7d01ea7e49bb8f22e68c1dcaa984598d06c62cc06b9ce2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d0e70b4cbb9ab8afb1bc1065a3f8487a_subitem_stem.png
content.invisioncic.com/Mmalware/set_resources_28/ 102 B
553 B 81ms
80ms Image
image/png 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/set_resources_28/d0e70b4cbb9ab8afb1bc1065a3f8487a_subitem_stem.png
Requested by: Host: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211681298208
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ee1c3288716972defe598729ab8f3f9131964ae925025ce82633ec9887c413d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.invisioncic.com/Mmalware/css_built_28/341e4a57816af3ba440d891ca87450ff_framework.css.gz?v=d815db93211681298208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 16:32:05 GMT
x-amz-version-id: BpgO3FWi7W_mm1N2W.ZfU4tZi1M20V0f
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 12005494
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 102
last-modified: Mon, 14 Nov 2022 22:49:40 GMT
server: AmazonS3
etag: "e28e9e36d826ba6037b42e0608862211"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DXn2GSoEXplrWwB6jg3l-j3CmBAXWW--0TQOjznxJfXDKLHBfSU7fw==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 86ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forums.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 14:05:50 GMT
x-content-type-options: nosniff
age: 4668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Apr 2024 14:05:50 GMT

GET 1508184003_ArmyGuy.thumb.gif.96efce7998087a951590fb0a68989db6.gif
content.invisioncic.com/Mmalware/monthly_2020_11/ 0
0

GET
H3 200 photo-thumb-2622.gif
content.invisioncic.com/Mmalware/profile/ 1 KB
0 158ms
155ms Image
image/gif 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/profile/photo-thumb-2622.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 19:36:25 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 7415234
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3109
last-modified: Tue, 29 May 2018 13:15:11 GMT
server: AmazonS3
etag: "5cf524de7e55454c4c10301918d274c3"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fPiLqD21NCxVUbDnQT_ZedeX9j5r0QEpsGT0WR0Zr_4X21Q-UzCROQ==

GET Revivaltech-Solutions-Logo-Mark-Full-Color-RGB-250px@72ppi.thumb.png.661f2c2f3c8351e8f661c4f13271cc64.png
content.invisioncic.com/Mmalware/monthly_2022_03/ 0
0

GET
H3 200 MB_ICON_TRANS_BKGD(L).thumb.png.038508c2c373a62bb14a6b64d8029356.png
content.invisioncic.com/Mmalware/monthly_2017_12/ 1 KB
0 163ms
161ms Image
image/png 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2017_12/MB_ICON_TRANS_BKGD(L).thumb.png.038508c2c373a62bb14a6b64d8029356.png
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 00:56:11 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 11716048
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 10027
last-modified: Tue, 29 May 2018 22:06:24 GMT
server: AmazonS3
etag: "1ebc22119198c100e66efe343fdfda4a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QTF92OxVbRqG4m2oiI9yDy58SkdWsj8eTiNYPQBgWU8Ib6SUZdtl-Q==

GET
H3 200 img667950018.jpeg.f555eecd941b66dfb3a2b8194ae8b736.thumb.jpeg.5dda69eb4aff988410b3d12d151be20f.jpeg
content.invisioncic.com/Mmalware/monthly_2016_03/ 1 KB
0 26ms
24ms Image
image/jpeg 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2016_03/img667950018.jpeg.f555eecd941b66dfb3a2b8194ae8b736.thumb.jpeg.5dda69eb4aff988410b3d12d151be20f.jpeg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 15:36:19 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 11663241
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2156
last-modified: Tue, 29 May 2018 13:13:14 GMT
server: AmazonS3
etag: "3a4de91c9b5474b0eb6f1ccb4ed4ff1c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 71BYsqohjoi4PWkYLUGFWlFl8v35JfhhHzRjt3I3uAVD5nzETqwB4g==

GET ua-barms.thumb.gif.5ae42cc8bdb653f77c8f955df566e204.gif
content.invisioncic.com/Mmalware/monthly_2023_02/ 0
0

GET 1328606520_whitehatmac512.thumb.png.82aeca8c528844fd22644ecf84737b2d.png
content.invisioncic.com/Mmalware/monthly_2019_10/ 0
0

