try.malwarebytes.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof...
Submission Tags: falconsandbox
Submission: On July 12 via api (July 12th 2023, 2:29:00 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 45 domains to perform 155 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is try.malwarebytes.com. The Cisco Umbrella rank of the primary domain is 700153.
TLS certificate: Issued by R3 on June 12th 2023. Valid for: 3 months.

This is the only time try.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.14 52.222.174.14	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2600:9000:21f... 2600:9000:21f3:3000:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
6	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:248... 2600:9000:248d:4200:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:218... 2600:9000:218e:2600:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.139.243.113 108.139.243.113	() ()
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
18	52.222.250.38 52.222.250.38	16509 (AMAZON-02) (AMAZON-02)
1	34.198.74.222 34.198.74.222	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.52.73 18.164.52.73	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	18.153.4.44 18.153.4.44	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.17.47 108.138.17.47	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
7	13.32.145.119 13.32.145.119	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	13.225.34.74 13.225.34.74	16509 (AMAZON-02) (AMAZON-02)
1	3.127.196.46 3.127.196.46	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:2113:200:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4216:806d:dd25:b159:13be	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:5200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
155	55

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

try.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-14.cdg50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:3000:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:248d:4200:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:218e:2600:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.113 (United States)

ASN- ()
PTR: server-108-139-243-113.mxp63.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.74.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-74-222.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-73.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.153.4.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-47.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.145.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-119.cdg50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-74.cdg3.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.196.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2113:200:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:806d:dd25:b159:13be (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net	608 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com	696 KB
12	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556	98 KB
10	malwarebytes.com try.malwarebytes.com — Cisco Umbrella Rank: 700153 go.malwarebytes.com — Cisco Umbrella Rank: 545740 www.malwarebytes.com — Cisco Umbrella Rank: 87803 www.estore.malwarebytes.com Failed	174 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	969 KB
7	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 24718	97 KB
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 static.doubleclick.net — Cisco Umbrella Rank: 348	5 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4532	120 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	6 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 289	31 KB
4	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 13577	55 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4752	689 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	355 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4924 scripts.demandbase.com — Cisco Umbrella Rank: 10101 tag-logger.demandbase.com — Cisco Umbrella Rank: 4700	44 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8631	26 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	751 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	216 B
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1995 api.company-target.com — Cisco Umbrella Rank: 3913	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3991	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	155 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081	73 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 13186	2 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 20443	37 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 236	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 126	22 KB
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 335161	318 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1248	392 B
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 13962	1 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 717	98 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 14277	205 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 732	396 B
1	t.co t.co — Cisco Umbrella Rank: 511	378 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1562	637 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1037	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10173	8 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1396	8 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 28135	282 B
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 15575	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	31 KB
155	45

	Domain	Requested by
18	d9hhrg4mnvzow.cloudfront.net	try.malwarebytes.com
11	www.gstatic.com	www.google.com www.gstatic.com www.youtube.com
10	www.google.com	try.malwarebytes.com www.gstatic.com www.youtube.com www.google.com
8	www.youtube.com	try.malwarebytes.com www.youtube.com
7	fonts.gstatic.com	www.youtube.com www.google.com try.malwarebytes.com
7	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	dev.visualwebsiteoptimizer.com	try.malwarebytes.com dev.visualwebsiteoptimizer.com
6	go.malwarebytes.com	try.malwarebytes.com go.malwarebytes.com
4	jnn-pa.googleapis.com	www.youtube.com
4	x.clearbitjs.com	tag.clearbitscripts.com x.clearbitjs.com
4	www.google.de	try.malwarebytes.com
4	www.googletagmanager.com	try.malwarebytes.com www.googletagmanager.com
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com try.malwarebytes.com
3	googleads.g.doubleclick.net	www.googletagmanager.com www.youtube.com
3	www.google-analytics.com	try.malwarebytes.com www.google-analytics.com
3	www.malwarebytes.com	try.malwarebytes.com www.malwarebytes.com www.googletagmanager.com
3	cdn.bizible.com	try.malwarebytes.com cdn.bizible.com
2	cdn.linkedin.oribi.io	cdn.bizible.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	www.facebook.com	try.malwarebytes.com
2	snap.licdn.com	try.malwarebytes.com snap.licdn.com
2	stats.g.doubleclick.net	www.googletagmanager.com cdn.bizible.com
2	region1.analytics.google.com	www.googletagmanager.com
2	munchkin.marketo.net	try.malwarebytes.com munchkin.marketo.net
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	plausible.io	try.malwarebytes.com plausible.io
2	d1wbjksx0xxdn3.cloudfront.net	try.malwarebytes.com d1wbjksx0xxdn3.cloudfront.net
2	builder-assets.unbounce.com	try.malwarebytes.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	px4.ads.linkedin.com	try.malwarebytes.com
1	www.linkedin.com	1 redirects
1	static.doubleclick.net	www.youtube.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	cdn.bizible.com
1	app.clearbit.com	cdn.bizible.com
1	api.company-target.com	cdn.bizible.com
1	id.rlcdn.com	try.malwarebytes.com
1	s.company-target.com	tag.demandbase.com
1	scripts.demandbase.com	try.malwarebytes.com
1	cdn.bizibly.com	try.malwarebytes.com
1	tag.demandbase.com	try.malwarebytes.com
1	analytics.twitter.com	try.malwarebytes.com
1	t.co	try.malwarebytes.com
1	alb.reddit.com	try.malwarebytes.com
1	script.hotjar.com	static.hotjar.com
1	unpkg.com	www.googletagmanager.com
1	static.ads-twitter.com	try.malwarebytes.com
1	www.upsellit.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	events.ub-analytics.com	try.malwarebytes.com
1	static.hotjar.com	try.malwarebytes.com
1	tag.clearbitscripts.com	try.malwarebytes.com
1	code.jquery.com	try.malwarebytes.com
1	try.malwarebytes.com
0	www.estore.malwarebytes.com Failed	try.malwarebytes.com
155	59

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com

Subject Issuer	Validity	Valid
try.malwarebytes.com R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
plausible.io R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
go.malwarebytes.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
*.malwarebytes.com Amazon RSA 2048 M02	`2022-11-09` - `2023-12-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2022-10-04` - `2023-10-04`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
clearbitjs.com Amazon RSA 2048 M01	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.company-target.com R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
clearbit.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Frame ID: 3D7A6E8CB13AB0DC515848DF14E91516
Requests: 111 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
Frame ID: F7F62094B1EB606A0923F6ADD21CB8FC
Requests: 20 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 39A34D076663EFEEF2F13F928B594ABE
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ngt7pi8kgdde
Frame ID: 4835FC10F768F190A36039B13B25DDDC
Requests: 7 HTTP requests in this frame

Frame: https://go.malwarebytes.com/index.php/form/XDFrame
Frame ID: 1C29C400750C378C793749387E852085
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
Frame ID: E19CA66B0FB9105020582B2317100E33
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MDR: Your ticket to a real vacation | Malwarebytes

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

155
Requests

97 %
HTTPS

53 %
IPv6

45
Domains

59
Subdomains

55
IPs

7
Countries

3689 kB
Transfer

9829 kB
Size

60
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa&C=1

Request Chain 118

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1689172134313%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%252Fbusiness-mdr-ticket-to-vacation%252F%253Futm_source%253Dmarketo%2526utm_medium%253Demail%2526utm_campaign%253Db2b_em_mql_hof_q2_168633492351%2526utm_content%253Dem11_na_stay_on_vacation%2526mkt_tok%253DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&cookiesTest=true&liSync=true&e_ipv6=AQKThRe07srRiAAAAYlKgU0l8_hmJlDuK3R35Z_QFa_kcBGSLM9aUL72ro7tLGbu5oH9J8Wn8lmZ-acb0Hxl_rnM0zrrsA

155 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
try.malwarebytes.com/business-mdr-ticket-to-vacation/ 134 KB
21 KB 87ms
19ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9cb05471050c2f0f2d6484171629f788e046c50a9878f608ef192c77ef11244e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 20916
content-location: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 14:28:53 GMT
etag: "k:e082b0e9ccef4369abe5e8f1566e5116"
link: <https://try.malwarebytes.com/business-mdr-ticket-to-vacation/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: f6eca7f1-f9fe-4fd8-a764-4fabc7a3184e
x-unbounce-variant: k
x-unbounce-visitorid: e082b0e9-ccef-4369-abe5-e8f1566e5116

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 73ms
16ms Stylesheet
text/css 52.222.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-14.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:02:31 GMT
content-encoding: gzip
via: 1.1 bb94c626686a13857c0144152dfd53b8.cloudfront.net (CloudFront)
x-amz-version-id: Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop: CDG50-P2
age: 4541183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Mon, 13 Mar 2023 16:18:47 GMT
server: AmazonS3
etag: "15295835030f315ea1ec0147abd5ea63"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tqcCFXmAOqJWmAWOElaSSOha0PTkEGwwLTi1qZLSZWWuh9D81zQMHw==

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 36ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
x-hw: 1689172133.dop154.fr8.t,1689172133.cds159.fr8.hn,1689172133.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31011

GET
H2 200 ub.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 5 KB
2 KB 35ms
7ms Script
application/javascript 2600:9000:21f3:3000:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:24:21 GMT
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-version-id: DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop: FRA2-C2
age: 1371873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1864
last-modified: Mon, 26 Jun 2023 16:59:10 GMT
server: AmazonS3
etag: "118cee1e64f6b283233c55aee7da10da"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OD1Du3kiNFYQzOYDsvK2C5I2bfKzbZciLIFucSTB43yNlDeLib_-dg==

