blog.malwarebytes.com Open in urlscan Pro
130.211.198.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6JmltdHM9MTY1NjY5MDA5MS...
Effective URL:
https://blog.malwarebytes.com/detections/malware-sandbox/
Submission: On July 01 via manual (July 1st 2022, 3:42:26 pm UTC) from US — Scanned from DE

Summary HTTP 142 Redirects Links 90 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 28 domains to perform 142 HTTP transactions. The main IP is 130.211.198.3, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is blog.malwarebytes.com. The Cisco Umbrella rank of the primary domain is 229599.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 16th 2022. Valid for: a year.

This is the only time blog.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
64	130.211.198.3 130.211.198.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2600:9000:206... 2600:9000:206f:1e00:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.239.137.4 52.239.137.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	52.0.65.187 52.0.65.187	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:224... 2600:9000:224a:d600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c25a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.215.92 143.204.215.92	16509 (AMAZON-02) (AMAZON-02)
1	34.230.165.31 34.230.165.31	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	52.19.186.186 52.19.186.186	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.215.97 143.204.215.97	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	143.204.215.82 143.204.215.82	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:2250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	52.4.135.4 52.4.135.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	52.222.236.90 52.222.236.90	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.57 18.66.122.57	16509 (AMAZON-02) (AMAZON-02)
1	46.51.142.25 46.51.142.25	16509 (AMAZON-02) (AMAZON-02)
142	39

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 130.211.198.3 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.198.211.130.bc.googleusercontent.com

blog.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:206f:1e00:16:26c7:ff80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.137.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

optanon.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.65.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-65-187.compute-1.amazonaws.com

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:d600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-92.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.165.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-165-31.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.186.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-186.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.97 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-97.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-82.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2250 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.135.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-135-4.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-90.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.142.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-142-25.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	malwarebytes.com 1 redirects blog.malwarebytes.com — Cisco Umbrella Rank: 229599 www.malwarebytes.com — Cisco Umbrella Rank: 33611 genesis.malwarebytes.com — Cisco Umbrella Rank: 269953	880 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482 tracking.crazyegg.com — Cisco Umbrella Rank: 3393	33 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 e.clarity.ms — Cisco Umbrella Rank: 5386 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
5	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 61 bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	14 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1198 api.company-target.com — Cisco Umbrella Rank: 2674	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	628 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	2 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5133 www.google.com — Cisco Umbrella Rank: 8	916 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3723 rp.liadm.com — Cisco Umbrella Rank: 2606 rp4.liadm.com — Cisco Umbrella Rank: 10858	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	208 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 474	1019 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	windows.net optanon.blob.core.windows.net — Cisco Umbrella Rank: 6134	27 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	354 B
1	t.co t.co — Cisco Umbrella Rank: 455	338 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 635	98 B
1	quora.com q.quora.com — Cisco Umbrella Rank: 2910	423 B
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 5597	19 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 944	2 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 766	256 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
142	28

	Domain	Requested by
64	blog.malwarebytes.com	www.bing.com blog.malwarebytes.com www.malwarebytes.com
17	www.malwarebytes.com	1 redirects blog.malwarebytes.com www.googletagmanager.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.malwarebytes.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	e.clarity.ms	www.clarity.ms
3	www.google.de	blog.malwarebytes.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com blog.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	blog.malwarebytes.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.google.com	blog.malwarebytes.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	segments.company-target.com	1 redirects blog.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	www.facebook.com	blog.malwarebytes.com
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	genesis.malwarebytes.com	www.malwarebytes.com
2	optanon.blob.core.windows.net	blog.malwarebytes.com optanon.blob.core.windows.net
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	analytics.twitter.com
1	t.co
1	static.ads-twitter.com	www.bing.com
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	rp4.liadm.com	blog.malwarebytes.com
1	rp.liadm.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	api.company-target.com	scripts.demandbase.com
1	id.rlcdn.com	blog.malwarebytes.com
1	px4.ads.linkedin.com	blog.malwarebytes.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	q.quora.com	blog.malwarebytes.com
1	scripts.demandbase.com	www.bing.com
1	snap.licdn.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	unpkg.com	www.googletagmanager.com
1	geolocation.onetrust.com	www.malwarebytes.com
1	cdn.jsdelivr.net	blog.malwarebytes.com
1	fonts.googleapis.com	blog.malwarebytes.com
1	www.bing.com
142	44

This site contains links to these domains. Also see Links.

Domain
www.malwarebytes.com
onetrust.com
resources.malwarebytes.com
press.malwarebytes.com
www.rsaconference.com
support.malwarebytes.com
forums.malwarebytes.com
www.youtube.com
jobs.malwarebytes.com
my.malwarebytes.com
cloud.malwarebytes.com
partners.malwarebytes.com
www.facebook.com
twitter.com
www.linkedin.com
go.malwarebytes.com
www.instagram.com
de.malwarebytes.com
es.malwarebytes.com
fr.malwarebytes.com
it.malwarebytes.com
pt.malwarebytes.com
br.malwarebytes.com
nl.malwarebytes.com
pl.malwarebytes.com
ru.malwarebytes.com

Subject Issuer	Validity	Valid
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
blog.malwarebytes.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-16` - `2023-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.malwarebytes.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-06-14` - `2023-06-14`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.malwarebytes.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.quora.com R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://blog.malwarebytes.com/detections/malware-sandbox/
Frame ID: 7E40157DB88CA5AC833A19ACE5D3C3DB
Requests: 141 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DEE5ACF0C569F07B1842340C5F72EFD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malware.Sandbox | Malwarebytes Labs | Detections The official Malwarebytes logo

Page URL History Show full URLs

https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6Jm... Page URL
https://blog.malwarebytes.com/detections/malware-sandbox/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

optanon\.blob\.core\.windows\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

142
Requests

96 %
HTTPS

51 %
IPv6

28
Domains

44
Subdomains

39
IPs

4
Countries

1415 kB
Transfer

3535 kB
Size

41
Cookies

90 Outgoing links

These are links going to different origins than the main page.

URL: https://www.malwarebytes.com/privacy/
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/premium/
Title: Malwarebytes for Windows

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mac/
Title: Malwarebytes for Mac

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/chromebook/
Title: Malwarebytes for Chromebook

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/browserguard/
Title: Malwarebytes Browser Guard

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/for-home/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/android/
Title: Malwarebytes for Android

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ios/
Title: Malwarebytes for iOS

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/vpn/
Title: Malwarebytes Privacy VPN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/for-home/products/
Title: Explore all Personal Products

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/pricing/
Title: Explore Pricing

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/mwb-download/thankyou/
Title: Free Trial of Malwarebytes Premium Protect your devices, your data, and your privacy—at home or on the go. Get free trial

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/solutions
Title: Solutions

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/solutions/small-business
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/pricing/business

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/solutions/mid-market/
Title: Mid-size Businesses

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/solutions/enterprise/
Title: Large Enterprise

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/education/
Title: Education

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/finance/
Title: Finance

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/government/
Title: Government

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/products
Title: Products

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-protection/
Title: Endpoint Protection

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/endpoint-protection/server-security/
Title: Endpoint Protection for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/edr/
Title: Endpoint Detection & Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/edr/server-security/
Title: Endpoint Detection & Response for Servers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/incident-response/
Title: Incident Response

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/services/malware-removal
Title: Malware Removal Service

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/cloud/
Title: Nebula Platform Architecture

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/dns-filtering
Title: DNS Filtering

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/vulnerability-patch-management
Title: Vulnerability & Patch Management

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/crowdstrike/
Title: Remediation for CrowdStrike®

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/teams
Title: For Teams

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/product-selector
Title: Help me choose a product

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/request_trial?ref=nav
Title: Get a free trial

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/
Title: Explore Partnerships

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/solution-providers/
Title: Resellers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/partners/managed-service-providers/
Title: Managed Service Providers

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/techbench/
Title: Computer Repair

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/integrations/
Title: Technology Partners

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/casestudy/optimus-systems-delivers-trusted-desktop-security-services-malwarebytes-managed-services-provider/
Title: See full story

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/antivirus/
Title: Antivirus

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/malware/
Title: Malware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/ransomware/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/cybersecurity/
Title: See all

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#reviews
Title: Reviews

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/#analyst-reports
Title: Analyst Reports

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/casestudies/
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://resources.malwarebytes.com/
Title: See all

Search URL Search Domain Scan URL

URL: https://press.malwarebytes.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.rsaconference.com/usa
Title: See Event

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/services/
Title: Premium Services

Search URL Search Domain Scan URL

URL: https://forums.malwarebytes.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/secure/
Title: Vulnerability Disclosure

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7JQhkZpiyvGPufW2RPBoQ
Title: Training for Personal Products

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/academy/
Title: Training for Business Products