GET
H3 200 photo-thumb-14535.thumb.png.a00aa97c5f197ec106a5b002f2910434.png
content.invisioncic.com/Mmalware/monthly_2020_09/ 1 KB
0 233ms
230ms Image
image/png 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_09/photo-thumb-14535.thumb.png.a00aa97c5f197ec106a5b002f2910434.png
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:09:41 GMT
x-amz-version-id: j6ia_eHAQBELq9a8XQx3JHK4m1BlqSii
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 11477639
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 11022
last-modified: Tue, 15 Sep 2020 10:17:44 GMT
server: AmazonS3
etag: "2a5c3f5077d1673b20fbe2a1e97aea5d"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -R40tz76Qg8phv_vmZvCH2Tvkz0OwEWB5mCs2mmgtuY60CG6GVCJCQ==

GET MadMacs.thumb.png.a37ef7ef8154f31556f77aec923129fe.png
content.invisioncic.com/Mmalware/monthly_2018_11/ 0
0

GET
H3 200 what_kirk.thumb.gif.70b2b23aa23a2941e8842dad5086b144.gif
content.invisioncic.com/Mmalware/monthly_2020_11/ 1 KB
0 158ms
155ms Image
image/gif 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2020_11/what_kirk.thumb.gif.70b2b23aa23a2941e8842dad5086b144.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 05:26:32 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 11095028
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 1293557
last-modified: Wed, 25 Nov 2020 03:58:09 GMT
server: AmazonS3
etag: "e5dacb932304aa23c6430e1c1e695834"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dWl2PS26bKPHjHt_r765TTB2-kwMSYVfUoMR78GGEPCLQCPjUV6fjg==

GET 1.thumb.png.095f9468952e1039a0ed1d432c5e81da.png
content.invisioncic.com/Mmalware/monthly_2017_12/ 0
0

GET 2021-06-25_13h42_15.thumb.png.1335d6a99dcf0633d1032d96ce48bdfc.png
content.invisioncic.com/Mmalware/monthly_2021_06/ 0
0

GET headsmash.thumb.gif.ed1d21d21d022e84028c40f6c15f337c.gif
content.invisioncic.com/Mmalware/monthly_2020_09/ 0
0

GET
H3 200 17553968_10154550599667055_2818850751442369414_n.thumb.jpg.f89e5d73fd34a20327a34d773f00c0cc.jpg
content.invisioncic.com/Mmalware/monthly_2017_08/ 1 KB
0 181ms
178ms Image
image/jpeg 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2017_08/17553968_10154550599667055_2818850751442369414_n.thumb.jpg.f89e5d73fd34a20327a34d773f00c0cc.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 12:10:59 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 12193961
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 8158
last-modified: Tue, 29 May 2018 23:03:09 GMT
server: AmazonS3
etag: "e5b97178b85035c407a64730bc0fdd3d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cGHH8KkgnWNhuKfPCr1KIfwX3-4A5XfRY6o3sgx2x9tFalEYfMveSg==

GET photo-thumb-141357.jpg
content.invisioncic.com/Mmalware/profile/ 0
0

GET
H3 200 Ukraine_Flag.thumb.jpg.d091566dc884a8a36c724829ade129f1.jpg
content.invisioncic.com/Mmalware/monthly_2022_03/ 459 B
782 B 156ms
156ms Image
image/jpeg 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2022_03/Ukraine_Flag.thumb.jpg.d091566dc884a8a36c724829ade129f1.jpg
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4ed3b52e9195afb8f4e5a02f95c16f9ee6d5f796093aab6ed7de1f29ccaf78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 00:16:11 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 10940849
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 459
last-modified: Thu, 03 Mar 2022 19:56:27 GMT
server: AmazonS3
etag: "51275234add347521e6a08a43b65513d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: c1YMB7yAxVJEgLQBdNKyfiWbeyoP31wMQo_Mpdzeh2HiewNY-sTojg==