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 36ms
7ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 7ad349f95df1a4ebdbb59f61db8b27d14fdb228dfb43849ae4f9039997f89160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 22:15:08 GMT
server: ECS (frb/67D4)
age: 54609
etag: "2d68452745b4d91:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25480

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 56ms
17ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 07/12/2023 10:33:25
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.5
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: c738413f37e78889149e2a20c0774264
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
87 KB 54ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8608d5db4a1e7503cfb29036620c131911ada0008572864f07e00c5cf2cc4160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jul 2023 14:28:53 GMT

GET
H2 200 forms2.min.js Show response
go.malwarebytes.com/js/forms2/js/ 208 KB
69 KB 284ms
126ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
cf-cache-status: REVALIDATED
etag: "6a0bdf-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7e59f9aaccb64d7f-FRA
expires: Wed, 12 Jul 2023 18:28:53 GMT

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 3 KB
1 KB 298ms
240ms Script
application/javascript 2600:9000:248d:4200:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:248d:4200:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

b8cad940bbe7be6642d4e6bd80946bb834b192a8e1f2fe89d4974562df589960

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 929d1c54444aa76faba74118013855b4.cloudfront.net (CloudFront)
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MXP64-P2
etag: W/"1f7465de15a872b29ba3214046868052"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: 3t2W_TGTHrsfPD0uoARBUcam_OcFuW5z0Ae1-N5XnRJQQDQBAd7gAw==

GET
H2 200 request-trial.min.js Show response
www.malwarebytes.com/js/corporate/pages/ 6 KB
3 KB 253ms
162ms Script
application/javascript 2600:9000:218e:2600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/corporate/pages/request-trial.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:2600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

25f5e5a24fb863083ea49c14e4b85d32f704894df9e077575fe7540f2e12dc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 14:28:53 GMT
via: 1.1 a6e02469f8cbbfee9635eadf6e97ee54.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
last-modified: Thu, 06 Jul 2023 22:09:02 GMT
server: Microsoft-IIS/10.0
etag: W/"ee23887856b0d91:0"
allow: GET, HEAD, OPTIONS, TRACE, POST
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=900
vary: Accept-Encoding
access-control-allow-headers: content-type
x-amz-cf-id: 2YsX2wYHbBorDtLRoLTs3FrYdA0mm2KcktV6wTFM8BI0NiCRFd3JZQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 68ms
43ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Wed, 12 Jul 2023 14:28:53 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 20ms
19ms Script
application/javascript 52.222.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-14.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:22:52 GMT
content-encoding: gzip
via: 1.1 bb94c626686a13857c0144152dfd53b8.cloudfront.net (CloudFront)
x-amz-version-id: Z.WbuyCoilnUdm7ymqWQhG0_enogTBjk
x-amz-cf-pop: CDG50-P2
age: 677162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 04 Jul 2023 18:02:44 GMT
server: AmazonS3
etag: "a58eb6cf7e4cffa8041bdd43da1f4791"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hMGIyvIhW47h6iTbgs_zKHeqOIoHdMA0HIH45cK0hkQgTP1T3hYWtA==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 11 KB
4 KB 64ms
20ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&f=1&vn=1.3
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: fcf1042ae3d7a627f8d3c063eaccc3894dbbc2194b5410c32864d7ebee23557f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1689157498"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 hotjar-2233835.js Show response
static.hotjar.com/c/ 9 KB
4 KB 117ms
65ms Script
application/javascript 108.139.243.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.243.113 , United States, ASN (),

Reverse DNS

server-108-139-243-113.mxp63.r.cloudfront.net

Software

Resource Hash

d3f525e3bcae6cc0c10e5e58b63934c79baa27189acc35c67e01480d004834f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1457b830deed1c2472ac9d931556584a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
etag: W/110ba61bc6a499677fba0e4b3fbad6d5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 7OsjlEGkPBOsS4LPo-USnquHkJSq8av2dVcM2YVe7r6ynpeD4kLADw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 13:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5056
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 12 Jul 2023 15:04:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 361 KB
110 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10d3a8273ee71d8b92a9ef2a17de7a6435b531113963d523e920a13a26b1ca3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112444
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jul 2023 14:28:53 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 91d8a23a-corp-stay-on-vacation-lp-image-2878x1764-option2_11hc0wp000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 487 KB
488 KB 35ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/91d8a23a-corp-stay-on-vacation-lp-image-2878x1764-option2_11hc0wp000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 164a53ab7ade349d7339b91b9455723ef160dfd3046e9253f701db315bf5dfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:38:51 GMT
x-amz-version-id: c5GEONyvRMHtCAbWh9tBouheE0R_SrsJ
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78603
etag: "4faa042818228acf340674b39a861b01"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 499147
x-amz-cf-id: ssDYwpWoBgyxkApm3amG3Auueg9J69JqmTmZwx0ZTC16gV0Y37lySw==

GET
H2 200 sp-2.14.0.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 98 KB
30 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:3000:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:20:26 GMT
content-encoding: gzip
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-version-id: 0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop: FRA2-C2
age: 1372108
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30399
last-modified: Mon, 26 Jun 2023 16:59:50 GMT
server: AmazonS3
etag: "73de733c308b8b5e44d2a6242dc4bd99"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zSJFYMifwB4SkJEcohj6Irh2Dkfprxnr6J_cBJzsPjFfC-fYXsOO2A==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 303ms
97ms Image
image/gif 34.198.74.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1689172133572&e=pv&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&page=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=e1ab205f-225b-420c-a8de-bd39bc7c78fd&dtm=1689172133571&vp=1600x1200&ds=1600x5638&vid=1&sid=2a88cc45-1e8c-41eb-83a2-229ce0bf93fa&duid=01130738-4cd6-4de2-ba67-63b0ea804516&uid=e082b0e9-ccef-4369-abe5-e8f1566e5116&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZjZlY2E3ZjEtZjlmZS00ZmQ4LWE3NjQtNGZhYmM3YTMxODRlIiwidmFyaWFudElkIjoiayIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.74.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-74-222.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 36ms
10ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 89ms
62ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 14:28:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0HI7UlL6QegHhhuETp+i0aw6T+ynF86uC9JgMivUl7XfOxbFKKluEXIovo2vhAfP8JAEQg8yUG4ireloNWNGxA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 malwarebytes.jsp Show response
www.upsellit.com/active/ 24 KB
8 KB 59ms
14ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/malwarebytes.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a955a7cbac676436fa67048953589a94d15eb9fb0f03deb5e9febd88cea469a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Tue, 11 Jul 2023 21:21:37 GMT
server: nginx
age: 61636
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7451
expires: Wed, 12 Jul 2023 21:21:37 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 269ms
126ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 14:28:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2023 02:09:07 GMT
Server: AkamaiNetStorage
ETag: "fefdb331ffca929fc0e661337b64ed4f:1678241347.158405"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 33ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220039-FRA

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 7 KB
3 KB 36ms
19ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7be58558ac5f613c44cc4ca498d6bd64de88aaa3f78e6d618771758205e8b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 207033
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H4Z2MD1N5WJS5A8M041W1K8P-fra
server: cloudflare
etag: W/"1ae1-tMDPEHOSIsyc9nlymp5rO1O4NKA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e59f9ab3a104db8-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
70 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

170be287b63c8fd9ee9cd87200376b6d9c8ad7b92995d5c344d660404cdcee37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71647
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jul 2023 14:28:53 GMT

GET tag.js
www.estore.malwarebytes.com/proxydirectory/tags/445691266569/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
87 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47a03a81a7d3e3e0236af34ab4b96b98657c8547d429655c7bb2dc8908d221e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89435
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jul 2023 14:28:53 GMT

GET
H2 200 tag-49ebc8f58c9e236fad7d3dc279f89121.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 179 KB
50 KB 40ms
25ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-49ebc8f58c9e236fad7d3dc279f89121.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&f=1&vn=1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 5d90065be883fc29aa6e6932ba3bfe7b36e8a751966475f1675790cbc814d429

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:52 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 12 Jul 2023 10:24:32 GMT
server: gfra1
etag: "64ae7f60-c755"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51029

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 96ms
96ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=622914&d=try.malwarebytes.com&u=D03822ABD96B0192DBDD8D1598E53F9F0&h=c909f56d76c30d136dae203716db8c13&t=false&r=0.7664274894291985

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 39ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je37a0&_p=1480592840&_gaz=1&cid=1908964415.1689172134&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1689172133&sct=1&seg=0&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&dt=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&en=page_view&_fv=1&_ss=2&_ee=1&epn.siteSpeedSampleRate=100
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 76ms
25ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=1908964415.1689172134&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 55ms
31ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=1908964415.1689172134&gtm=45je37a0&aip=1&z=739153648

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.fba0c9b2e1c5e125e170.js Show response
script.hotjar.com/ 270 KB
69 KB 63ms
21ms Script
application/javascript 18.164.52.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-73.cdg50.r.cloudfront.net