Search URL Search Domain Scan URL

URL: https://support.malwarebytes.com/hc/en-us/articles/360046199873-Activate-Malwarebytes-Privacy-on-Windows-device
Title: See Content

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/contact/
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/company/
Title: About Malwarebytes

Search URL Search Domain Scan URL

URL: https://jobs.malwarebytes.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login/
Title: My Account

Search URL Search Domain Scan URL

URL: https://cloud.malwarebytes.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://partners.malwarebytes.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/newsletter/?email=&source=labs
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes

Search URL Search Domain Scan URL

URL: https://go.malwarebytes.com/CM_NA_MITREResults_0.1LP.html
Title: View Results >

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/business/
Title: FOR BUSINESS

Search URL Search Domain Scan URL

URL: https://my.malwarebytes.com/en/login
Title: SIGN IN

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/legal/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/tos/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/
Title: English

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.malwarebytes.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.malwarebytes.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://it.malwarebytes.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://pt.malwarebytes.com/
Title: Português (Portugal)

Search URL Search Domain Scan URL

URL: https://br.malwarebytes.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://nl.malwarebytes.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.malwarebytes.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://ru.malwarebytes.com/
Title: Pусский

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/se/
Title: Svenska

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6JmltdHM9MTY1NjY5MDA5MSZpZ3VpZD1lMWJiYTFlOC0xNGEwLTQyMjEtYTU3Zi1lYzZjMzU5ZjlkNGYmaW5zaWQ9NTE3MQ&ptn=3&fclid=47666481-f954-11ec-b305-a5d0a0021c3d&u=a1aHR0cHM6Ly9ibG9nLm1hbHdhcmVieXRlcy5jb20vZGV0ZWN0aW9ucy9tYWx3YXJlLXNhbmRib3gv&ntb=1 Page URL
https://blog.malwarebytes.com/detections/malware-sandbox/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.malwarebytes.com/css/NEW-NAV.css HTTP 301
https://www.malwarebytes.com/css/new-nav.css

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1656690140964%26url%3Dhttps%253A%252F%252Fblog.malwarebytes.com%252Fdetections%252Fmalware-sandbox%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true&e_ipv6=AQLkcsDCTHi8ZgAAAYG6bWlfTcps9UmrG9Wz4mq3ihn0_rfxqfjOtGFD3SIJpRtfovV6oVJTPaYP9g

Request Chain 108

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw&verifyHash=6f0601f8a350c05eaa7ab0b05255e030fbf4eb2d

Request Chain 115

https://rp.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=lc-bundle&refr=https%3A%2F%2Fwww.bing.com%2F&c=PHRpdGxlPgoKTWFsd2FyZS5TYW5kYm94IHwgTWFsd2FyZWJ5dGVzIExhYnMgfCBEZXRlY3Rpb25zICA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJNYWx3YXJlLlNhbmRib3guKGlkLW5yKSBhcmUgZGV0ZWN0aW9uIG5hbWVzIHByb2R1Y2VkIGJ5IHRoZSBFbXVsYXRpb24gbW9kdWxlcyBpbiBNYWx3YXJlYnl0ZXMgNCBhbmQgTWFsd2FyZWJ5dGVzIGJ1c2luZXNzIHByb2R1Y3RzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vYmxvZy5tYWx3YXJlYnl0ZXMuY29tL2RldGVjdGlvbnMvbWFsd2FyZS1zYW5kYm94LyI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjxoMT5NYWx3YXJlLlNhbmRib3g8L2gxPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=lc-bundle&refr=https%3A%2F%2Fwww.bing.com%2F&c=PHRpdGxlPgoKTWFsd2FyZS5TYW5kYm94IHwgTWFsd2FyZWJ5dGVzIExhYnMgfCBEZXRlY3Rpb25zICA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJNYWx3YXJlLlNhbmRib3guKGlkLW5yKSBhcmUgZGV0ZWN0aW9uIG5hbWVzIHByb2R1Y2VkIGJ5IHRoZSBFbXVsYXRpb24gbW9kdWxlcyBpbiBNYWx3YXJlYnl0ZXMgNCBhbmQgTWFsd2FyZWJ5dGVzIGJ1c2luZXNzIHByb2R1Y3RzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vYmxvZy5tYWx3YXJlYnl0ZXMuY29tL2RldGVjdGlvbnMvbWFsd2FyZS1zYW5kYm94LyI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjxoMT5NYWx3YXJlLlNhbmRib3g8L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE0&n3pc=true

Request Chain 125

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&RedC=c.clarity.ms&MXFR=14D08DAAAE2E6DB014419C7EAA2E632C HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&MUID=1B5E0FD45DA56B3237141E005CCE6AF1

142 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 a Show response
www.bing.com/ck/ 2 KB
2 KB 129ms
79ms Document
text/html 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6JmltdHM9MTY1NjY5MDA5MSZpZ3VpZD1lMWJiYTFlOC0xNGEwLTQyMjEtYTU3Zi1lYzZjMzU5ZjlkNGYmaW5zaWQ9NTE3MQ&ptn=3&fclid=47666481-f954-11ec-b305-a5d0a0021c3d&u=a1aHR0cHM6Ly9ibG9nLm1hbHdhcmVieXRlcy5jb20vZGV0ZWN0aW9ucy9tYWx3YXJlLXNhbmRib3gv&ntb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7c5d15cca2d78c9692d8c41e7365095332c67200b5cea192fd7b9cffdd2b01dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1275
content-type: text/html; charset=UTF-8
date: Fri, 01 Jul 2022 15:42:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8AA086D296ED44BC9A7D03714BD35C2E Ref B: FRAEDGE1416 Ref C: 2022-07-01T15:42:19Z

GET
H2 200 Primary Request / Show response
blog.malwarebytes.com/detections/malware-sandbox/ 124 KB
28 KB 472ms
169ms Document
text/html 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.malwarebytes.com/detections/malware-sandbox/

Requested by

Host: www.bing.com
URL: https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6JmltdHM9MTY1NjY5MDA5MSZpZ3VpZD1lMWJiYTFlOC0xNGEwLTQyMjEtYTU3Zi1lYzZjMzU5ZjlkNGYmaW5zaWQ9NTE3MQ&ptn=3&fclid=47666481-f954-11ec-b305-a5d0a0021c3d&u=a1aHR0cHM6Ly9ibG9nLm1hbHdhcmVieXRlcy5jb20vZGV0ZWN0aW9ucy9tYWx3YXJlLXNhbmRib3gv&ntb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.198.211.130.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

f31eae1ecf9c9b3b7ede28046e684e58fbc2d5d7836837295e9e0679c8dfb370

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
X-Frame-Options	DENY

Request headers

Referer: https://www.bing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors none;
content-type: text/html; charset=UTF-8
date: Fri, 01 Jul 2022 15:42:19 GMT
link: <https://blog.malwarebytes.com/wp-json/>; rel="https://api.w.org/" <https://blog.malwarebytes.com/?p=44280>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: DENY
x-powered-by: WP Engine

GET
H2 200 related-posts.css
blog.malwarebytes.com/wp-content/plugins/jetpack/modules/related-posts/ 7 KB
2 KB 140ms
134ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/jetpack/modules/related-posts/related-posts.css?ver=20211209
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: f50dc78339a9052160c523d10e4412d402487375a296dccfd3b995174cd03e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:00 GMT
server: nginx
etag: W/"62155dd0-1cf6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
blog.malwarebytes.com/wp-includes/css/dist/block-library/ 81 KB
11 KB 148ms
141ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
server: nginx
etag: W/"62443f51-145db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mediaelementplayer-legacy.min.css
blog.malwarebytes.com/wp-includes/js/mediaelement/ 11 KB
3 KB 149ms
143ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
etag: W/"5f735862-2bf8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-mediaelement.min.css
blog.malwarebytes.com/wp-includes/js/mediaelement/ 4 KB
1 KB 151ms
145ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.3
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
etag: W/"5cfaccce-105a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 prettyPhoto.min.css
blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 19 KB
3 KB 163ms
157ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/prettyphoto/prettyPhoto.min.css?ver=2.3.4
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:27 GMT
server: nginx
etag: W/"62155deb-4bdc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 57ms
21ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CBitter%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blog.malwarebytes.com/
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 15:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Jul 2022 15:42:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jul 2022 15:42:19 GMT