GET
H3 200 1428927992_BigTick.thumb.JPG.6ba86ab8d8e31d5877774644c31d3183.JPG
content.invisioncic.com/Mmalware/monthly_2019_11/ 322 B
0 157ms
156ms Image
image/jpeg 2600:9000:225e:3200:1e:ebe7:1480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.invisioncic.com/Mmalware/monthly_2019_11/1428927992_BigTick.thumb.JPG.6ba86ab8d8e31d5877774644c31d3183.JPG
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:225e:3200:1e:ebe7:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 21:24:41 GMT
x-amz-version-id: null
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
age: 9136739
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3221
last-modified: Mon, 18 Nov 2019 06:24:50 GMT
server: AmazonS3
etag: "42d031278d26b05251b658d66b710ed1"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mLH8mB-_r4_5UXmaa58hStmNlXUr0CVyt2q-0zfqIDMzuJzvxRwoRg==

GET Untitled.thumb.png.0a09e7b9a49742b3400e5c67f53da42d.png
content.invisioncic.com/Mmalware/monthly_2022_07/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
84 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf2dedc5d4c3ff54fe5749898eaed552e6159f8a25226505cb9d0c4fa0f1e67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Apr 2023 15:23:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 77ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Apr 2023 15:23:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ll3eMagt4hES8xfeRf1/RQ5LUIiFxWmtB9LZ4DCuCs303OfAfUBAbTmP+GSFiPdghVw70d50EctLRIJcAnHsFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Apr 2023 14:35:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2877
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 17 Apr 2023 16:35:42 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 82ms
21ms Script
application/x-javascript 23.38.53.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.53.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-53-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 15:23:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2023 02:09:07 GMT
Server: AkamaiNetStorage
ETag: "fefdb331ffca929fc0e661337b64ed4f:1678241347.158405"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 81ms
21ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220030-HHN

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 84ms
29ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8942604
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GNXCPCCE0SKBKJBTWWH23SQ3-fra
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b95aba329f02c77-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 51ms
49ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ad318a0d705390fc018ea8f6a73f859eb8866f9654dcae106dfc2b9a7f0ccff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51504
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Apr 2023 15:23:39 GMT

GET tag.js
www.estore.malwarebytes.com/proxydirectory/tags/445691266569/ 0
0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 112ms
33ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=64044
accept-ranges: bytes
content-length: 4777

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 99ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Apr 2023 15:23:38 GMT
last-modified: Thu, 13 Apr 2023 18:46:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B717839F202749EA99B6AB6F95169A04 Ref B: FRA31EDGE0507 Ref C: 2023-04-17T15:23:39Z
etag: "8013f653386ed91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12030

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 69 KB
19 KB 78ms
23ms Script
application/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-65.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

beda0693dd166d8ff47954bc08951e99f5e5028f5d64f11dbe7b70a192648daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: VzT4VWNPtW2jSFdw6cuHU4QRN8C29Rae
content-encoding: gzip
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
date: Mon, 17 Apr 2023 15:18:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:52:05 GMT
server: AmazonS3
etag: W/"db79dc7b35a2fd3e1e433a965d6306c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: 9Az_syZKsKvGGkAO67mw2414spLHTtmMxOQU_61vOImfAWs8rE6obA==

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 133ms
29ms Script
application/javascript 2600:9000:222b:2600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:222b:2600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:09:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
age: 835
x-powered-by: ASP.NET
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"178b70bdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: e3VAA4_-OnhhOhdZzMBlZfLDPAVNI6FT2p6vsJqptcs93o6MXKYTKQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 143ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je34c0&_p=1222917189&_gaz=1&cid=1634134641.1681745020&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&sid=1681745019&sct=1&seg=0&dt=Malwarebytes%20Forums&en=page_view&_fv=1&_nsi=1&_ss=2&ep.content_group=Homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 142ms
34ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=1634134641.1681745020&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 171ms
65ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=1634134641.1681745020&gtm=45je34c0&aip=1&z=1076256979

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 22ms
21ms Script
application/x-javascript 23.38.53.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.53.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-53-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 15:23:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Wed, 26 Jul 2023 15:23:39 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Apr 2023 15:23:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LiedUCxdV2jgwrqVvv1I/AK7uzqyQLJq2N4RACI8Es4WU+LFr47qruanhUFoT668WKGsY8Rf06dmFIwfVqYCvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 409ms
408ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