Software

Resource Hash

4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8bdbe34841dae048e23c3b85d9dccfca.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 198346
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70330
last-modified: Mon, 10 Jul 2023 07:22:19 GMT
etag: "0054d18e8d659772b0e915a12ecd8b15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uuOhmTUO7z_YR7QnU-9bIYFQaenvbHfr1-WDIqFSBUh615qKiesYRw==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 127ms
102ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1689172133684&id=t2_4u5qw&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=56301262-820d-4197-8bf8-5ce442797ec5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
378 B 207ms
183ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=4a91d55f-90b8-4ac2-8d6f-a0e4676e7732&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9efab37e-e87b-4c1b-83c9-f5f7c5327096&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 176
date: Wed, 12 Jul 2023 14:28:52 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 852a7d1f8a31d76a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c0d6d43530b0e4aa35552314880e7409fc97996913f9862b4ed6a5df84f60efa
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 140ms
113ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4a91d55f-90b8-4ac2-8d6f-a0e4676e7732&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9efab37e-e87b-4c1b-83c9-f5f7c5327096&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 12 Jul 2023 14:28:53 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 851ead99ddca2c45
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ff84f9f359fddd09a2f80a8c3b490f055537e088b7dbb8fe9d09f2719eb4b226
content-length: 43

GET
H3 200 tag-ebda8bd5e909abdcef3c8f504fe30737.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 113 KB
29 KB 34ms
34ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-ebda8bd5e909abdcef3c8f504fe30737.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-49ebc8f58c9e236fad7d3dc279f89121.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: abdd087bbef8f093d9b4fde4c61266ba6192d10c0a63af2991ac0b0eecefd6b3

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:52 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 12 Jul 2023 10:24:32 GMT
server: gfra1
etag: "64ae7f60-726e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29294

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 3 KB
2 KB 73ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1689172133726&cv=11&fst=1689172133726&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&hn=www.googleadservices.com&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&auid=1802001900.1689172134&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd02a845d216b65cbf347da50ad71576097edc1a8f42e1e15bc3041dfcc828e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1575
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 172 KB
23 KB 42ms
42ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=622914&settings_type=1&vn=7.0&exc=1|48|3|4|161
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-49ebc8f58c9e236fad7d3dc279f89121.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 86b253339e076a51843ff48bc6be071227af53d385b917b266b57a5b8487e8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:52 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1689157498"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 276ms
275ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bbe45428d147626df179385acd9fe250e6fd35d15d853d41d70d867af28230a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 14:28:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: TkgEOFDl2E/Butaa0/IUk6BiooCt8zfHEl3R/1ABTnt9qrSNQ7K3BdKQCAGziGPHTOG39O33OVlCW0MnYzfWOQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/ 0
21 B 281ms
228ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/ 168 KB
45 KB 235ms
183ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_cb584e4855b4e715cdf98205aaf89692/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

c4e1fd2041af31b05c83711865d548f3ec7f5fa9b7cd48060af8ba17f27a7056

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 forms.js Show response
x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 33 KB
10 KB 232ms
179ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms.js?page_path=%2Fbusiness-mdr-ticket-to-vacation%2F

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

69b7dd1321ee147582acc524bccce832da1bb64fac6c12da92ac180b15f7b6c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 uGIGyePoK2M Show response
www.youtube.com/embed/ Frame F7F6 76 KB
32 KB 101ms
78ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f9511a5d65fb28201b0daf831d9d5b6dcc8e821a14ad0136094abbe4a3add0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 14:28:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
701 B 46ms
9ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:15:12 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=73372
accept-ranges: bytes
content-length: 490

GET
H2 200 HWyTnY16.min.js Show response
tag.demandbase.com/ 78 KB
22 KB 37ms
7ms Script
application/javascript 108.138.17.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/HWyTnY16.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-47.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

764a8f2a0dbfd94fa8e092380153a0327fa16cc5160472c83b6c364a16a72443

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 7WvEinQw8ARRHeWGkdCebRd.5iRSDg1B
content-encoding: gzip
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 13:51:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 21:47:32 GMT
server: AmazonS3
etag: W/"b274469356b64e3c1a730994b495a298"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: C2k6vcDMCWhoH5cmjV4rc84icyy-UHjXwvUA_Dtj7-JO0dseInQ9ow==

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 23ms
23ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-49ebc8f58c9e236fad7d3dc279f89121.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 12 Jul 2023 10:24:29 GMT
server: gfra1
etag: "64ae7f5d-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 13:39:51 GMT

GET
BLOB 200
OK 8b5e8977-a712-48e4-befd-d9e49701fc79
https://try.malwarebytes.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://try.malwarebytes.com/8b5e8977-a712-48e4-befd-d9e49701fc79
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1480592840&t=pageview&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&dp=%2Fbusiness-mdr-ticket-to-vacation%2Fk%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&ul=en-us&de=UTF-8&dt=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=1365108262&gjid=813238934&cid=1908964415.1689172134&tid=UA-3347303-10&_gid=1306394831.1689172134&_r=1&_slc=1&z=281979808

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 3 KB
2 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1689172133923&cv=11&fst=1689172133923&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&hn=www.googleadservices.com&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&auid=1802001900.1689172134&uamb=0&uaw=0&data=event%3Dpage_variant%3Bvariant_id%3Dk&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ae8f31935e86629fa559f16ad40a312e884a93b16fe92867c7c5e69ac22209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1581
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.ub-assets.com/ 13 KB
1 KB 100ms
31ms Stylesheet
text/css 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

be65c686c20da9f937b0a670dba66ee231d289dd41e08cc34758da356c8d7e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 70f383b1b1176f28876db3111bf71a12.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 13853
x-amzn-requestid: 87cb5f4f-6d5e-401d-bbcd-4f8706829630
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: H8lViERqoAMFlQA=
content-length: 892
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-64ae8289-18e525a37a0877e3318c79ad
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: nzn-v5fdxdXRHPXtST1kCv0YnaJALpBSK3_CaY-wdzpqqwdrZPVNKQ==

GET
H2 200 5aa2a483-mwb-for-business-logo-horz-b.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 9 KB
4 KB 11ms
7ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/5aa2a483-mwb-for-business-logo-horz-b.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:38:54 GMT
x-amz-version-id: 93fAzRtNA2ItVw1w8xCQd6Btld.YvNz6
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"86720f295785c42af708f960cc7fcd68"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78600
x-amz-cf-id: nS9JlIlRtOr8ww4YBEttsoIwuHbraEG3kStEtIFHKpV-8PGXMyGCYg==

GET
H2 200 a0e423ac-youtube.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 781 B
1 KB 14ms
9ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/a0e423ac-youtube.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:38:54 GMT
x-amz-version-id: qDZ1SH_PveghF42J16nTQWL5dPcyWWMR
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78600
etag: "081f067d429b3c6a78729d7deac02168"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 781
x-amz-cf-id: NU6NiOp-FVEz8igF4ortP02qyr4u96AwNodiYu5aBRJKbMWqChX3xw==

GET
H2 200 f95669e3-twitter.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 1 KB
1 KB 15ms
10ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/f95669e3-twitter.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:38:55 GMT
x-amz-version-id: zeCc_hbhLNIq9pKW4TVcT_yVKPH.MzM0
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"ddedc6e72875927b487fa5e332377f63"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78599
x-amz-cf-id: jcTjdKMe9iS2AM5noCcz6O2fZF586CfP38hhErpkh2oCvvusV9_0vQ==

GET
H2 200 86f05d8f-linkedin.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 694 B
1 KB 14ms
10ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/86f05d8f-linkedin.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:38:59 GMT
x-amz-version-id: fxtKvI26db2oEuZaEqCuk.JCy7W7mGVu
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78595
etag: "b7d762d9bcb616fca18554d94802d3ee"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 694
x-amz-cf-id: 85ku4srhGtaTJ9aYrVqN_ulrMByJJt9Nxo8do5aeDdpcCRE00UO-mw==

GET
H2 200 a41c267f-instagram.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 956 B
1 KB 15ms
11ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/a41c267f-instagram.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: EuBTGCY6OzvtOL4XMrPmRKa17UIglK0u
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "883f596fcb6f545aed6128681beba88a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 956
x-amz-cf-id: D7gyFoH4oUbQBdVArn2WoQWsGSk5NBD2zd8eF2UDmpdqntsy4eqUPw==

GET
H2 200 8cd70cf9-facebook.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 276 B
700 B 15ms
11ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/8cd70cf9-facebook.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: WEyyk9NNXU9JlCyQH5yrP5DDbDFixPhL
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "36e58d5d5809a35372d71afc30c8c32e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 276
x-amz-cf-id: 8qcAGkHP8brKRmXbcu4DX_2RmxLOWHiPJ7494dJ6K655QEcVIbzeoA==

GET
H2 200 7844482d-icon-protection.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 2 KB
1 KB 15ms
11ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/7844482d-icon-protection.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ce53e25f835f59e7a9a99a62e1c00c68012d1b2ced3ee1d3f104311bb399bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: HL77KQ6iiZscMrsnz54NrZBLyiQaycR9
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"5569b6e81e6007a44ca8d4af6167620f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78594
x-amz-cf-id: pKbaQhn45RvbGxYfVTs2U7EdZf_O9Ml-doD_dZJVNzK-zVAvtO0k1A==

GET
H2 200 0907df36-icon-ransomware.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 2 KB
1 KB 16ms
12ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/0907df36-icon-ransomware.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b29e1cc8f0243d9d791d87d86263a534431c2abfb8b585c876b6ec680fbe82c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: mSyLe4iXbJkeXAogDnwTcnbVQisE3JmR
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"6390eca9367cd32606dad9b5ccf1c620"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78594
x-amz-cf-id: 8PcBn8MJUlrObqMs7UHXdqu0jL328tPzapnrmj3RyAKixMbc7YENfw==