GET
H2 200 genericons.css
blog.malwarebytes.com/wp-content/plugins/jetpack/_inc/genericons/genericons/ 28 KB
16 KB 221ms
215ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:01 GMT
server: nginx
etag: W/"62155dd1-6e6a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 related-posts.min.js Show response
blog.malwarebytes.com/wp-content/plugins/jetpack/_inc/build/related-posts/ 6 KB
2 KB 227ms
221ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:01 GMT
server: nginx
etag: W/"62155dd1-160c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
blog.malwarebytes.com/wp-includes/js/jquery/ 87 KB
31 KB 249ms
244ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
blog.malwarebytes.com/wp-includes/js/jquery/ 11 KB
4 KB 353ms
348ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.prettyPhoto.min.js Show response
blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/prettyphoto/ 22 KB
6 KB 353ms
348ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/prettyphoto/jquery.prettyPhoto.min.js?ver=2.3.4
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:27 GMT
server: nginx
etag: W/"62155deb-5955"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 underscore.min.js Show response
blog.malwarebytes.com/wp-includes/js/ 19 KB
8 KB 354ms
349ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 21:47:13 GMT
server: nginx
etag: W/"61806061-4a7d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 infinite-scroll.pkgd.min.js Show response
blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 22 KB
7 KB 354ms
349ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.9.3
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:27 GMT
server: nginx
etag: W/"62155deb-581b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 front.js Show response
blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/js/ 26 KB
6 KB 354ms
349ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.4
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: dfb8eb0e0b152ba0c88f5281a71fbe5261cb76485928bd90150d04c7aa4ff4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 22:04:27 GMT
server: nginx
etag: W/"62155deb-6737"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 normalize.css
cdn.jsdelivr.net/npm/normalize.css@8.0.1/ 6 KB
2 KB 37ms
17ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/normalize.css@8.0.1/normalize.css

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8835614
x-jsd-version: 8.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"17fa-f/3jQ73xCt0fBS88QwihUYDrRAQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8JbV7yEN8WJJbMoO0KneaBlQpMJVj3opXALYQj3%2BjdQcWUUZjjdtTdBJc2u1kRTF3b234ZmZqwozTiQCazLMD%2BK7NasqRleY2dKVmYUuavHnoM4PD1ez7R4Z8u7K5GUKrVnuGb7iy%2B2KLXH3PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7240403ccfb0914d-FRA

GET
H2 200 style.css
www.malwarebytes.com/css/ 222 KB
34 KB 86ms
35ms Stylesheet
text/css 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/style.css?12-20-2016

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

106ff2dcabdf33e3a570650ebd622f534c02c6f751a8320ed879e172d767bbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Tue, 20 Jul 2021 14:26:52 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"60f6b548737dd71:0"
strict-transport-security: max-age=63072000
content-type: text/css
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Q3d-JdQ2J7pc6XLCjhra3kmXtbhVUGXW4akw3YqB1ivYw3XzRXSX0Q==

GET
H2 200 style.css
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/ 192 KB
31 KB 225ms
221ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b5b6e293a985bca8d942f45be20c11233b3a6b9699ca59c7063a22e6b9320314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-2ff5a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-1.11.3.min.js Show response
www.malwarebytes.com/js/ 94 KB
33 KB 67ms
16ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 869
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:30:58 GMT
last-modified: Tue, 20 Jul 2021 23:13:40 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"31cccee0bc7dd71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5ILuMyd6wzmyFqqF3FbeOmSywunsKV6wgkTypwJNoCRHu6PNuf7QTg==

GET
H/1.1 200
OK 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
optanon.blob.core.windows.net/consent/ 140 KB
21 KB 272ms
32ms Script
application/x-javascript 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 01 Jul 2022 15:42:19 GMT
Content-Encoding: GZIP
Last-Modified: Wed, 19 Aug 2020 23:29:25 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: NyuiOqvVdJMyWTtUb2ZlDA==
ETag: 0x8D84497B6030FBF
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 96cc7a05-f01e-0121-0f61-8df382000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=14400
x-ms-version: 2009-09-19
Content-Length: 20591

GET
H2 200 bootstrap.js Show response
www.malwarebytes.com/js/ 74 KB
14 KB 64ms
14ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/bootstrap.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d4e61ea4aafc5da0b582e7e15077addf35379acc4b7b03df0128ed33ba589884

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:41:00 GMT
last-modified: Tue, 20 Jul 2021 22:24:54 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"f29e8b10b67dd71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BDueoHKxgo2Cf-0F9KHTHMNvN99VkDeELI-bK9fA2afrQ0P3bO0uyA==

GET
H2 200 respond.min.js Show response
www.malwarebytes.com/js/ie-fixes/ 4 KB
3 KB 74ms
24ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/ie-fixes/respond.min.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Tue, 20 Jul 2021 23:10:33 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"10e31071bc7dd71:0"
strict-transport-security: max-age=63072000
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6fIXXEcOsc8fLX5iw9ygmtzzSFRqRSZJcP-LBZFrojHhA3nw0jATtg==

GET
H2 200 modernizr.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/ 17 KB
7 KB 353ms
349ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/modernizr.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: da819542692b3f1c2a667ba34eff3465a82d9756953a1446ab7d0772f9b1edd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-434b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nav-resize.js Show response
www.malwarebytes.com/js/ 12 KB
4 KB 77ms
27ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/nav-resize.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

93e43a00cd73303f914fe90d7be15dc032f4796891b571bf6cd9d9f36f4c91eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Mon, 17 May 2021 00:58:50 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"f16ddcccb74ad71:0"
strict-transport-security: max-age=63072000
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ckdbta65PNnvANdJTDd2J9nGMKgMZrQRDwOtIHPU-9Uk3AgkZtRkBQ==

GET
H2 200 flexibility.js Show response
www.malwarebytes.com/js/ 17 KB
6 KB 89ms
39ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/flexibility.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

58c13e24cdfb6384c26836e3eac52d17701cd9d686c56ebf93efbbe9426f8cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:41:00 GMT
last-modified: Tue, 20 Jul 2021 23:13:07 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"838aeaccbc7dd71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: p33yp7qoGhjgtHNphZ-EZxazTTQ-LCehJ7j2Mng_hyWe7-Kcd7cRUw==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 21 KB
8 KB 79ms
30ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/global.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:41:00 GMT
last-modified: Tue, 05 Oct 2021 21:07:34 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"f9abef42dbad71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Goqsw6LwFzqm4G0samlk2lQROKmj-KRFI1niY5S8mUataLdZeSk8uQ==

GET
H2 200 xs.js Show response
www.malwarebytes.com/js/ 9 KB
3 KB 82ms
32ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/xs.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c13527e6600d478c3cd7ae449acd6813e1c7209a97c0334702ee8d1a999a3a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Tue, 20 Jul 2021 23:10:17 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"f2378867bc7dd71:0"
strict-transport-security: max-age=63072000
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wFR7Q-R1XUyIYi64ReCM_iPmurELAIgfYUby9JVrQbQochIaj_8-2w==

GET
H2 200 search.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 1 KB
713 B 352ms
350ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/search.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1dc2b8fb26c1a74260a66519a2a5fdf37a938d1b43bbe4d8da7fcd652acc61b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-55e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2

200

new-nav.css
www.malwarebytes.com/css/
Redirect Chain

https://www.malwarebytes.com/css/NEW-NAV.css
https://www.malwarebytes.com/css/new-nav.css

22 KB
4 KB

14ms
12ms

Stylesheet
text/css

2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/new-nav.css

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72622641b79819e5c8b5c0543d105a45e30f13b1a6c0b5c3701e72de5b57e427

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 133
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:42:19 GMT
last-modified: Thu, 22 Apr 2021 13:23:18 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"55eeb1a87a37d71:0"
vary: Accept-Encoding
content-type: text/css
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YkTZYK5hwRH4qeRbBjuv4WiAl3wH-8aLRc52KEdwDkzSl_GOU0pBGg==

Redirect headers

date: Fri, 01 Jul 2022 15:40:06 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
age: 133
x-powered-by: ASP.NET
x-frame-options: DENY
strict-transport-security: max-age=63072000
content-type: text/html; charset=UTF-8
location: https://www.malwarebytes.com/css/new-nav.css
cache-control: max-age=900
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
content-length: 167
x-amz-cf-id: zrtiUb6WYClmNUaW5_N7ix5-2ZjLXd3T4LKALbIa3NUFvSthHgdLrg==