792204a8727e57b78ab9edee675365f1b226589afcb90407fd469e462b56aa37

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Apr 2023 15:23:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RApKlBzzDHdquuBg+LcxuoRPoAQSyCrPxKRkwDSp1BYlZx27y+pYivgYa3R8vLFviT5mTZLWNR2f9xkACO2PxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 210ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=feeba760-20b4-4b62-9d22-f9c82ef38d44&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e14aa04b-8349-4f1b-b605-931bac7abb4f&tw_document_href=https%3A%2F%2Fforums.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 17 Apr 2023 15:23:39 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 885939e84b982e7e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d17cee15ad7608e15057451838075d0d8187327ad2739f3dbf70ec59816feb89
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 212ms
134ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=feeba760-20b4-4b62-9d22-f9c82ef38d44&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e14aa04b-8349-4f1b-b605-931bac7abb4f&tw_document_href=https%3A%2F%2Fforums.malwarebytes.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 17 Apr 2023 15:23:39 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 63c4e0c379663bad
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 0725ea0d1cc0a55e33a3602eb9a256046328d7bbc1359bad093b860284e08b62
content-length: 43

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 17 Apr 2023 16:17:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
2 KB 116ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1681745019668&cv=11&fst=1681745019668&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforums.malwarebytes.com%2F&hn=www.googleadservices.com&frm=0&tiba=Malwarebytes%20Forums&auid=2008864149.1681745020&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19bc61bdf17737743890cf5d3ab8daecd3617e3d3c97cb6dd25239a7067d0c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2594100/domain/forums.malwarebytes.com/ 36 B
374 B 175ms
21ms XHR
application/json 2600:9000:20eb:7e00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/forums.malwarebytes.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7e00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://forums.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:19:10 GMT
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 269
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: MEkonT7DD-ilxO6z-n2q0H5_CxVTo-2t2o4DHnF2CvsFc6tFOTcf9w==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1681745019689%26url%3Dhttps%253A%252F%252Fforums.malwarebytes.co...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true&e_ipv6=AQKoxENB0Onf5AAAAYeP0IStiU7DNnxfLPzSu7UtCPp2yIHdBP87wB...

0
265 B

189ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true&e_ipv6=AQKoxENB0Onf5AAAAYeP0IStiU7DNnxfLPzSu7UtCPp2yIHdBP87wB1O9b_irjbZvUmMfTkEqyU1mb_yUZQUUuhC-TRuGQ
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 76159108843F4FD4A8949458D359B892 Ref B: DUS30EDGE0412 Ref C: 2023-04-17T15:23:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5icaJB/Gdc9aw7bw9sQ==

Redirect headers

date: Mon, 17 Apr 2023 15:23:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FAB613A292C94F8EAAE1C0271127E3D5 Ref B: DUS30EDGE0406 Ref C: 2023-04-17T15:23:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1681745019689&url=https%3A%2F%2Fforums.malwarebytes.com%2F&liSync=true&e_ipv6=AQKoxENB0Onf5AAAAYeP0IStiU7DNnxfLPzSu7UtCPp2yIHdBP87wB1O9b_irjbZvUmMfTkEqyU1mb_yUZQUUuhC-TRuGQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5icaGIrE3NgG24vcVWQ==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 76ms
27ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 4072696.js Show response
bat.bing.com/p/action/ 0
137 B 127ms
127ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 17 Apr 2023 15:23:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE2825FCB2334FE88ECE769B2C93F2FA Ref B: FRA31EDGE0507 Ref C: 2023-04-17T15:23:39Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=a11d30f0-a9ba-4de5-945d-03d8dd9ad9b4&sid=d48ab1e0dd3311ed806733107d98aeed&vid=d48af230dd3311ed8ce6d7c79850fb36&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20Forums&p=https%3A%2F%2Fforums.malwarebytes.com%2F&r=&lt=1197&evt=pageLoad&sv=1&rn=845602

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:23:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F92C634F42324F68BDCE9D52A254C3BF Ref B: FRA31EDGE0507 Ref C: 2023-04-17T15:23:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
2 KB 133ms
72ms XHR
application/json 18.66.97.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fforums.malwarebytes.com%2F&page_title=Malwarebytes%20Forums
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-46.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2ae84de2d15efe21bb5b5ce1ba9ea11a34555730e652a0921c4eae5a5aa4cb4f

Request headers

Referer: https://forums.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Apr 2023 15:23:39 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: e484c151-2a2b-45a5-a7a7-5c84e0e18850
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://forums.malwarebytes.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oKs0DsmSAWxaW8q5bqg2diT2pP9UZG8_bX9ktZR5_tjq7ztNhWPtIA==
expires: Sun, 16 Apr 2023 15:23:39 GMT