GET
H2 200 1a8c9c27-icon-support.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 2 KB
1 KB 16ms
12ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/1a8c9c27-icon-support.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: daf900711b90586855f1f23a69867e42acd8df777c1fce72c02ed06f3edeb315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: tuKdNH1GKpJqJboIUAj3OLLd3mACe28L
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"5330c5215c5e7b3445c7020ef6ec5e34"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78594
x-amz-cf-id: J-E25oNmDhUAVb1uDgrCq8rM755xT8DPNRyQak6Lxa8_hFdKeio3pw==

GET
H2 200 64917c33-third-party-reviews-1_10w90lk0vo0fk00l01r028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 50 KB
50 KB 16ms
13ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/64917c33-third-party-reviews-1_10w90lk0vo0fk00l01r028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc333995572f5eb4654815c3b1878e60a842376caafaa26f4365c189cfa3ac85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: XXBzlgCbDOFww5Y.OxOapOdo2N3Fk_D8
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "8b39b3a8fd46e5800a2b6e074c246014"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 50855
x-amz-cf-id: 1Vz2JButQ1o0gDv53uDcKaGr5u18GY4YaM_hErOm8nFMKwC_SIvs3A==

GET
H2 200 755b93ff-endpointdetection-responseedr-leader-leader_103x05303x04k000008028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 3 KB
3 KB 19ms
16ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/755b93ff-endpointdetection-responseedr-leader-leader_103x05303x04k000008028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32f1fabb79b7560583da24346b3ee57f3b58020a4ae4d58b8f57aaeab44e0aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: o2Vlyudb7nAax9XtgLvvgD7r6MPdxByF
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "4ec2979851f6b04b152300e0f9ad1fef"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3115
x-amz-cf-id: NYbekyS7t50LeBkqwhNeAASBjFxu0RTjRM7twTSuBxR05q3eH5LeLQ==

GET
H2 200 7549cf79-corp-stay-on-vacation-lp-check-mark-navy.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 621 B
1 KB 20ms
17ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/7549cf79-corp-stay-on-vacation-lp-check-mark-navy.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7687e0f43dc6533f4e0493c203238fce8650f3d58132002b5dcd42b066af0e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: c9tHcJ7wACZ8EVRg3RbI5.I.H.DyCmDR
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "8a0eb0bec5ca02741e5022422884da58"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 621
x-amz-cf-id: HoD88QbX18CGjXeGgYX7RCAl-IoS5MubmmTt5bUNg4hbza-gXPEYyQ==

GET
H2 200 cce73eac-corp-stay-on-vacation-lp-image-2878x1764-copy-1_10o10en0e507201o02w028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 14 KB
14 KB 21ms
18ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/cce73eac-corp-stay-on-vacation-lp-image-2878x1764-copy-1_10o10en0e507201o02w028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d15cce198d0132613325ccff99e64b27530423609f9f62d49ff6b8eeab142ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:00 GMT
x-amz-version-id: HCfdjdURHRT3p36n1tKuluApW4sq1q2o
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78594
etag: "b417de7b4eb0bd3111a40e533733fa43"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 13871
x-amz-cf-id: ncsSBP45SIS3OL9K7Bf51HLh9HQtXF6UP9p5gnGEu3JDtdwXC99mdg==

GET
H2 200 9db358ec-d-only_1036036000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 991 B
1 KB 22ms
20ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/9db358ec-d-only_1036036000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c314f9ee0b4f26cc361ed98dea2fce5df975f29d1754279e80f4c9125a674feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:01 GMT
x-amz-version-id: SJ0456KEnUNodCvSsqJ0etRL.Y18XhR1
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 78593
etag: "9728b60d79c8e7769f1c34d5bae31ae2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 991
x-amz-cf-id: ZLSU5XS5L83KnIr4yfLPM1cYaoLM22IKonwnklx0CluC-hUHzlKeBw==

GET
H2 200 1522f413-increase-investment-icon.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 2 KB
1 KB 20ms
17ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/1522f413-increase-investment-icon.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dba37270367fbd0b0898db4bcd21a0c14765ea4a9b106c29f513b4551e3fd2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:01 GMT
x-amz-version-id: V.tumWFcFwFrIOsELcPqNjxSsA0dDWJY
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"adfd3ab6d3eff8dd9eda18b995046647"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78593
x-amz-cf-id: M4W6CAp5EHMiSdfhxLFkil1MojcoEbnaKscly8C0WL6LI1L33iCZKA==

GET
H2 200 9b391e3e-alert-icon.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 3 KB
1 KB 20ms
18ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/9b391e3e-alert-icon.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08d5ceaa6ea3ddcfe60e0afb7d7ff593eff69c9d75b2caa91c3327ee18dea6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:01 GMT
x-amz-version-id: cb1786Lv11dC.vpIwGz4gI5JtLcUrcPa
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"dff4639d6767902ce139e4604a781879"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78593
x-amz-cf-id: 6o626L0R1qSjUiFX6k39KG44sejNCtl1R7AtkSJQPLqOqfzJTWlznA==

GET
H2 200 7244b198-privacy-icon.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/ 3 KB
1 KB 22ms
20ms Image
image/svg+xml 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/business-mdr-ticket-to-vacation/7244b198-privacy-icon.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68d63ad79cba63fd20d8cc393a83f9dbf1fa16830bcce08f8bd292e422c04584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:39:01 GMT
x-amz-version-id: _YYhysqeL2aXuepssyBl_RLp_x.CGQc6
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:25:58 GMT
server: AmazonS3
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"1fe06e89ce87b35bd326da5858ad8c41"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 78593
x-amz-cf-id: MEkRitWZ944EHgIw8xWAqIDSdfTih7uLd2PmocB-2rGVNNZRgrkTtg==

POST
H2 202 event Show response
plausible.io/api/ 2 B
477 B 36ms
14ms XHR
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/12/2023 14:28:53
cdn-pullzone: 682664
application: 10.0.0.3
content-length: 2
x-request-id: F3ElGzGVJsTtr5YUI_SC
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: aeb31813b27d1550b3ad88965c3b3cb9
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 request-trial.min.css
www.malwarebytes.com/css/corporate/pages/ 1 KB
971 B 149ms
148ms Stylesheet
text/css 2600:9000:218e:2600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/corporate/pages/request-trial.min.css

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/corporate/pages/request-trial.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:2600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b43e6387463adb801e2d26c1cc0d3f65164185f1368f1070d43c46b48e3ce64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 14:28:53 GMT
via: 1.1 a6e02469f8cbbfee9635eadf6e97ee54.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
last-modified: Mon, 26 Jun 2023 20:59:43 GMT
server: Microsoft-IIS/10.0
etag: W/"704ab22171a8d91:0"
allow: GET, HEAD, OPTIONS, TRACE, POST
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
x-frame-options: DENY
cache-control: max-age=900
vary: Accept-Encoding
access-control-allow-headers: content-type
x-amz-cf-id: U8K0NNHCnc_TjiroMGYP3vs6S9Kyfxbmu5EsVzjQnNZbBLIpOM_cuA==

GET
H2 200 getForm Show response
go.malwarebytes.com/index.php/form/ 23 KB
5 KB 102ms
101ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.malwarebytes.com/index.php/form/getForm?munchkinId=805-USG-300&form=5822&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F&callback=jQuery1124018048885846750173_1689172133763&_=1689172133764
Requested by: Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7803984ee28ac784980a3f2c66778bee3f92f621bfab3910f763bd2db26aff5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7e59f9ad2f524d7f-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
302 B 8ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=77277c77100e487ada77770d7379aa76&_biz_s=4da56f&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&_biz_t=1689172133556&_biz_i=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&_biz_n=0&rnd=641163&cdn_o=a&_biz_z=1689172133940
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
last-modified: Wed, 12 Jul 2023 14:12:17 GMT
server: ECS (frb/6760)
age: 996
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 8ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=77277c77100e487ada77770d7379aa76&_biz_s=4da56f&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&_biz_t=1689172133945&_biz_i=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&rnd=511&cdn_o=a&_biz_z=1689172133945
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:53 GMT
last-modified: Sun, 09 Jul 2023 02:44:34 GMT
server: ECS (frb/6752)
age: 301459
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 www-player.css
www.youtube.com/s/player/f2f137c6/ Frame F7F6 376 KB
47 KB 13ms
12ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f2f137c6/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4092bacea7c442fc5033af93696fb2544bc58e71bf9eb40658694fd464f4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47941
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:48:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jul 2024 13:58:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/ Frame F7F6 311 KB
94 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e7450a89e66a53c8e02170ecd4a746fdb98b075d540b0537b79df6f63ffdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95618
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:48:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jul 2024 14:24:05 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/ Frame F7F6 2 MB
755 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351f8ad90f9ab93eae3461926df367e60e8bc2a805490a7a6965be7540050daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 772453
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:48:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jul 2024 14:17:38 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 53ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 12 Jul 2023 14:28:53 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F03C7E1A23E4B60B0912C38538BDE32 Ref B: FRA31EDGE0711 Ref C: 2023-07-12T14:28:54Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 78 KB
22 KB 9ms
9ms Script
application/javascript 108.138.17.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-47.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

764a8f2a0dbfd94fa8e092380153a0327fa16cc5160472c83b6c364a16a72443

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 7WvEinQw8ARRHeWGkdCebRd.5iRSDg1B
content-encoding: gzip
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 13:51:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Jun 2023 21:47:32 GMT
server: AmazonS3
etag: W/"b274469356b64e3c1a730994b495a298"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: C35nFfAoj7McmIxWpbNEjSKFLJyuQXunrnSgClDx1o7AE3Q66kv7dg==