GET
H2 200 new-nav.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 6 KB
2 KB 352ms
350ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/new-nav.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2feca220db689e3d611ba517005ab3f14924016f9d133c57d5b22073560090e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-1734"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 call-to-action.min.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 2 KB
854 B 352ms
350ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/call-to-action.min.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 523d1af6ce4ee7e7193dd9d3f8b2145f525349131492d2defc81cbd653249e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-616"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 arrow.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/refreshed_homepage/ 2 KB
1 KB 295ms
288ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/refreshed_homepage/arrow.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-94e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 personal-icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 2 KB
1 KB 296ms
289ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/personal-icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d815528e2ed7985b63e839cbeb0b684e1fa8da87da3c1a0962b1eecfe437614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-6f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 pricing-icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 2 KB
1022 B 297ms
290ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/pricing-icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21da5195f86350f2b52a0ee70a668d4f72542d0413b57dd84f06593e0e0f7207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-73c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 smb.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 2 KB
1 KB 299ms
292ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/smb.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-9ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 buy-label.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 3 KB
1 KB 299ms
293ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/buy-label.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b569dd28a56f53339cc04cc2e251dcfb426262bd7ad60ed44cc35da0dd3b2cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-aa1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mid-size.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 1 KB
1011 B 300ms
294ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/mid-size.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-5d2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 large-ent.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 2 KB
1 KB 302ms
295ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/large-ent.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-7bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 new.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 1 KB
772 B 303ms
296ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/new.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-45d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 call.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/ 2 KB
1 KB 304ms
297ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/nav/call.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-679"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 partner-icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 4 KB
2 KB 305ms
298ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/partner-icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-116b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 optimus-systems.webp
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/partners/ 2 KB
2 KB 306ms
299ms Image
image/webp 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/partners/optimus-systems.webp
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-728"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1832

GET
H2 200 rsa2021.jpg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/ 27 KB
28 KB 306ms
300ms Image
image/jpeg 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/rsa2021.jpg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-6d66"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28006

GET
H2 200 watch-personal-icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 1 KB
830 B 307ms
301ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/watch-personal-icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-4f9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 watch-business-icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 1 KB
824 B 308ms
303ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/watch-business-icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-504"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 privacy.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/ 4 KB
2 KB 309ms
304ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/privacy.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-10a3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 search.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/ 296 B
438 B 310ms
305ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/search.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8f796d398e512c5d19a2fecc943d19a204927ff3cf9ec2cb3f75a025535268cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-128"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 global_mwb.min.js Show response
www.malwarebytes.com/js/ 21 KB
7 KB 21ms
12ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/global_mwb.min.js?v=34556

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

88281e6b9cf0efb09fede75df77011dc82b84f67deb77aea241d2ea006b2ed23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 134
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:40:06 GMT
last-modified: Wed, 01 Jun 2022 19:05:52 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"10b81e9dea75d81:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qfkFOwLnWQ8unyFDSN69ghIpAVcKPZlSU4bTAz00pK4pP96PH4gQoA==

GET
H2 200 user.min.js Show response
www.malwarebytes.com/js/personalization/ 3 KB
1 KB 21ms
12ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/personalization/user.min.js?v=141053055

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

89bb46ca9e1665e0e34f98ad788396746a1c65545b92674a150d397e1ae26374

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 134
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:40:06 GMT
last-modified: Tue, 07 Jun 2022 21:08:57 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"8c407cdb27ad81:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: YmFTnrKvetCGgAN4zt1mu_DIhcBSIvh4ur1XY6I_ECH8UjkDOMfnaA==

GET
H2 200 styles.promobanners.min.css
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/ 3 KB
1019 B 252ms
244ms Stylesheet
text/css 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/styles.promobanners.min.css
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: a6453b0bf49115380414b0823f6b4c5e699b7d0ea86bd6ce1ca6aad56e24e394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-a76"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 close.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/ 868 B
708 B 311ms
306ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/close.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f7da1e8c51daecdde094d37ad6ed35f3f70a3a0026d7df53cc88e4533a69f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-364"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 promo-banner.min.js Show response
www.malwarebytes.com/components/promo-banner/ 1 KB
953 B 295ms
286ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/components/promo-banner/promo-banner.min.js?v=277391195

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

af479055d8ab71820312f479d3ae324f2ed82c2fc68ef07c5bf6843720dc046d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
vary: Accept-Encoding
last-modified: Mon, 16 May 2022 21:08:44 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"35e296206969d81:0"
strict-transport-security: max-age=63072000
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: VrTNkmg0l4LQgk7glzDYp5p1y_ugi3oLCKHb1cFZgDn510DD9SAtXA==

GET
H2 200 nodiscountcountries.js Show response
www.malwarebytes.com/js/ecommerce/ 499 B
959 B 21ms
13ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/ecommerce/nodiscountcountries.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7961789aed44f7b97f6f755bfae322b38dd398de4a1022821c7be836a47f01f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 134
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:42:20 GMT
content-length: 499
last-modified: Mon, 13 Dec 2021 23:49:16 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: "996235a7cf0d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: D01wEZXTqW6EJdBaVyjderKCZ0Um1rLOyxWdf9SMI2yiBEx4rhjrXg==

GET
H2 200 pillarpage.css
www.malwarebytes.com/css/pages/ 3 KB
1 KB 24ms
16ms Stylesheet
text/css 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/css/pages/pillarpage.css

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

27071c74d832edde947646d99247a7df4670be18eb519d06ad9ec862164acdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Mon, 14 Jun 2021 21:36:30 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"cc4c73566561d71:0"
strict-transport-security: max-age=63072000
content-type: text/css
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: e2Nmtof0lMofgccqTxj7gWnqMBdj5WjA_p7hzc976YJHsh_-zpTysw==

GET
H2 200 wp-emoji-release.min.js Show response
blog.malwarebytes.com/wp-includes/js/ 18 KB
5 KB 312ms
307ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 malware.png
blog.malwarebytes.com/wp-content/uploads/2018/04/ 34 KB
34 KB 313ms
308ms Image
image/png 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/uploads/2018/04/malware.png
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 93ccd7eed319ad9170bdc3cf1412df111b2e25cd540e35959a3094fa37951f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Thu, 12 Apr 2018 20:39:56 GMT
server: nginx
etag: "5acfc41c-88e5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35045

GET
H2 200 smooth-scroll.js Show response
www.malwarebytes.com/js/ 2 KB
1 KB 20ms
11ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/smooth-scroll.js

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

252a50f6bc52015f12ea562f1217941684d191354a008889b30a4a929c883f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
age: 441
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 15:36:00 GMT
last-modified: Mon, 09 Aug 2021 20:56:24 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"86b8e13618dd71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: QLgTWH6y8W6LJyf_1mo5B22YdJHbuSjXiql7Yl97p2uty7g3f0txWA==

GET
H2 200 contributors.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 910 B
743 B 314ms
309ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/contributors.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6429fe0ed81fca5f6bb18cb0a0aacae3bd9de79192635aeed4cbda438139d75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-38e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 threat-center.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 2 KB
852 B 315ms
310ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/threat-center.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32d4b293bb7f25a21cc44e81184d4bbcb3bdd1837e026b98ed0ad85b3b1a5292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-812"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 podcast.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 3 KB
1 KB 316ms
311ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/podcast.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2b61a7c5b7861eb46842ccf373e2524d90d14034f5d56e92ad50f27756156b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-bc7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 glossary.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 760 B
654 B 317ms
313ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/glossary.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4e6efb587f3fdfb8155148201d0c51ac95d249a6727e8256acdfe624ade69af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-2f8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scams.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 842 B
698 B 318ms
314ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/scams.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05a173cb58022e81eb499529ac56df6ad7bafe1c61b8128dca8b76f300b5b60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-34a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 write.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 615 B
585 B 319ms
315ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/write.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: a6a97c4046257c7e4e063c9f76434c7ce2c1f105e46b07424fabfc054f2d4d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-267"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ic-pin-map.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 1 KB
821 B 320ms
316ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ic-pin-map.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 928759d761adf61723feb7a9affc2b058cc9d5044831da66fcadd823e265ab1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-45a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 world.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 4 KB
2 KB 321ms
317ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/world.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-1019"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 imagesloaded.min.js Show response
blog.malwarebytes.com/wp-includes/js/ 5 KB
2 KB 253ms
245ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
etag: W/"5ee520a7-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 masonry.min.js Show response
blog.malwarebytes.com/wp-includes/js/ 24 KB
8 KB 254ms
246ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
etag: W/"5ee520a7-5e4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.masonry.min.js Show response
blog.malwarebytes.com/wp-includes/js/jquery/ 2 KB
915 B 256ms
248ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
server: nginx
etag: W/"57b604a2-71b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 functions.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 2 KB
1 KB 257ms
249ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/functions.js?ver=2013-07-18
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9fcb181721162ce0d395b7b9b1e5bb5ca82c5f79bde749d4d0467ec2e65fcb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-8f9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 standard-search-results-footer.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 2 KB
772 B 258ms
250ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/standard-search-results-footer.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1532b16aa9cd1fef51c097aaf1abeac6cb6f239b026660e7105e49f4ae6549ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-704"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 labs-nav.js Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/ 493 B
413 B 259ms
251ms Script
application/javascript 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/js/labs-nav.js
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19333622f176d68bc17e307d8df96b15447864fbb0bbaac495e507fa64d96077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-1ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK optanon.css
optanon.blob.core.windows.net/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 32ms
32ms Stylesheet
text/css 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 01 Jul 2022 15:42:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 04:48:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: E062TbpGx6vwVsuuNM/jFw==
ETag: 0x8D83F440F482A65
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 96cc7a4a-f01e-0121-4b61-8df382000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5561