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 621ms
107ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1681745019738&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1681745019738-18783&_mchHo=forums.malwarebytes.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 15:23:40 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 128fb5be-b236-413f-89c8-d6084ca4a839

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1222917189&t=pageview&_s=1&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAAAAIg~&cid=1634134641.1681745020&uid=0F5E5B75-2B94-43D3-9C7F-7138B58E7589&tid=UA-3347303-10&_gid=2054650360.1681745020&gtm=45He34c0n71MKSKW3&z=1413681862

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 20:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67119
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
455 B 119ms
41ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1681745019668&cv=11&fst=1681743600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforums.malwarebytes.com%2F&frm=0&tiba=Malwarebytes%20Forums&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=399847601&rmt_tld=0&ipr=y

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
154 B 39ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1681745019668&cv=11&fst=1681743600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforums.malwarebytes.com%2F&frm=0&tiba=Malwarebytes%20Forums&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=399847601&rmt_tld=1&ipr=y

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1222917189&t=event&ni=1&_s=2&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ul=en-us&de=UTF-8&dt=Malwarebytes%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAgEAjAAAAAAAAIg~&cid=1634134641.1681745020&uid=0F5E5B75-2B94-43D3-9C7F-7138B58E7589&tid=UA-3347303-10&_gid=2054650360.1681745020&gtm=45He34c0n71MKSKW3&cd2=113105206&cd3=Enterprise%20Business&cd4=Financial%20Services&cd5=Credit%20Suisse%20Realwerte%202%20Verwaltung%20GmbH&cd6=Credit%20Suisse%20Realwerte%202%20Verw.&cd7=Financial%20Services&cd8=Banking%20%26%20Finance&cd9=Over%20%245B&cd10=Enterprise&cd11=Frankfurt&cd12=HE&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=credit-suisse.com&cd24=51680&z=1564516936

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 20:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67119
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET front_front_widgets.js.gz
content.invisioncic.com/Mmalware/javascript_core/ 0
0

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&rl=&if=false&ts=1681745020081&cd[content_name]=Home&sw=1600&sh=1200&v=2.9.101&r=stable&a=...
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&cd[content_name]=Home&coo=false&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ec=0&ev=ViewContent&fbp=fb.1.1681745020080.2091094334&id=1480959392...

0
31 B

21ms
21ms

Image
text/plain

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&cd[content_name]=Home&coo=false&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ec=0&ev=ViewContent&fbp=fb.1.1681745020080.2091094334&id=1480959392203028&if=false&it=1681745019615&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1681745020081&v=2.9.101

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 15:23:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?a=tmSimo-GTM-WebTemplate&cd[content_name]=Home&coo=false&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&ec=0&ev=ViewContent&fbp=fb.1.1681745020080.2091094334&id=1480959392203028&if=false&it=1681745019615&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1681745020081&v=2.9.101
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
58 B 66ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&rl=&if=false&ts=1681745020083&sw=1600&sh=1200&v=2.9.101&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.1.1681745020080.2091094334&it=1681745019615&coo=false&tm=1&rqm=GET

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Apr 2023 15:23:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3B36 0
18 B 20ms
20ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: forums.malwarebytes.com
URL: https://forums.malwarebytes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://forums.malwarebytes.com
Referer: https://forums.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://forums.malwarebytes.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 15:23:40 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je34c0&_p=1222917189&cid=1634134641.1681745020&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fforums.malwarebytes.com%2F&sid=1681745019&sct=1&seg=0&dt=Malwarebytes%20Forums&en=demandbase_event&ep.content_group=Homepage&epn.demandbase_sid=113105206&ep.demandbase_company_name=Credit%20Suisse%20Realwerte%202%20Verwaltung%20GmbH&ep.demandbase_industry=Financial%20Services&ep.demandbase_sub_industry=Banking%20%26%20Finance&ep.demandbase_employee_range=Enterprise&ep.demandbase_revenue_range=Over%20%245B&ep.demandbase_audience=Enterprise%20Business&ep.demandbase_audience_segment=Financial%20Services&ep.demandbase_website=credit-suisse.com&ep.demandbase_city=Frankfurt&ep.demandbase_state=&ep.demandbase_country_name=Germany&ep.demandbase_marketing_alias=Credit%20Suisse%20Realwerte%202%20Verw.&epn.demandbase_employee_count=51680&_et=292
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forums.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 15:23:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forums.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2020_11/1508184003_ArmyGuy.thumb.gif.96efce7998087a951590fb0a68989db6.gif