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
2 KB 21ms
20ms Script
application/javascript 2600:9000:218e:2600:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218e:2600:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:21:15 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 a6e02469f8cbbfee9635eadf6e97ee54.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-powered-by: ASP.NET
age: 458
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"178b70bdbc7dd71:0"
allow: GET, HEAD, OPTIONS, TRACE, POST
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=900
vary: Accept-Encoding
access-control-allow-headers: content-type
x-amz-cf-id: Me4CCI0RRUG6ZENCoAl5GRqSI3vks8Kdc-aR7orOO6KxQze-bUNbqA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7F6 15 KB
16 KB 41ms
4ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 51759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F7F6 15 KB
15 KB 43ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 333669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:47:45 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
419 B 395ms
395ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=77277c77100e487ada77770d7379aa76&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.07.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: b549af1d7717eb208a28000ddb3308e5f94bf16d3c1528c9017d5c9a855981c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Wed, 12 Jul 2023 14:28:53 GMT
cache-control: private, must-revalidate, max-age=21600
server: ECS (frb/6711)
etag: 81907026
content-length: 116
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
21ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3347303-10&cid=1908964415.1689172134&jid=1365108262&gjid=813238934&_gid=1306394831.1689172134&_u=KEBAAEAAAAAAACAAI~&z=1178339918

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Jul 2023 14:28:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
327 B 27ms
16ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1689172133726&cv=11&fst=1689170400000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=355023029&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
154 B 27ms
17ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1689172133726&cv=11&fst=1689170400000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=355023029&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 15ms
5ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:14 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=72717
accept-ranges: bytes
content-length: 4862

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 19ms
15ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Fri, 20 Oct 2023 14:28:54 GMT

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 39A3 634 B
976 B 159ms
96ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 3b4b5175548fea6ad7fb6304ea4bc05e9797c53e876981c57a499b61d2a11671

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 12 Jul 2023 14:28:54 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 58ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 16 KB
16 KB 62ms
20ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 19 May 2023 23:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15920
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 4631668
x-amzn-requestid: 34d17ec1-a253-4c8e-910e-be4cc2dd599d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: FMbX-G00oAMF16A=
content-length: 15943
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64680c32-7bae6fd308405c0a7a7d759c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kP1SbahhpdaBO_p9IOAfgP4Gt0jLrMU5lZGwDkRz1RamW05SO7oNbg==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 76ms
36ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15740
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 4980905
x-amzn-requestid: dcc3367c-e14e-494a-a413-6df37b5a4662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: E_GvnFBvIAMFjCA=
content-length: 15763
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6462b7fd-47040825190b073b51b2c937
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1kQutPeIxBlxqtJFmtpauQJl_YeuF5p6qVBqt6e5QD5df9yr60FlUg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 74ms
34ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 23:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 3250709
x-amzn-requestid: d6654fef-c59c-4876-819a-fa0ff0565a7d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: GBG2xHQEIAMF6HQ=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-647d1e91-7fb828483c7c30626f534fcb
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TpHM5Z_GT5vSqeyWY26XqXT33TwWVIoNVH5oAZ_LCQCKBwEK8iG71g==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 76ms
39ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 10 May 2023 00:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 5493174
x-amzn-requestid: dbfa4082-ed5d-4d9d-8247-22e550abfa9f
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ErkFkE8nIAMFoQQ=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-645ae6f0-2d45b3a27b44d4c36a84c6e7
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FnsTANtkSbke1_mPhpdw2PvDt6EOthQX8B9qh47oFh_jaXJ0KNNsmA==

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 57ms
23ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 23:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15752
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 4806082
x-amzn-requestid: 395fd1f1-0d8c-4e80-a64d-592611d85601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: FFxjuGb_IAMFs4Q=
content-length: 15775
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-646562e4-00df043b078f85ae0227cb49
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1XIhUTvwPkwa3ZtIcmxjL5i1lStd0unmS2oqH_Sqi65kZnfnIhBnew==

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 461 B
962 B 101ms
61ms XHR
application/json 13.225.34.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&page_title=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-74.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: 1cdf65f2af088923ed7b817b24c10645518840bfc4968b163c784ff90b534870

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 f46632dd252c85fed57bcf18d61d8544.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
x-cache: Miss from cloudfront
request-id: 52e66ebf-4105-4932-af1a-c0241bc872b8
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://try.malwarebytes.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _deBAMIzKAHL7vyi4HUMHWGaHzEE4KrxGdkZlcWi78OE4Gw8y_gl7g==
expires: Tue, 11 Jul 2023 14:28:54 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1689172133923&cv=11&fst=1689170400000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&data=event%3Dpage_variant%3Bvariant_id%3Dk&fmt=3&is_vtc=1&random=3287662051&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1689172133923&cv=11&fst=1689170400000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&frm=0&tiba=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&data=event%3Dpage_variant%3Bvariant_id%3Dk&fmt=3&is_vtc=1&random=3287662051&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 27ms
25ms Font
font/woff2 13.32.145.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-119.cdg50.r.cloudfront.net

Software

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:700,500,regular,900,300%7CSource+Sans+Pro:italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:26:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 14160
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 3096156
x-amzn-requestid: e6d15603-af18-4438-9d12-e49a6fcb2e64
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: GHALuF6zIAMF_kg=
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-647f7a4a-293bdd772c64882d3760c479
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aM02rWCyfm1eJU6yg6C7WWHDw8cyI_p59tGTwD-iY6qGm6oZLnTB4g==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4835 51 KB
28 KB 37ms
37ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ngt7pi8kgdde

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e3c1be445dadc91f2009d9e0ba3cfdfeaab41b78d72b90c2e14994873cf3a26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_ZAXZ-wqgmG8uxUTo0dTvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28664
content-security-policy: script-src 'report-sample' 'nonce-_ZAXZ-wqgmG8uxUTo0dTvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 14:28:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 239ms
207ms XHR
application/json 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://try.malwarebytes.com
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
access-control-allow-headers: Authorization, API-Version, Content-Type

GET
H2 200 forms2.css
go.malwarebytes.com/js/forms2/css/ 13 KB
3 KB 126ms
126ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/css/forms2.css

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
etag: "1660b25-3437-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e59f9aed9584d7f-FRA
content-length: 2623
expires: Wed, 12 Jul 2023 18:28:54 GMT

GET
H2 200 forms2-theme-simple.css
go.malwarebytes.com/js/forms2/css/ 826 B
325 B 135ms
135ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
etag: "1660b27-33a-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7e59f9aee9594d7f-FRA
content-length: 242
expires: Wed, 12 Jul 2023 18:28:54 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3347303-10&cid=1908964415.1689172134&jid=1365108262&_u=KEBAAEAAAAAAACAAI~&z=484556245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3347303-10&cid=1908964415.1689172134&jid=1365108262&_u=KEBAAEAAAAAAACAAI~&z=484556245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
417 B 430ms
366ms XHR
text/html 2600:9000:2113:200:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=_deBAMIzKAHL7vyi4HUMHWGaHzEE4KrxGdkZlcWi78OE4Gw8y_gl7g==&api-version=v2
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2113:200:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Wed, 12 Jul 2023 13:20:15 GMT
via: 1.1 a5b7c4fb9a353a27aa5810e812f99d70.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
age: 4119
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: lxKRrZ2ee8BzVsxV5bAT0SPKHiFFVgu5AvfffRPOW7CidKRqrkJjog==

GET
H2 204 4072696.js Show response
bat.bing.com/p/action/ 0
119 B 135ms
134ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 12 Jul 2023 14:28:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E31D134D1CB435EA0FD64897A45D73C Ref B: FRA31EDGE0711 Ref C: 2023-07-12T14:28:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=dbb0f9fa-2bd5-4962-adb6-d525cb2e645d&sid=6dc82ce020c011ee89b73fcd804a8ee2&vid=6dc849d020c011eea16f15d22485dfca&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&p=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&r=&lt=648&evt=pageLoad&sv=1&rn=714280

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 14:28:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7D5C0E47C024D36B1B94811D60369E7 Ref B: FRA31EDGE0711 Ref C: 2023-07-12T14:28:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 46ms
12ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&rl=&if=false&ts=1689172134284&sw=1600&sh=1200&v=2.9.111&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1689172134282.1173896851&cs_est=true&it=1689172133786&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 14:28:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 4835 55 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ngt7pi8kgdde

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 14:06:44 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 4835 431 KB
173 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 13:39:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39A3
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa&C=1

43 B
766 B

14ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Jul 2023 14:28:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 Jul 2023 14:28:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1705069734&external_user_id=6f320679-972e-4565-aa14-0a4b050be8aa&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 39A3 43 B
392 B 409ms
123ms Image
image/gif 2600:1f18:612b:4216:806d:dd25:b159:13be
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=6f320679-972e-4565-aa14-0a4b050be8aa
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:806d:dd25:b159:13be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 12 Jul 2023 14:28:54 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 39A3 0
239 B 65ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=6f320679-972e-4565-aa14-0a4b050be8aa&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F7F6 113 B
159 B 16ms
15ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dceec5bc8082139c08b66e1b7675b3b4c0d63d173382fad61bade69345fd98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F7F6 29 B
495 B 31ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:21:08 GMT
x-content-type-options: nosniff
age: 466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Jul 2023 14:36:08 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/ 36 B
377 B 38ms
8ms XHR
application/json 2600:9000:20eb:5200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/token
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:54:49 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 5645
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31820
x-amz-cf-id: Vb8ZxA2wiuBYz-DzXFSht8jMMDIYYh5O-q96XrxfgSMOP6eb2O8Bww==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1689172134313%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demai...