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 50ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery1113036525956331344545_1656690140124&_=1656690140125

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 724040403e3891d8-FRA
content-length: 32

GET
H2 200 Locator-Light.woff
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 29 KB
29 KB 140ms
140ms Font
font/woff 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/Locator-Light.woff
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-7330"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 29488

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
93 KB 257ms
201ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d977298a77093a654f49e50808dcaca507006201f707269c4724248fede1bbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95063
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jul 2022 15:42:20 GMT

GET
H2 200 Graphik-Light.otf
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 132 KB
132 KB 141ms
138ms Font
application/octet-stream 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/Graphik-Light.otf
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-20e60"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 134752

GET
H2 200 Graphik-Medium.otf
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 134 KB
135 KB 246ms
242ms Font
application/octet-stream 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/Graphik-Medium.otf
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-219c0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 137664

GET
H2 200 box-link-rings-personal.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/backgrounds/ 1 KB
813 B 311ms
310ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/backgrounds/box-link-rings-personal.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2409f262a4b65de1c6867ad7d607898380900587b69a60b881a9b888bd53e625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-52c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 Graphik-Regular.otf
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 128 KB
128 KB 311ms
311ms Font
application/octet-stream 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/Graphik-Regular.otf
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-20084"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 131204

GET
H2 200 Locator-Medium.woff
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 29 KB
29 KB 214ms
212ms Font
font/woff 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/Locator-Medium.woff
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: a52bbdb7b132e850fdaf5740012fcc0bc3f6ef0be520bc4b987d8761d40d015a

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-734c"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 29516

GET
H2 200 socicon.woff
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/ 20 KB
20 KB 214ms
213ms Font
font/woff 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/css/fonts/socicon.woff
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Origin: https://blog.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: "62a8c28f-4ff8"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20472

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 448 B
630 B 325ms
100ms XHR
application/json 52.0.65.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=34556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.65.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-65-187.compute-1.amazonaws.com
Software: /
Resource Hash: 4008b99d3f568c5c0051d54686cce9333b603992a685fe9db5c13ee2ac055afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://blog.malwarebytes.com
date: Fri, 01 Jul 2022 15:42:20 GMT
content-length: 448
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 instagram_icon.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/ 5 KB
2 KB 131ms
130ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/icons/instagram_icon.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-1225"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ic-search.svg
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ 601 B
604 B 259ms
259ms Image
image/svg+xml 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/images/footer/ic-search.svg
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 3.198.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/style.css?05-11-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 17:17:03 GMT
server: nginx
etag: W/"62a8c28f-259"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 448 B
629 B 102ms
101ms XHR
application/json 52.0.65.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.65.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-65-187.compute-1.amazonaws.com
Software: /
Resource Hash: 4008b99d3f568c5c0051d54686cce9333b603992a685fe9db5c13ee2ac055afa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://blog.malwarebytes.com
date: Fri, 01 Jul 2022 15:42:20 GMT
content-length: 448
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 pillarpages.json Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/ 100 B
412 B 249ms
249ms XHR
application/json 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/pillarpages.json

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.198.211.130.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

7e9bcd405af64ba784d4ead6dba8ed5c146a22c5bb6f264e756e3ded19a6fb6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
vary: Accept-Encoding,Cookie
last-modified: Fri, 01 Jul 2022 15:42:09 GMT
server: nginx
x-cacheable: SHORT
x-powered-by: WP Engine
etag: W/"64-5e2c03aa5b8c7"
x-frame-options: DENY
x-cache: HIT: 9
content-type: application/json
cache-control: max-age=600, must-revalidate
content-security-policy: frame-ancestors none;
accept-ranges: bytes
content-length: 100
x-cache-group: normal

GET
H2 200 intl-sites.json Show response
blog.malwarebytes.com/wp-content/themes/mb-labs-theme/ 890 B
628 B 250ms
249ms XHR
application/json 130.211.198.3
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.malwarebytes.com/wp-content/themes/mb-labs-theme/intl-sites.json

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

130.211.198.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

3.198.211.130.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.malwarebytes.com/detections/malware-sandbox/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Fri, 01 Jul 2022 15:42:09 GMT
server: nginx
x-cacheable: SHORT
x-powered-by: WP Engine
etag: W/"37a-5e2c03aa65509"
x-frame-options: DENY
x-cache: HIT: 9
content-type: application/json
cache-control: max-age=600, must-revalidate
content-security-policy: frame-ancestors none;
x-cache-group: normal

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
72 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f52216dcd90458dce6f8b58985a8d65bf5334a45a1dbd944583d4e914055b317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73246
x-xss-protection: 0
expires: Fri, 01 Jul 2022 15:42:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: 1z640mXrPe8je2mcDyQdCFN5TwDxA0abVIC1ZZAkDzlDuDD4+oju6moO7E575dgGs3/RfUL1ONVenUjeAuex5g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 01 Jul 2022 15:42:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2251
date: Fri, 01 Jul 2022 15:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Jul 2022 17:04:49 GMT

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 37ms
19ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9094328
fly-request-id: 01FYE5SX54TJZTQVN4X3QYN0MA-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72404044ae6d5c14-FRA

GET
H2 200 a-06kg.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 44ms
11ms Script
application/javascript 2600:9000:224a:d600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06kg.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dad63e00a2a978b109879ca1b25fcff3d0b78ad715388be7cbd3b9b804c4348d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 00:35:05 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
age: 54435
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: p3UmqFJmKT-NTldUO7Ybjgg7UU2CIKlv1URU78K8jhPpzWwU0Xo5QA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 54ms
9ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c25a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 15:42:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=78386
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 45ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF5BA13F36C847D4AC68FA02B12F1D68 Ref B: FRAEDGE1416 Ref C: 2022-07-01T15:42:20Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 01 Jul 2022 15:42:20 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 68 KB
19 KB 83ms
10ms Script
application/javascript 143.204.215.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-92.fra53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

821b2e61ecdbbd3e8e5272ede8ba824140773b2e54e29ed32d954d56f0c2ea5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: scSJhFCUQVGRPLVZniTnw3g3rCsBOoq0
content-encoding: gzip
etag: W/"268a61f1e6bae01e59aad72777653570"
age: 138
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Wed, 04 May 2022 20:23:15 GMT
server: AmazonS3
date: Fri, 01 Jul 2022 15:41:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2KhwUZWpUWoUAFnYDBAeJRYBpBEWHp1a-1oBCpZpHoCK39vzgURngg==

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 108ms
108ms Script
application/javascript 2600:9000:206f:1e00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1e00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
date: Fri, 01 Jul 2022 15:42:20 GMT
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY
etag: W/"83427fbdbc7dd71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: Eid7gf8nvScQx6TNfuBXbrsnuNj6xC_Fv70cPRXjknmwQHwrnJtX-g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

319f9d200e18c7bfff3e2e30689d9b986f97f0a94bfae84b59dc535bc4d0b515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44124
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jul 2022 15:42:20 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
423 B 400ms
101ms Image
image/gif 34.230.165.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.230.165.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-165-31.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 15:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,2c4505a22b0acb114a2bf87af90b80a5,10.0.0.146,25558,178.162.209.134,,42426430080,1,1656690141.236,0.001,,.,0,0,0.000,0.000,-,0,0,197,118,59,10,34729,,,,,,-,
Content-Type: image/gif

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 19ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.64

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20716
x-xss-protection: 0
pragma: public
x-fb-debug: 6xYkWTFzrem0GmS9sthvw99vx2zFvIyJserJJJxpNz5j9CAzuThLNNDcnhnqbA5CUyhu0KQSJRpHQWBGkyCzdA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Jul 2022 15:42:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 25ms
16ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60784dbcbfc107144c42f881d787e99c7282563981089750b28a278275a38f85

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86225
x-xss-protection: 0
pragma: public
x-fb-debug: 5ezCHvuyDKUiKjhEAz7dcNw1ZPYe59i7mXDgRDUYkta7FEmgNSyhYgbHvXza2YwVgMJeWa1mRxdkxijEBrhYkA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Jul 2022 15:42:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
351 B 50ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=2oe6t0&_p=1826796466&_z=ccd.v9B&_gaz=1&cid=346231307.1656690141&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&sid=1656690140&sct=1&seg=0&dr=https%3A%2F%2Fwww.bing.com%2F&dt=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 57ms
18ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=346231307.1656690141&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 76ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=346231307.1656690141&gtm=2oe6t0&aip=1&z=1991470621

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 44ms
14ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 14:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jul 2022 15:56:38 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1656690140964%26url%3Dhttps%253A%252F%252Fblog.malwarebytes.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true&e_ipv6=AQLkcsDCTHi8ZgAAAYG6bWlfT...