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2022_03/Revivaltech-Solutions-Logo-Mark-Full-Color-RGB-250px@72ppi.thumb.png.661f2c2f3c8351e8f661c4f13271cc64.png

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2023_02/ua-barms.thumb.gif.5ae42cc8bdb653f77c8f955df566e204.gif

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2019_10/1328606520_whitehatmac512.thumb.png.82aeca8c528844fd22644ecf84737b2d.png

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2018_11/MadMacs.thumb.png.a37ef7ef8154f31556f77aec923129fe.png

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2017_12/1.thumb.png.095f9468952e1039a0ed1d432c5e81da.png

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2021_06/2021-06-25_13h42_15.thumb.png.1335d6a99dcf0633d1032d96ce48bdfc.png

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2020_09/headsmash.thumb.gif.ed1d21d21d022e84028c40f6c15f337c.gif

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/profile/photo-thumb-141357.jpg

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/monthly_2022_07/Untitled.thumb.png.0a09e7b9a49742b3400e5c67f53da42d.png

Domain: www.estore.malwarebytes.com
URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js

Domain: content.invisioncic.com
URL: https://content.invisioncic.com/Mmalware/javascript_core/front_front_widgets.js.gz?v=d815db93211681712603&csrfKey=&antiCache=d815db93211681712603