0
266 B

225ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&cookiesTest=true&liSync=true&e_ipv6=AQKThRe07srRiAAAAYlKgU0l8_hmJlDuK3R35Z_QFa_kcBGSLM9aUL72ro7tLGbu5oH9J8Wn8lmZ-acb0Hxl_rnM0zrrsA
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 58937B8B7C27491F9334D9B5BC12D97A Ref B: DUS30EDGE0317 Ref C: 2023-07-12T14:28:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYASwkYszhju3Wvg2S9nA==

Redirect headers

date: Wed, 12 Jul 2023 14:28:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 91FB28C5080E4D9BB6BF276415E39B92 Ref B: FRAEDGE1213 Ref C: 2023-07-12T14:28:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1689172134313&url=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&cookiesTest=true&liSync=true&e_ipv6=AQKThRe07srRiAAAAYlKgU0l8_hmJlDuK3R35Z_QFa_kcBGSLM9aUL72ro7tLGbu5oH9J8Wn8lmZ-acb0Hxl_rnM0zrrsA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYASwkVEjt/wu1yVwLomw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/ 36 B
374 B 39ms
9ms XHR
application/json 2600:9000:20eb:5200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/token
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:54:49 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 5645
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31820
x-amz-cf-id: FLVGaRm6ak4D6tSnrV0F0w8_9_f5_sl9UFrrTCPV_j1Y79g_L4mxiA==

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 672ms
94ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1689172134317&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1689172134317-39928&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&_mchHo=try.malwarebytes.com&_mchPo=&_mchRu=%2Fbusiness-mdr-ticket-to-vacation%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dmarketo__-__utm_medium%3Demail__-__utm_campaign%3Db2b_em_mql_hof_q2_168633492351__-__utm_content%3Dem11_na_stay_on_vacation__-__mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 14:28:54 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 06cbc47c-9d2e-41e8-888a-e71e2991db9f

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 38ms
16ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 12 Jul 2023 14:28:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7F6 68 KB
31 KB 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ed2518f0f5e078c57ffdd658019e5724a63396409f4d4f21b9a30896f24084a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31740
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/ Frame F7F6 116 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18271d6690dff8e11b10d288c8a0d7f609c3e4c437ebce13e3f919571f91793f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 07:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33596
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:48:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jul 2024 07:20:20 GMT

GET
H3 200 8BnCbiliH-guui2Vq9aW8FXO5FubzhIHYOs_9ZPSwW0.js Show response
www.google.com/js/th/ Frame F7F6 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8BnCbiliH-guui2Vq9aW8FXO5FubzhIHYOs_9ZPSwW0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f019c26e29621fe82eba2d95abd696f055cee45b9bce120760eb3ff593d2c16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14611
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 13:58:59 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/uGIGyePoK2M/ Frame F7F6 22 KB
22 KB 60ms
37ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uGIGyePoK2M/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7abf4815f99d5042ade8d83c9ce86f58bc78430aceb46edebc618943f2d9e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22123
x-xss-protection: 0
server: sffe
etag: "1663692329"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Jul 2023 16:28:54 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/ Frame F7F6 28 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1276c576f6bac7f4ee8863f76468b8c53a3169d557fb2dcdf474e9eda3fd833d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8141
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:48:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jul 2024 13:37:13 GMT

GET
DATA 200
OK truncated
/ Frame F7F6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 81EZUvwXs8f37rVYTOumU9SGEFqBdM0x4MngmjYmicdHoKVufG3M8Ujg49ZbuECc2JMlfYJobA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F7F6 2 KB
3 KB 82ms
20ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/81EZUvwXs8f37rVYTOumU9SGEFqBdM0x4MngmjYmicdHoKVufG3M8Ujg49ZbuECc2JMlfYJobA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ca990d682041fe4111521b5e1d7d95c3ab467deacc5fddbd661064ce2c6e4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:40:53 GMT
x-content-type-options: nosniff
age: 2881
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2488
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 13 Jul 2023 13:40:53 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F7F6 90 B
134 B 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a88f7befec3286362295187a23e46a4d8f267f8ed7e48a3b691019b00a81b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 12 Jul 2023 14:28:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 XDFrame Show response
go.malwarebytes.com/index.php/form/ Frame 1C29 2 KB
876 B 127ms
125ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/index.php/form/XDFrame

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

837b96331fe847d63110348763da76af78f2351b85dbb7e3f30c8ed404178d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7e59f9b16c634d7f-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 14:28:54 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms_analytics.js Show response
x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/ 4 B
66 B 276ms
276ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms_analytics.js?event=form_loaded&integration=marketo&form_session_id=f9ee5a55-959c-439a-807f-27359cfce58f&total_fields=37&medium=email&source=marketo&page_path=%2Fbusiness-mdr-ticket-to-vacation%2F

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_cb584e4855b4e715cdf98205aaf89692/forms.js?page_path=%2Fbusiness-mdr-ticket-to-vacation%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4835 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 50117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 19 Jul 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4835 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 51759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4835 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 333669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4835 102 B
134 B 71ms
71ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ngt7pi8kgdde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 12 Jul 2023 14:28:54 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F7F6 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7LMlrA
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/business-mdr-ticket-to-vacation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_em_mql_hof_q2_168633492351&utm_content=em11_na_stay_on_vacation&mkt_tok=ODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F7F6 4 KB
2 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Jul 2023 14:28:54 GMT

GET
H2 200 forms2.min.js Show response
go.malwarebytes.com/js/forms2/js/ Frame 1C29 208 KB
69 KB 21ms
20ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.malwarebytes.com/js/forms2/js/forms2.min.js

Requested by

Host: go.malwarebytes.com
URL: https://go.malwarebytes.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.malwarebytes.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
cf-cache-status: HIT
age: 1
etag: "6a0bdf-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7e59f9b2ee604d7f-FRA
expires: Wed, 12 Jul 2023 18:28:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
14ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&rl=&if=false&ts=1689172134878&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Managed%20Detection%20and%20Response%20hunts%2C%20stops%2C%20and%20prevents%20threats%2024%2F7%2C%20so%20you%20can%20finally%20log%20off%20and%20enjoy%20a%20well-deserved%20vacation.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1689172134282.1173896851&it=1689172133786&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 14:28:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E19C 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2dd71efd44d7405a97ea2be51bf61468ffcc6c704792cabbcb1eef3ef415490

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TLmLy5H5-MpNAx88371MHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1155
content-security-policy: script-src 'report-sample' 'nonce-TLmLy5H5-MpNAx88371MHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 14:28:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame F7F6 51 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 15:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 12 Jul 2023 15:13:48 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame E19C 55 KB
24 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 14:06:44 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame E19C 431 KB
173 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 13:39:51 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E19C 40 KB
24 KB 66ms
65ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a329661ef811f2042d9ef23e825399f19d461d5c8571525cb4b78688fe5b00e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 12 Jul 2023 14:28:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24867
x-xss-protection: 1; mode=block
expires: Wed, 12 Jul 2023 14:28:55 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E19C 600 B
624 B 17ms
16ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 473253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 14 Jul 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E19C 530 B
554 B 18ms
16ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 331036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 15 Jul 2023 18:31:39 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E19C 665 B
689 B 16ms
15ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 334703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 15 Jul 2023 17:30:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E19C 15 KB
15 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 51760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 00:06:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E19C 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:41:15 GMT
x-content-type-options: nosniff
age: 470860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 03:41:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E19C 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 333670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:47:45 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E19C 29 KB
29 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AAYGu2SGB-KNA_P9uXwxA84sNBWNy0YexvyMtMzcN3uFjl77NHZoqw2JnAic8Iy3GtR47NZjufOcUzbjUP5Tsa1_-nouxFcYR5QlYv2G-h_hAgaibwZf0hZHH837ZxlzlB5Bo2shXCdernBrEIjyeAYAi7u7xYnZdUJ7B-Sozr4wcQ4minsNkEDyZ9IHIPxH_5pR76ZJcwuDO0MptqJmYKDeKaDcJ_ILz_2xodEUQ4QaFY77DCmJwUk&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0edaf0cf46f8e9c82febcace30199d14ae2bfac4f262543b6e529cfcc55a667

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:28:55 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29556
x-xss-protection: 1; mode=block
expires: Wed, 12 Jul 2023 14:28:55 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1480592840&t=timing&_s=2&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&ul=en-us&de=UTF-8&dt=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2211&pdt=1&dns=48&rrt=1&srt=19&tcp=19&dit=621&clt=625&_gst=192&_gbt=232&_u=KHBAAEABAAAAACAAI~&jid=&gjid=&cid=1908964415.1689172134&tid=UA-3347303-10&_gid=1306394831.1689172134&z=2062783660

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 23:40:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53317
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F7F6 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time: 1689172136304
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
X-YouTube-Client-Version: 1.20230709.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1MGt5QTY4TzRGRSil8bqlBg%3D%3D
X-YouTube-Ad-Signals: dt=1689172134124&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image&bid=ANyPxKrXQunk_dESljQt71_wxmqyHsb0l6W4rpC5JPyHxqsd_3IaCwDSyGQz0ncjOz4kebHi2rQK1zrYvNJ5OR_iNmhM88U4cg