0
263 B

190ms
159ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true&e_ipv6=AQLkcsDCTHi8ZgAAAYG6bWlfTcps9UmrG9Wz4mq3ihn0_rfxqfjOtGFD3SIJpRtfovV6oVJTPaYP9g
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F04123F2F8854D499434341B1537234A Ref B: FRAEDGE1317 Ref C: 2022-07-01T15:42:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiwDtmdrg3D6IooAOm7w==
x-li-fabric: prod-ltx1

Redirect headers

date: Fri, 01 Jul 2022 15:42:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DB7D7FF46DE7429BB6D194E61C3E5D2F Ref B: VIEEDGE2008 Ref C: 2022-07-01T15:42:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1656690140964&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&liSync=true&e_ipv6=AQLkcsDCTHi8ZgAAAYG6bWlfTcps9UmrG9Wz4mq3ihn0_rfxqfjOtGFD3SIJpRtfovV6oVJTPaYP9g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiwDtjUCeU3HpFz/1dDA==

GET
H2 200 4072696.js Show response
bat.bing.com/p/action/ 218 B
474 B 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17cd20d8d2b12fb382778065141cb16e4200e0a75e4b2c3b2c549548ae9a05be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92F14BAE8D47423C955A635831202BD2 Ref B: FRAEDGE1416 Ref C: 2022-07-01T15:42:20Z
date: Fri, 01 Jul 2022 15:42:20 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
120 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=91dd4a09-480b-4475-8df8-828ea0d2530e&sid=650ee490f95411ecbf0b4df84498ca49&vid=650ecc10f95411ec93077581870bc833&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&p=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&r=https%3A%2F%2Fwww.bing.com%2F&lt=1716&evt=pageLoad&msclkid=N&sv=1&rn=60216

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED822DF35E75438198F8BDAEA2C6D4A5 Ref B: FRAEDGE1416 Ref C: 2022-07-01T15:42:20Z
date: Fri, 01 Jul 2022 15:42:20 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 31ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&rl=https%3A%2F%2Fwww.bing.com%2F&if=false&ts=1656690140977&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1656690140976.1082652082&it=1656690140910&coo=false&tm=1&rqm=GET

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 01 Jul 2022 15:42:21 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw&verifyHash=6f0601f8a350c05eaa7ab0b05255e030fbf4eb2d

26 B
409 B

194ms
193ms

Image
image/gif

143.204.215.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw&verifyHash=6f0601f8a350c05eaa7ab0b05255e030fbf4eb2d
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: HTTP/1.1
Server: 143.204.215.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-97.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 15:42:21 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 4ed94369d3c636e6
X-Amz-Cf-Id: F842rtWbOGLnBRULynDIMZO2qZiLAI3VVOZGzlBzT_h6Rosw3cLtew==

Redirect headers

Date: Fri, 01 Jul 2022 15:42:21 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAET8U7FfiwAAF3EaikHCw&verifyHash=6f0601f8a350c05eaa7ab0b05255e030fbf4eb2d
Connection: keep-alive
trace-id: 185ef17e014417fd
Content-Length: 0
X-Amz-Cf-Id: uA6PGthXlthsTGbwRqHFsckqIm3dYqTyH66HK8oRyLpXJxJhunZqDw==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 81ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 478 B
969 B 109ms
52ms XHR
application/json 143.204.215.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fwww.bing.com%2F&page=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&page_title=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&src=tag&auth=TcuHErVpEQlFNgsvW0BgkLmoffXoRf8c17jto6PU
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-82.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: bae35dfcac893390b130c5448ae84b547513aeb7e6883745734892213af3facc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: adcee3e1-0497-498d-b0da-46c9ea7e87ad
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://blog.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ob1aaL_jGndBYDbu0z1XuuDWnbzo42eaURsdlQ1sSIWYDf9yBZq8JQ==
expires: Thu, 30 Jun 2022 15:42:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 78ms
30ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 15:42:21 GMT

GET
H2 200 4072696 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 182ms
108ms Script
application/x-javascript 2620:1ec:27::cafe:2250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4072696
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4072696.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5a6d3a3861d4fb760f6a98c5f38da45d9163d243e33c4868c98583d2d2897791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
x-powered-by: ASP.NET
x-azure-ref: 03RW/YgAAAACHWca57I7gQq7jJg3J2aZbQlJVMzBFREdFMDcwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 1638
expires: -1

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 55ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3347303-10&cid=346231307.1656690141&jid=452262312&uid=5CE2D3FD-3750-4158-B08F-0F7EEAE29954&gjid=539540299&_gid=1096240185.1656690141&_u=aCDAgEAjAAAAAE~&z=1522255552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Jul 2022 15:42:21 GMT
content-type: text/plain
access-control-allow-origin: https://blog.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1826796466&t=pageview&_s=1&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=UTF-8&dt=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAj~&jid=452262312&gjid=539540299&cid=346231307.1656690141&uid=5CE2D3FD-3750-4158-B08F-0F7EEAE29954&tid=UA-3347303-10&_gid=1096240185.1656690141&gtm=2wg6t0MKSKW3&z=1136552899

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=l...
https://rp4.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=...

13 B
553 B

427ms
104ms

XHR
application/json

52.4.135.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=lc-bundle&refr=https%3A%2F%2Fwww.bing.com%2F&c=PHRpdGxlPgoKTWFsd2FyZS5TYW5kYm94IHwgTWFsd2FyZWJ5dGVzIExhYnMgfCBEZXRlY3Rpb25zICA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJNYWx3YXJlLlNhbmRib3guKGlkLW5yKSBhcmUgZGV0ZWN0aW9uIG5hbWVzIHByb2R1Y2VkIGJ5IHRoZSBFbXVsYXRpb24gbW9kdWxlcyBpbiBNYWx3YXJlYnl0ZXMgNCBhbmQgTWFsd2FyZWJ5dGVzIGJ1c2luZXNzIHByb2R1Y3RzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vYmxvZy5tYWx3YXJlYnl0ZXMuY29tL2RldGVjdGlvbnMvbWFsd2FyZS1zYW5kYm94LyI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjxoMT5NYWx3YXJlLlNhbmRib3g8L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE0&n3pc=true

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Server

52.4.135.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-135-4.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
x-pixel-event-id: 602469fd-79bb-4d43-b126-4d2afdb54bdc
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 51e482d7bf9c1b81
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Fri, 01 Jul 2022 15:42:21 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1656690141066&aid=a-06kg&se=e30&duid=ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c&tna=v2.4.0&pu=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&wpn=lc-bundle&refr=https%3A%2F%2Fwww.bing.com%2F&c=PHRpdGxlPgoKTWFsd2FyZS5TYW5kYm94IHwgTWFsd2FyZWJ5dGVzIExhYnMgfCBEZXRlY3Rpb25zICA8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJNYWx3YXJlLlNhbmRib3guKGlkLW5yKSBhcmUgZGV0ZWN0aW9uIG5hbWVzIHByb2R1Y2VkIGJ5IHRoZSBFbXVsYXRpb24gbW9kdWxlcyBpbiBNYWx3YXJlYnl0ZXMgNCBhbmQgTWFsd2FyZWJ5dGVzIGJ1c2luZXNzIHByb2R1Y3RzLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vYmxvZy5tYWx3YXJlYnl0ZXMuY29tL2RldGVjdGlvbnMvbWFsd2FyZS1zYW5kYm94LyI-PHRpdGxlIGlkPSJtYWx3YXJlYnl0ZXMtbWFpbi1sb2dvLXRpdGxlIj5UaGUgb2ZmaWNpYWwgTWFsd2FyZWJ5dGVzIGxvZ288L3RpdGxlPjxoMT5NYWx3YXJlLlNhbmRib3g8L2gxPg&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjE0&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://blog.malwarebytes.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 5b10a7be6e7dea36
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 76ms
39ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=346231307.1656690141&jid=452262312&_u=aCDAgEAjAAAAAE~&z=856124051

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 71ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=346231307.1656690141&jid=452262312&_u=aCDAgEAjAAAAAE~&z=856124051

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
2 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1656690141089&cv=9&fst=1656690141089&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cf340c58add58fdbc2a0aa29221ab8c22e18090799c25eecb482418d07bca11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1826796466&t=event&ni=1&_s=2&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=UTF-8&dt=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAgEAjAAAAAE~&jid=&gjid=&cid=346231307.1656690141&uid=5CE2D3FD-3750-4158-B08F-0F7EEAE29954&tid=UA-3347303-10&_gid=1096240185.1656690141&gtm=2wg6t0MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Erkelenz&cd12=NW&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=978660708