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forums.malwarebytes.com/	1970-01-20 11:13:01	Name: AWSALB Value: JdsIQU/IGr0CxwiZStYLH9o1IpoKP+ZUvpeOCYOYP1HkBwxDVUbNYCNn5n5HOh6j2zk6a2+Kvy6xkQ+g+CwjTafRXx9PThJUhHlZm1wUaCyOMHxK+fgEoRVJ8HlH
.malwarebytes.com/	1970-01-20 19:54:41	Name: gaUserID Value: 0F5E5B75-2B94-43D3-9C7F-7138B58E7589
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1681745019
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_timezone Value: 0
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ips4_ipsTimezone Value: Etc/Unknown
forums.malwarebytes.com/	1970-01-20 11:10:31	Name: ips4_hasJS Value: true
.malwarebytes.com/	1970-01-20 20:45:05	Name: _ga Value: GA1.2.1634134641.1681745020
.malwarebytes.com/	1970-01-20 11:10:31	Name: _gid Value: GA1.2.2054650360.1681745020
.malwarebytes.com/	1970-01-20 13:18:41	Name: _gcl_au Value: 1.1.2008864149.1681745020
.malwarebytes.com/	1970-01-20 11:10:31	Name: _uetsid Value: d48ab1e0dd3311ed806733107d98aeed
.malwarebytes.com/	1970-01-20 20:30:41	Name: _uetvid Value: d48af230dd3311ed8ce6d7c79850fb36
.malwarebytes.com/	1970-01-20 20:45:05	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1681745019738-18783
.bing.com/	1970-01-20 20:30:41	Name: MUID Value: 3925F4058F906C8A36ACE6F38E1B6D13
.doubleclick.net/	1970-01-20 11:09:05	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 20:45:05	Name: muc_ads Value: 3bc167bb-f45f-4080-a9cc-7af64e302b9b
.twitter.com/	1970-01-20 20:45:05	Name: personalization_id Value: "v1_GuqVQz3fvlzWy3AUffNr8A=="
forums.malwarebytes.com/	1970-01-20 11:10:31	Name: ln_or Value: eyIyNTk0MTAwIjoiZCJ9
.linkedin.com/	1970-01-20 11:52:17	Name: UserMatchHistory Value: AQKHSfEbCal_5wAAAYeP0IOmNBW0eynPjq0epUbJc7xwbDaOmh4Q09Z2hty7H5vXekTbmbtdNlgtJw
.linkedin.com/	1970-01-20 11:52:17	Name: AnalyticsSyncHistory Value: AQILnVrrZevrlAAAAYeP0IOmAIUBbrsAWxBEPIoaSPk4O24r8X-QBVa6FS0c6-yoka6p8VZggveM4kheM1PNGQ
.linkedin.com/	1970-01-20 19:54:41	Name: bcookie Value: "v=2&d9c6f400-dcd3-47a2-8b52-845345906150"
.linkedin.com/	1970-01-20 11:10:31	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2896:u=1:x=1:i=1681745019:t=1681831419:v=2:sig=AQHtFAJPb7ccUJ06tEqg6xOM9xqwy-R8"
.malwarebytes.com/	1970-01-20 20:45:05	Name: _ga_K8KCHE3KSC Value: GS1.1.1681745019.1.0.1681745019.60.0.0
.www.linkedin.com/	1970-01-20 19:54:41	Name: bscookie Value: "v=1&2023041715233997afbc31-26d5-4269-88b4-b5fabc8b67f4AQHU0ngWNJXdd5ClKrkpwkM-EaFdXEMS"
.linkedin.com/	1970-01-20 15:28:17	Name: li_gc Value: MTswOzE2ODE3NDUwMTk7MjswMjG96+HcW/VynuyI7e9VO91q7LfI9iNYAqsJXoYSZ27f/Q==
.malwarebytes.com/	1970-01-20 13:18:41	Name: _fbp Value: fb.1.1681745020080.2091094334
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_checkjs Value: bc0b18651aac7d5b4f9ef193dcd9d5d3
forums.malwarebytes.com/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
analytics.twitter.com
api.company-target.com
bat.bing.com
cdn.linkedin.oribi.io
connect.facebook.net
content.invisioncic.com
fonts.googleapis.com
fonts.gstatic.com
forums.malwarebytes.com
googleads.g.doubleclick.net
id.rlcdn.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
scripts.demandbase.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
unpkg.com
www.estore.malwarebytes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
content.invisioncic.com
www.estore.malwarebytes.com
104.244.42.3
104.244.42.5
13.107.42.14
13.225.78.42
13.32.27.65
146.75.120.157
18.66.97.46
192.28.144.124
2001:4860:4802:32::36
23.38.53.173
2600:9000:20eb:7e00:2:53b2:240:93a1
2600:9000:222b:2600:16:26c7:ff80:93a1
2600:9000:225e:3200:1e:ebe7:1480:93a1
2606:4700::6810:7aaf
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:148d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.244.174.68
019b5508e05ebbd6c5b9c5565bdf0af312af2f2b59d9069ea427b4bc0c892ef8
066243b2d26a3ecac6f76049658b4258257991b0be86be05be8103f140750575
0ad318a0d705390fc018ea8f6a73f859eb8866f9654dcae106dfc2b9a7f0ccff
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
0f83bf4a19892f304aa6d2b0da65ba8ff813d6110929bd67e80eadf86f3a1156
1099b3d49cec3d8e97ac307dd1db309dc9af5aa69c134db3cfd7d90eafb8df9c