Response headers

date: Wed, 12 Jul 2023 14:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 12 Jul 2023 14:28:56 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je37a0&_p=1480592840&cid=1908964415.1689172134&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1689172133&sct=1&seg=0&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn&dt=MDR%3A%20Your%20ticket%20to%20a%20real%20vacation%20%7C%20Malwarebytes&en=page_variant&_ee=1&epn.siteSpeedSampleRate=100&ep.variant_id=k&_et=243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 14:28:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.estore.malwarebytes.com
URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
try.malwarebytes.com/business-mdr-ticket-to-vacation/	1970-01-20 17:37:49	Name: ubpv Value: k%2Cf6eca7f1-f9fe-4fd8-a764-4fabc7a3184e
.malwarebytes.com/business-mdr-ticket-to-vacation	1970-01-20 21:58:28	Name: gaUserID Value: CE0B5F65-C8BA-42B2-B51F-2C4538DC5666
www.google.com/recaptcha	1970-01-20 17:32:04	Name: _GRECAPTCHA Value: 09AJ0TjMFRb0_ZThGvsx638YKvvHywGTJu9Nybq3itNWmYcgbxyCIFmi5kRGB5xqsnikZlzyM5_ORvgjzxoVO6yUg
try.malwarebytes.com/	1970-01-20 17:32:04	Name: ubvs Value: e082b0e9-ccef-4369-abe5-e8f1566e5116
.malwarebytes.com/	1970-01-20 13:17:11	Name: ubvt Value: v2%7Ce082b0e9-ccef-4369-abe5-e8f1566e5116%7Cf6eca7f1-f9fe-4fd8-a764-4fabc7a3184e%3Ak%3Asingle
.malwarebytes.com/	1970-01-20 13:14:18	Name: _gid Value: GA1.2.1306394831.1689172134
.malwarebytes.com/	1970-01-20 21:58:28	Name: _biz_uid Value: 77277c77100e487ada77770d7379aa76
.malwarebytes.com/	1970-01-20 13:12:53	Name: _biz_sid Value: 4da56f
.malwarebytes.com/	1970-01-20 21:58:28	Name: _biz_nA Value: 1
.try.malwarebytes.com/	1970-01-20 21:59:54	Name: _vwo_uuid_v2 Value: D03822ABD96B0192DBDD8D1598E53F9F0\|c909f56d76c30d136dae203716db8c13
.malwarebytes.com/	1970-01-20 22:48:52	Name: _ga Value: GA1.1.1908964415.1689172134
.malwarebytes.com/	1970-01-20 15:22:28	Name: _rdt_uuid Value: 1689172133683.56301262-820d-4197-8bf8-5ce442797ec5
.go.malwarebytes.com/	1970-01-20 13:12:53	Name: __cf_bm Value: C.al2p6rYIoa47UAmTev8_pa7pBPKmIrEYEHg5V6v8w-1689172133-0-AXJowol6NAB8/RDLHAM6aSyc9do8q8YFJYyhfnfJ6lKXZsuJvFm2+XyLDwNX/JvRLbE0QQruWkHNh+ox1FXTyOc=
.malwarebytes.com/	1970-01-20 15:36:52	Name: _vis_opt_s Value: 1%7C
.malwarebytes.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.malwarebytes.com/	1970-01-20 22:48:52	Name: _vwo_uuid Value: D03822ABD96B0192DBDD8D1598E53F9F0
.malwarebytes.com/	1970-01-20 13:12:53	Name: _vwo_sn Value: 0%3A1
.malwarebytes.com/	1970-01-20 15:22:28	Name: _gcl_au Value: 1.1.1802001900.1689172134
.malwarebytes.com/	1970-01-20 15:22:28	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241689172133%3A44.50784949%3A%3A19_0%2C1_0%3A4_0%2C3_0%3A0
.twitter.com/	1970-01-20 22:48:52	Name: personalization_id Value: "v1_hXHAwE+oBqHMOcYbnR9uYA=="
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -JFyYnkIhqk
.youtube.com/	1970-01-20 17:32:04	Name: VISITOR_INFO1_LIVE Value: u0kyA68O4FE
.t.co/	1970-01-20 22:48:52	Name: muc_ads Value: d1d92b4d-a9ea-40a2-adea-4f28ef2aa69d
.malwarebytes.com/	1970-01-20 13:12:52	Name: _gat Value: 1
.malwarebytes.com/	1970-01-20 22:48:52	Name: _ga_K8KCHE3KSC Value: GS1.1.1689172133.1.0.1689172133.60.0.0
.bizible.com/	1970-01-20 21:58:28	Name: _BUID Value: 77277c77100e487ada77770d7379aa76
.bizibly.com/	1970-01-20 21:58:28	Name: _BUID Value: 7ff87783370cf82a87431273406d7186
.malwarebytes.com/	1970-01-20 21:58:28	Name: _hjSessionUser_2233835 Value: eyJpZCI6IjZmM2NjZmMyLTBmZmEtNTQ4Yi05MDA1LTZkOGRiMzYzOTg2OCIsImNyZWF0ZWQiOjE2ODkxNzIxMzM4ODYsImV4aXN0aW5nIjpmYWxzZX0=
.malwarebytes.com/	1970-01-20 13:12:53	Name: _hjFirstSeen Value: 1
.malwarebytes.com/	1970-01-20 13:12:52	Name: _hjIncludedInSessionSample_2233835 Value: 0
.malwarebytes.com/	1970-01-20 13:12:53	Name: _hjSession_2233835 Value: eyJpZCI6IjU5ZWNmYjE3LTVkYWYtNDY4Mi1hY2M2LTU5ZjhmOTMxYTQzYiIsImNyZWF0ZWQiOjE2ODkxNzIxMzM5NjEsImluU2FtcGxlIjpmYWxzZX0=
.malwarebytes.com/	1970-01-20 13:12:53	Name: _hjAbsoluteSessionInProgress Value: 0
.malwarebytes.com/	1969-12-31 23:59:59	Name: __gtm_campaign_url Value: https%3A%2F%2Ftry.malwarebytes.com%2Fbusiness-mdr-ticket-to-vacation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_em_mql_hof_q2_168633492351%26utm_content%3Dem11_na_stay_on_vacation%26mkt_tok%3DODA1LVVTRy0zMDAAAAGM5M3dcTJ8LuqZxolLRyLwvWyVP7_60swQEU4sovO-yt-YnphBlo_PQ4ywNgibv7yQY1bIQ_6Dh4XSbIjVg7_JhuevS2IX06yIVS74FJmqCnlIySJn
.doubleclick.net/	1970-01-20 22:34:28	Name: IDE Value: AHWqTUkrRo55C7njwuAIFs0F2YTVll_5LpMFW4wvMWZffIVTxT1mQmGAIIuOhbBx
.malwarebytes.com/	1970-01-20 21:58:28	Name: _biz_pendingA Value: %5B%5D
.malwarebytes.com/	1970-01-20 21:58:28	Name: cb_user_id Value: null
.malwarebytes.com/	1970-01-20 21:58:28	Name: cb_group_id Value: null
.malwarebytes.com/	1970-01-20 21:58:28	Name: cb_anonymous_id Value: %2225674b6b-47e4-42e7-a9c1-dac759ab4cf6%22
.company-target.com/	1970-01-20 22:48:52	Name: tuuid Value: 6f320679-972e-4565-aa14-0a4b050be8aa
.company-target.com/	1970-01-20 22:48:52	Name: tuuid_lu Value: 1689172134\|ix:0\|mctv:0\|rp:0
.malwarebytes.com/	1970-01-20 13:14:18	Name: _uetsid Value: 6dc82ce020c011ee89b73fcd804a8ee2
.malwarebytes.com/	1970-01-20 22:34:28	Name: _uetvid Value: 6dc849d020c011eea16f15d22485dfca
.malwarebytes.com/	1970-01-20 15:22:28	Name: _fbp Value: fb.1.1689172134282.1173896851
.bing.com/	1970-01-20 22:34:28	Name: MUID Value: 34ED59EA2C7664C03FD04AA62DDA65BF
.malwarebytes.com/	1970-01-20 22:48:52	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1689172134317-39928
.casalemedia.com/	1970-01-20 21:58:28	Name: CMID Value: ZK64pvPS2E4QSbvYQZIzLgAA
.casalemedia.com/	1970-01-20 15:22:28	Name: CMPS Value: 3369
.casalemedia.com/	1970-01-20 15:22:28	Name: CMPRO Value: 3369
try.malwarebytes.com/	1970-01-20 13:14:18	Name: ln_or Value: eyIyNTk0MTAwIjoiZCJ9
.linkedin.com/	1970-01-20 15:22:28	Name: li_sugr Value: 5eca42dc-7dd4-4221-acca-938518712080
.linkedin.com/	1970-01-20 21:58:28	Name: bcookie Value: "v=2&bc685114-0686-4ff2-8f49-db3d2d664f21"
.linkedin.com/	1970-01-20 13:14:18	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3026:u=1:x=1:i=1689172134:t=1689258534:v=2:sig=AQG0YbQ9yPy1iWuOoP4_-RA9Nkg9Trjj"
.malwarebytes.com/	1970-01-20 21:58:28	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.tremorhub.com/	1970-01-20 21:58:49	Name: tvid Value: 2f1d8f7b06854c1ba1d257454f4ec869
.tremorhub.com/	1970-01-20 22:48:52	Name: tv_UIDM Value: 6f320679-972e-4565-aa14-0a4b050be8aa
go.malwarebytes.com/	1969-12-31 23:59:59	Name: BIGipServerab12web-nginx-app_https Value: !GQVUax99J3AbXJikCIQPm+cqSAXSEZT7whiiViFfV6fFVqxRiyXgctGIoEI/PKXaKjk45ibG6a5+Yw==
.linkedin.com/	1970-01-20 13:56:04	Name: UserMatchHistory Value: AQItpQXgoT_wjwAAAYlKgUtacbpeXnainbkjvkRK_8GoTp__rljk0cS_k9zaly4YrEDBo8cATN6EsQ
.linkedin.com/	1970-01-20 13:56:04	Name: AnalyticsSyncHistory Value: AQJNLeed5bnj4gAAAYlKgUta8KIxrD2bImTNOom0f--Zmj9qvUZizhHUVaR9OWxF-k_yGAWfLnn75MSGBbmMog
.www.linkedin.com/	1970-01-20 21:58:28	Name: bscookie Value: "v=1&20230712142854a35e4336-cdf5-4959-8bf1-748e092ceea2AQEs4I22bndEADQyXxMbzgORIhsXX9VU"
.linkedin.com/	1970-01-20 17:32:04	Name: li_gc Value: MTswOzE2ODkxNzIxMzQ7MjswMjEG+KUrCRtLStlc9lNqLKl5QP6pk7qdBbB+rnBKRCIuUg==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
alb.reddit.com
analytics.twitter.com
api.company-target.com
app.clearbit.com
bat.bing.com
builder-assets.unbounce.com
cdn.bizible.com
cdn.bizibly.com