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
64 B 61ms
25ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1656690141089&cv=9&fst=1656687600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&async=1&fmt=3&is_vtc=1&random=2503040868&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1656690141089&cv=9&fst=1656687600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&ref=https%3A%2F%2Fwww.bing.com%2F&tiba=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&async=1&fmt=3&is_vtc=1&random=2503040868&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.34/ 53 KB
23 KB 122ms
121ms Script
application/javascript 2620:1ec:27::cafe:2250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4072696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:20 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 03RW/YgAAAADxgQ4CbuPhSbmBKz3i/s3zQlJVMzBFREdFMDcwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect Show response
e.clarity.ms/ 0
179 B 407ms
196ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://blog.malwarebytes.com
date: Fri, 01 Jul 2022 15:42:21 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DEE5 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: blog.malwarebytes.com
URL: https://blog.malwarebytes.com/detections/malware-sandbox/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://blog.malwarebytes.com
Referer: https://blog.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://blog.malwarebytes.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jul 2022 15:42:21 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&RedC=c.clarity.ms&MXFR=14D08DAAAE2E6DB014419C7EAA2E632C
https://c.clarity.ms/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&MUID=1B5E0FD45DA56B3237141E005CCE6AF1

42 B
368 B

29ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&MUID=1B5E0FD45DA56B3237141E005CCE6AF1
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Jul 2022 15:42:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46FA90A706954EA1A728913473548E1B Ref B: FRAEDGE1416 Ref C: 2022-07-01T15:42:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=CBF00FFEFB544E7EB5CAE1D8AA26D711&MUID=1B5E0FD45DA56B3237141E005CCE6AF1
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 6 KB
2 KB 44ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ece6309089f71abefd24821c6fd8a9a599dd711751413cd714c6e5bd15cf75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 31731
cf-polished: origSize=6055
cf-ray: 7240404acab08ff8-FRA
ce-version: 11.1.455
last-modified: Fri, 01 Jul 2022 06:53:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 51ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bing.com
URL: https://www.bing.com/ck/a?!&&p=a6e79ec5035904dbc55854218cd36e9dca8d70c3a2eaf025664b37b9fa4296a6JmltdHM9MTY1NjY5MDA5MSZpZ3VpZD1lMWJiYTFlOC0xNGEwLTQyMjEtYTU3Zi1lYzZjMzU5ZjlkNGYmaW5zaWQ9NTE3MQ&ptn=3&fclid=47666481-f954-11ec-b305-a5d0a0021c3d&u=a1aHR0cHM6Ly9ibG9nLm1hbHdhcmVieXRlcy5jb20vZGV0ZWN0aW9ucy9tYWx3YXJlLXNhbmRib3gv&ntb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kcgs7200175-IAD, cache-muc13920-MUC

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1826796466&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=UTF-8&dt=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=25&_u=aDDAgEAjAAAAAE~&jid=&gjid=&cid=346231307.1656690141&uid=5CE2D3FD-3750-4158-B08F-0F7EEAE29954&tid=UA-3347303-10&_gid=1096240185.1656690141&gtm=2wg6t0MKSKW3&z=1841069254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1826796466&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=UTF-8&dt=Malware.Sandbox%20%7C%20Malwarebytes%20Labs%20%7C%20Detections&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&ev=50&_u=aDDAgEAjAAAAAE~&jid=&gjid=&cid=346231307.1656690141&uid=5CE2D3FD-3750-4158-B08F-0F7EEAE29954&tid=UA-3347303-10&_gid=1096240185.1656690141&gtm=2wg6t0MKSKW3&z=102317137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 21:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/data-scripts/0081/ 5 KB
2 KB 35ms
16ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbed61892c8c7fc3162c81f5669c65d37dd20ca0f24c5b514f8bd559a9f74268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 31788
ce-version: 11.1.455
content-length: 1571
timing-allow-origin: *
last-modified: Fri, 01 Jul 2022 06:52:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7240404af890bb35-FRA

GET
H2 200 adsct
t.co/i/ 43 B
338 B 146ms
124ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b8eb3f1b-a1c1-4697-a0fa-33ba8e25d99d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=24c92368-c15c-4bae-a6b4-768117ca20f3&tw_document_href=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.4.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 117
date: Fri, 01 Jul 2022 15:42:21 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: cdbfee0074979568674544a5a0c52d7c6e12e9a0df49d5b3271ddc2f7668f522
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 361ms
119ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b8eb3f1b-a1c1-4697-a0fa-33ba8e25d99d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=24c92368-c15c-4bae-a6b4-768117ca20f3&tw_document_href=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.4.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 01 Jul 2022 15:42:21 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9aaeff890e4a5aa8ce7447cb936261ebbeab9448345a2f0b2719295546da3a59
content-length: 43

GET
H2 200 11.1.455.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 14ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 04:57:06 GMT
server: cloudflare
age: 186321
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 7240404b1aff8ff8-FRA
content-length: 28087

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0081/ 46 B
158 B 16ms
16ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0081/2893.json?t=460191
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c328342c08d67bafbbb3a20ec097c639d37bfbbf340e36e82bc6b50ded8dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 15:42:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 31786
ce-version: 11.1.455
content-length: 65
timing-allow-origin: *
last-modified: Fri, 01 Jul 2022 06:52:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7240404b3921bb35-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 33ms
8ms XHR
binary/octet-stream 52.222.236.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 7191062
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 19
x-amz-cf-id: a_cy0OHwpEjy5Mehqm4DU7Buv1M1hZmNz_ySf7zgJF7fyhNULP11lA==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 44ms
7ms XHR
binary/octet-stream 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 16597075
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 19
x-amz-cf-id: TEpaJloCXbLpIFstHF7c0a7n7qpMHQ80Vmd2DlRNFAWUTkiewh94XA==