11a7acb711c1b56dc7d01ea7e49bb8f22e68c1dcaa984598d06c62cc06b9ce2b
1976e6b6b718550dd25d75df398799eeddfc224b04fa7a0080137c35ab697c1a
19bc61bdf17737743890cf5d3ab8daecd3617e3d3c97cb6dd25239a7067d0c66
1ed74434fbba747bd03602d4759a4cad81ae35216b619e4e7cd4c7eedb80b373
20235537da974859e3c01f9d661660bedf4c5ee48088837d94937fda5912d6f8
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
2ae84de2d15efe21bb5b5ce1ba9ea11a34555730e652a0921c4eae5a5aa4cb4f
2b99b45bf156d9402a42d4ceaa87ad266bce8cc2cbdb3a3bba8fa8b53da11460
3001a3960df32de0715d410de98ec7a468c546e5c6ddf98b2bcaef28666e32af
38c93a1675e592e7ff8709d4932e7c235a6f809996431e2685443d763e06d6c1
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4e0f39543ae4c15cfe3222f68e358c416dc79cb262c16c8d5b46281a5d850f40
5008d5e9bd10eea3c48217fc3a797895a56aadb808b04dda8381dd35e6544f22
5171a80e9331d4c8b6ec7170a9f659ebbdd0e6f91dcfef8c4591f824d66f5c64
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59261bb3a172c9c93e7e3d023796952afc886f23302bd859d164fb77b2bcaccb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
68339c92e994a046ff7f32abaccc69d70eb51e046937cd6f29b758593acd6751
6f6148c0bea7c7fd4e9e4a85446ebda68a753853f25f22618333c901b0a1e3c8
73c6d9bea582fd9ea44e6f647006f9ef8b4af0c15199ff20bd524186913eb9e2
74de012da903c56e3eaa2ded05202e536f07595751b2d373eb13a60b5e3a2fd0
78ca00d6f6b966a5f395a46400c43e0894aee2737a5eb847e1425cae4bd24cbf
792204a8727e57b78ab9edee675365f1b226589afcb90407fd469e462b56aa37
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7de9e50846ac517dff317c49b3eda4d791a9d84e9c89478dfd4e392ec69ee286
7e5a2722e28ff4ec06d44261bab151efdd2dadfdc76e802d278d11325f590b0a
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7ee1c3288716972defe598729ab8f3f9131964ae925025ce82633ec9887c413d
809f117d47f047ac89da5dcad3fdd756783fa93653ba8ea19e9f2df539ef0c95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8630c0923da6afe8a75f877d5ea5987e9ad623d0d3c28a7473ea8a4c41aecefa
865bcf5111d47e6cded1b5549257f4ff16c9dea5567a92b06677168298cb083d
8c0ff21e4ee41b3ee32a815456b83d13afe655f079221643294e4de381e2de9d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97ad62f275848ac8b0069a4c091db5d1061f0968794f31bce174a683b29bf04f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd5ff4a218c579247501adbe60bc96d157a1906a92c035160a90438887d5630
b4535ed9052f704376bdeb8e51316fdfc6eff920bc860eb09aa0839375ebafad
b587f0c6319e33903301d839b05c7f3e3426fad71a15ffc50b0757d8cc0f7ed6
beda0693dd166d8ff47954bc08951e99f5e5028f5d64f11dbe7b70a192648daa
bf2dedc5d4c3ff54fe5749898eaed552e6159f8a25226505cb9d0c4fa0f1e67a
c01696df43b2bb81d626c584dc6a05f153307beb47f745e86a5f59dbea30cf92
c1aeeef5664eb4444991c5500b77269837885343d142b051ce5b611734d14da6
c5cebe4431087d5b676223929b30e0a096485487fa1d93e4622de941f1632c10
ca5f9b08b76f00ab3632a51ed6f2a6aa3aa427aec6db8fbb4ce952a0b3e8c1b9
cd6b4ec7cd5d5aa517b976252e99355dba55295d0faba04121e9009b75e24ed8
cdde63bc260d0ada7601c950a899193ce8ee989de9b7e36c44157484ea534e82
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0f4751ebeeb5bd8861b9474e6dfe926c5df5c9938455906c1cf3a9c9245debd
d4ed3b52e9195afb8f4e5a02f95c16f9ee6d5f796093aab6ed7de1f29ccaf78b
dc983ac55ea31e89a0146e9d8effc5edf02a3b9151bd063a12be0c21381c27b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6
f124fa95609f20c04ba5f434a7360e4813b14641fb33b099f67b149d0f7bb3c3
f31ee3af19ca211e7694451db039e0c26674064890215d0175f39cb20f3346ed
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7b1dd32c5490d6e3c102e125aa5396d6bbc7feb1386728018f7921bdc446a7c
fd37e715dd3c8674ce5a243ca78b54a1a0c0419b3b7b1133fb789c0faca913d5
fd6a0ee4e3f9800b36c861e0e0aa42c66edd087b1e3b798f466b4cce91fed2be

forums.malwarebytes.com Open in urlscan Pro 13.225.78.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

83 %HTTPS

64 %IPv6

24 Domains

30 Subdomains

28 IPs

3 Countries

1036 kBTransfer

3451 kBSize

28 Cookies

66 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forums.malwarebytes.com Open in urlscan Pro
13.225.78.42 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

83 %
HTTPS

64 %
IPv6

24
Domains

30
Subdomains

28
IPs

3
Countries

1036 kB
Transfer

3451 kB
Size

28
Cookies

80 HTTP transactions
21 data transactions