cdn.linkedin.oribi.io
code.jquery.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
dsum-sec.casalemedia.com
events.ub-analytics.com
fonts.gstatic.com
fonts.ub-assets.com
go.malwarebytes.com
googleads.g.doubleclick.net
i.ytimg.com
id.rlcdn.com
jnn-pa.googleapis.com
munchkin.marketo.net
partners.tremorhub.com
pixel.rubiconproject.com
plausible.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.company-target.com
script.hotjar.com
scripts.demandbase.com
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.clearbitscripts.com
tag.demandbase.com
try.malwarebytes.com
unpkg.com
www.estore.malwarebytes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.malwarebytes.com
www.redditstatic.com
www.upsellit.com
www.youtube.com
x.clearbitjs.com
yt3.ggpht.com
www.estore.malwarebytes.com
104.17.74.206
104.244.42.195
104.244.42.197
104.64.124.188
108.138.17.47
108.139.243.113
13.107.42.14
13.225.34.74
13.32.145.119
146.75.120.157
151.101.1.140
152.195.15.58
18.153.4.44
18.164.52.73
185.80.39.216
192.28.144.124
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
2400:52e0:1e00::1082:1
2600:1f18:612b:4216:806d:dd25:b159:13be
2600:9000:20eb:5200:2:53b2:240:93a1
2600:9000:2113:200:1d:8d6d:3b40:93a1
2600:9000:218e:2600:16:26c7:ff80:93a1
2600:9000:21f3:3000:b:3165:13c0:21
2600:9000:248d:4200:7:d7d6:3c40:93a1
2606:4700::6810:7baf
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2016
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9a
2a02:26f0:480:f::213:7ec6
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42::396
3.126.202.50
3.127.196.46
34.117.39.58
34.198.74.222
34.96.102.137
34.96.71.22
35.244.174.68
52.222.174.14
52.222.250.38
69.173.144.165
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
08d5ceaa6ea3ddcfe60e0afb7d7ff593eff69c9d75b2caa91c3327ee18dea6e8
0dba37270367fbd0b0898db4bcd21a0c14765ea4a9b106c29f513b4551e3fd2c
10d3a8273ee71d8b92a9ef2a17de7a6435b531113963d523e920a13a26b1ca3a
1276c576f6bac7f4ee8863f76468b8c53a3169d557fb2dcdf474e9eda3fd833d
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
164a53ab7ade349d7339b91b9455723ef160dfd3046e9253f701db315bf5dfcf
170be287b63c8fd9ee9cd87200376b6d9c8ad7b92995d5c344d660404cdcee37
18271d6690dff8e11b10d288c8a0d7f609c3e4c437ebce13e3f919571f91793f
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cdf65f2af088923ed7b817b24c10645518840bfc4968b163c784ff90b534870
1ed2518f0f5e078c57ffdd658019e5724a63396409f4d4f21b9a30896f24084a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
25f5e5a24fb863083ea49c14e4b85d32f704894df9e077575fe7540f2e12dc55
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a329661ef811f2042d9ef23e825399f19d461d5c8571525cb4b78688fe5b00e
2b29e1cc8f0243d9d791d87d86263a534431c2abfb8b585c876b6ec680fbe82c
2cd02a845d216b65cbf347da50ad71576097edc1a8f42e1e15bc3041dfcc828e
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
32f1fabb79b7560583da24346b3ee57f3b58020a4ae4d58b8f57aaeab44e0aa4
351f8ad90f9ab93eae3461926df367e60e8bc2a805490a7a6965be7540050daa
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
3b4b5175548fea6ad7fb6304ea4bc05e9797c53e876981c57a499b61d2a11671
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e3c1be445dadc91f2009d9e0ba3cfdfeaab41b78d72b90c2e14994873cf3a26
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47a03a81a7d3e3e0236af34ab4b96b98657c8547d429655c7bb2dc8908d221e8
4bbe45428d147626df179385acd9fe250e6fd35d15d853d41d70d867af28230a
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5d90065be883fc29aa6e6932ba3bfe7b36e8a751966475f1675790cbc814d429
618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434
63e7450a89e66a53c8e02170ecd4a746fdb98b075d540b0537b79df6f63ffdf6
652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68d63ad79cba63fd20d8cc393a83f9dbf1fa16830bcce08f8bd292e422c04584
69b7dd1321ee147582acc524bccce832da1bb64fac6c12da92ac180b15f7b6c5
6f9511a5d65fb28201b0daf831d9d5b6dcc8e821a14ad0136094abbe4a3add0e
764a8f2a0dbfd94fa8e092380153a0327fa16cc5160472c83b6c364a16a72443
7687e0f43dc6533f4e0493c203238fce8650f3d58132002b5dcd42b066af0e38
7803984ee28ac784980a3f2c66778bee3f92f621bfab3910f763bd2db26aff5e
7abf4815f99d5042ade8d83c9ce86f58bc78430aceb46edebc618943f2d9e791
7ad349f95df1a4ebdbb59f61db8b27d14fdb228dfb43849ae4f9039997f89160
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837b96331fe847d63110348763da76af78f2351b85dbb7e3f30c8ed404178d61
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f
8608d5db4a1e7503cfb29036620c131911ada0008572864f07e00c5cf2cc4160
86b253339e076a51843ff48bc6be071227af53d385b917b266b57a5b8487e8df
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8dceec5bc8082139c08b66e1b7675b3b4c0d63d173382fad61bade69345fd98a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9a88f7befec3286362295187a23e46a4d8f267f8ed7e48a3b691019b00a81b30
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9ca990d682041fe4111521b5e1d7d95c3ab467deacc5fddbd661064ce2c6e4c7
9cb05471050c2f0f2d6484171629f788e046c50a9878f608ef192c77ef11244e
9ce53e25f835f59e7a9a99a62e1c00c68012d1b2ced3ee1d3f104311bb399bd2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1ae8f31935e86629fa559f16ad40a312e884a93b16fe92867c7c5e69ac22209
a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce
a955a7cbac676436fa67048953589a94d15eb9fb0f03deb5e9febd88cea469a0
abdd087bbef8f093d9b4fde4c61266ba6192d10c0a63af2991ac0b0eecefd6b3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43e6387463adb801e2d26c1cc0d3f65164185f1368f1070d43c46b48e3ce64f
b549af1d7717eb208a28000ddb3308e5f94bf16d3c1528c9017d5c9a855981c3
b7be58558ac5f613c44cc4ca498d6bd64de88aaa3f78e6d618771758205e8b9b
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
b8cad940bbe7be6642d4e6bd80946bb834b192a8e1f2fe89d4974562df589960
be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0
be65c686c20da9f937b0a670dba66ee231d289dd41e08cc34758da356c8d7e0b
c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69
c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921
c2dd71efd44d7405a97ea2be51bf61468ffcc6c704792cabbcb1eef3ef415490
c314f9ee0b4f26cc361ed98dea2fce5df975f29d1754279e80f4c9125a674feb
c4e1fd2041af31b05c83711865d548f3ec7f5fa9b7cd48060af8ba17f27a7056
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc333995572f5eb4654815c3b1878e60a842376caafaa26f4365c189cfa3ac85
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0edaf0cf46f8e9c82febcace30199d14ae2bfac4f262543b6e529cfcc55a667
d15cce198d0132613325ccff99e64b27530423609f9f62d49ff6b8eeab142ce2
d3f525e3bcae6cc0c10e5e58b63934c79baa27189acc35c67e01480d004834f3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daf900711b90586855f1f23a69867e42acd8df777c1fce72c02ed06f3edeb315
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6
efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053
f019c26e29621fe82eba2d95abd696f055cee45b9bce120760eb3ff593d2c16d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fcf1042ae3d7a627f8d3c063eaccc3894dbbc2194b5410c32864d7ebee23557f
fd4092bacea7c442fc5033af93696fb2544bc58e71bf9eb40658694fd464f4a4

try.malwarebytes.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

97 %HTTPS

53 %IPv6

45 Domains

59 Subdomains

55 IPs

7 Countries

3689 kBTransfer

9829 kBSize

60 Cookies

1 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

try.malwarebytes.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

97 %
HTTPS

53 %
IPv6

45
Domains

59
Subdomains

55
IPs

7
Countries

3689 kB
Transfer

9829 kB
Size

60
Cookies

155 HTTP transactions
2 data transactions