GET
BLOB 200
OK cb51470b-aeeb-4ed0-a107-23a2f01246a8
https://blog.malwarebytes.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blog.malwarebytes.com/cb51470b-aeeb-4ed0-a107-23a2f01246a8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
136 B 122ms
42ms XHR
text/plain 46.51.142.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1656690142036
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.142.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-142-25.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: d71cfdd73c739b3047673ec76cff3ab05094b852afe7fc1b79f815a8c54fbe89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Jul 2022 15:42:22 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://blog.malwarebytes.com
date: Fri, 01 Jul 2022 15:42:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 99ms
97ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://blog.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://blog.malwarebytes.com
date: Fri, 01 Jul 2022 15:42:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malwarebytes.com/detections/malware-sandbox	1970-01-20 12:57:06	Name: gaUserID Value: 5CE2D3FD-3750-4158-B08F-0F7EEAE29954
.malwarebytes.com/	1970-01-20 04:12:56	Name: visited Value: true
.malwarebytes.com/	1969-12-31 23:59:59	Name: __gtm_referrer Value: https%3A%2F%2Fwww.bing.com%2F
.malwarebytes.com/	1970-01-20 21:42:42	Name: _ga_K8KCHE3KSC Value: GS1.1.1656690140.1.0.1656690140.60
.bing.com/	1970-01-20 13:33:06	Name: MUID Value: 1B5E0FD45DA56B3237141E005CCE6AF1
.malwarebytes.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .malwarebytes.com
.malwarebytes.com/	1970-01-20 21:42:42	Name: _lc2_fpi Value: ff3668206ce6--01g6x6tsrpcza02g7rrdj9ew6c
.malwarebytes.com/	1970-01-20 21:42:42	Name: _ga Value: GA1.2.346231307.1656690141
.malwarebytes.com/	1970-01-20 04:12:56	Name: _gid Value: GA1.2.1096240185.1656690141
.malwarebytes.com/	1970-01-20 04:12:56	Name: _uetsid Value: 650ee490f95411ecbf0b4df84498ca49
.malwarebytes.com/	1970-01-20 13:33:06	Name: _uetvid Value: 650ecc10f95411ec93077581870bc833
.malwarebytes.com/	1970-01-20 06:21:06	Name: _fbp Value: fb.1.1656690140976.1082652082
.malwarebytes.com/	1970-01-20 06:21:06	Name: _gcl_au Value: 1.1.521739995.1656690141
.malwarebytes.com/	1970-01-20 04:11:30	Name: _dc_gtm_UA-3347303-10 Value: 1
.doubleclick.net/	1970-01-20 04:11:31	Name: test_cookie Value: CheckForPermission
.bidr.io/	1970-01-20 13:40:03	Name: bito Value: AAET8U7FfiwAAF3EaikHCw
.bidr.io/	1970-01-20 13:40:03	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 04:54:42	Name: UserMatchHistory Value: AQIE-wsLHE03LwAAAYG6bWew6pE1Wrh01Rs25MLp2xalr_MQE7JQz4qyP-ieKkCY6v8AmeowjhQRig
.linkedin.com/	1970-01-20 04:54:42	Name: AnalyticsSyncHistory Value: AQKDuh_tmtnLgQAAAYG6bWewtXxPZLtvPmrH8HuR9hTUiFbwjSZAfCu5ahQY44L34Nhp1m268Hn7AN1Z4cYfxg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:43:23	Name: bcookie Value: "v=2&3a5a2368-fc82-48e2-8a4c-428c37078aa7"
.linkedin.com/	1970-01-20 04:12:56	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2781:u=1:x=1:i=1656690141:t=1656776541:v=2:sig=AQEGJY3myMOfx1E8wah3jFP-AI3hbsrt"
www.clarity.ms/	1970-01-20 12:57:06	Name: CLID Value: e12ef226b7f044ba938fd0a7bbe3f6d1.20220701.20230701
.company-target.com/	1970-01-20 21:42:42	Name: tuuid Value: 480d43bc-c9c3-49d7-b9bc-e5b4ad98db6c
.company-target.com/	1970-01-20 21:42:42	Name: tuuid_lu Value: 1656690141
.malwarebytes.com/	1970-01-20 12:57:06	Name: _clck Value: 1hlf4z6\|1\|f2s\|0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:43:23	Name: bscookie Value: "v=1&20220701154221e1c621db-c885-4547-813d-5d3645635b9dAQEfsRkGwHR-3h5GVekZxrI5Z601Iw7G"
.linkedin.com/	1970-01-20 21:41:24	Name: li_gc Value: MTswOzE2NTY2OTAxNDE7MjswMjGGPGLhn5oqMcDYSCT/kXx58jfHjTexxTN9ski/qJP5uA==
.liadm.com/	1970-01-20 21:42:42	Name: lidid Value: 66b62317-68b0-490e-8314-7ba3eabdf1f7
.malwarebytes.com/	1970-01-20 12:57:06	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Jul+01+2022+15%3A42%3A21+GMT%2B0000+(GMT)&version=6.4.0&landingPath=https%3A%2F%2Fblog.malwarebytes.com%2Fdetections%2Fmalware-sandbox%2F&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.malwarebytes.com/	1970-01-20 04:12:56	Name: _clsk Value: tfxuvk\|1656690141849\|1\|1\|e.clarity.ms/collect
.malwarebytes.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.malwarebytes.com/	1970-01-20 12:57:06	Name: _ce.s Value: v~9e6e8eff0f5f1b3f046007dace754aedd00e497c~vpv~0
.c.bing.com/	1970-01-20 13:33:06	Name: SRM_B Value: 1B5E0FD45DA56B3237141E005CCE6AF1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:33:06	Name: MUID Value: 1B5E0FD45DA56B3237141E005CCE6AF1
.c.clarity.ms/	1970-01-20 04:11:30	Name: ANONCHK Value: 0
.t.co/	1970-01-20 21:42:42	Name: muc_ads Value: 3e964632-7b06-43e4-936a-c4f74d624a69
.malwarebytes.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
.twitter.com/	1970-01-20 21:42:42	Name: personalization_id Value: "v1_r0gPARDu5mAERFJ6UurziA=="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.company-target.com
assets-tracking.crazyegg.com
b-code.liadm.com
bat.bing.com
blog.malwarebytes.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
e.clarity.ms
fonts.googleapis.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
match.prod.bidr.io
optanon.blob.core.windows.net
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
script.crazyegg.com
scripts.demandbase.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
unpkg.com
www.bing.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
104.244.42.195
104.244.42.197
13.107.42.14
130.211.198.3
142.250.186.66
143.204.215.82
143.204.215.92
143.204.215.97
18.66.122.57
199.232.188.157
20.234.93.27
20.62.48.180
2001:4860:4802:32::36
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:206f:1e00:16:26c7:ff80:93a1
2600:9000:224a:d600:8:8845:1500:93a1
2606:4700:10::6814:b844
2606:4700::6810:5814
2606:4700::6810:7aaf
2606:4700::6813:9308
2620:1ec:22::14
2620:1ec:27::cafe:2250
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:400c:c0b::9b
2a00:1450:400e:80c::200a
2a02:26f0:ef::5c7b:c25a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.230.165.31
35.244.174.68
46.51.142.25
52.0.65.187
52.19.186.186
52.222.236.90
52.239.137.4
52.4.135.4
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69
05a173cb58022e81eb499529ac56df6ad7bafe1c61b8128dca8b76f300b5b60e
095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90
0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
106ff2dcabdf33e3a570650ebd622f534c02c6f751a8320ed879e172d767bbd2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1532b16aa9cd1fef51c097aaf1abeac6cb6f239b026660e7105e49f4ae6549ff
17cd20d8d2b12fb382778065141cb16e4200e0a75e4b2c3b2c549548ae9a05be
19333622f176d68bc17e307d8df96b15447864fbb0bbaac495e507fa64d96077
1cf340c58add58fdbc2a0aa29221ab8c22e18090799c25eecb482418d07bca11
1dc2b8fb26c1a74260a66519a2a5fdf37a938d1b43bbe4d8da7fcd652acc61b9
21da5195f86350f2b52a0ee70a668d4f72542d0413b57dd84f06593e0e0f7207
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
2409f262a4b65de1c6867ad7d607898380900587b69a60b881a9b888bd53e625
252a50f6bc52015f12ea562f1217941684d191354a008889b30a4a929c883f15
27071c74d832edde947646d99247a7df4670be18eb519d06ad9ec862164acdb7
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2feca220db689e3d611ba517005ab3f14924016f9d133c57d5b22073560090e5
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc
319f9d200e18c7bfff3e2e30689d9b986f97f0a94bfae84b59dc535bc4d0b515
32d4b293bb7f25a21cc44e81184d4bbcb3bdd1837e026b98ed0ad85b3b1a5292
361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319
36c328342c08d67bafbbb3a20ec097c639d37bfbbf340e36e82bc6b50ded8dec
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3df56cf5e9b367ce3a1f69c52fe68655893e7443d0b9df0a8a094606775657c0
4008b99d3f568c5c0051d54686cce9333b603992a685fe9db5c13ee2ac055afa
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4f7da1e8c51daecdde094d37ad6ed35f3f70a3a0026d7df53cc88e4533a69f87
523d1af6ce4ee7e7193dd9d3f8b2145f525349131492d2defc81cbd653249e1a
53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac
542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
58c13e24cdfb6384c26836e3eac52d17701cd9d686c56ebf93efbbe9426f8cd6
5a6d3a3861d4fb760f6a98c5f38da45d9163d243e33c4868c98583d2d2897791
5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e
5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876
5ece6309089f71abefd24821c6fd8a9a599dd711751413cd714c6e5bd15cf75d
60784dbcbfc107144c42f881d787e99c7282563981089750b28a278275a38f85
6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac
6429fe0ed81fca5f6bb18cb0a0aacae3bd9de79192635aeed4cbda438139d75d
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c
72622641b79819e5c8b5c0543d105a45e30f13b1a6c0b5c3701e72de5b57e427
728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774
7961789aed44f7b97f6f755bfae322b38dd398de4a1022821c7be836a47f01f1
7c5d15cca2d78c9692d8c41e7365095332c67200b5cea192fd7b9cffdd2b01dd
7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09
7e9bcd405af64ba784d4ead6dba8ed5c146a22c5bb6f264e756e3ded19a6fb6f
80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662
821b2e61ecdbbd3e8e5272ede8ba824140773b2e54e29ed32d954d56f0c2ea5a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93
88281e6b9cf0efb09fede75df77011dc82b84f67deb77aea241d2ea006b2ed23
89bb46ca9e1665e0e34f98ad788396746a1c65545b92674a150d397e1ae26374
8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8f796d398e512c5d19a2fecc943d19a204927ff3cf9ec2cb3f75a025535268cd
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
928759d761adf61723feb7a9affc2b058cc9d5044831da66fcadd823e265ab1c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ccd7eed319ad9170bdc3cf1412df111b2e25cd540e35959a3094fa37951f4d
93e43a00cd73303f914fe90d7be15dc032f4796891b571bf6cd9d9f36f4c91eb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d815528e2ed7985b63e839cbeb0b684e1fa8da87da3c1a0962b1eecfe437614
9fcb181721162ce0d395b7b9b1e5bb5ca82c5f79bde749d4d0467ec2e65fcb4a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a52bbdb7b132e850fdaf5740012fcc0bc3f6ef0be520bc4b987d8761d40d015a
a6453b0bf49115380414b0823f6b4c5e699b7d0ea86bd6ce1ca6aad56e24e394
a6a97c4046257c7e4e063c9f76434c7ce2c1f105e46b07424fabfc054f2d4d24
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9
af479055d8ab71820312f479d3ae324f2ed82c2fc68ef07c5bf6843720dc046d
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b4e6efb587f3fdfb8155148201d0c51ac95d249a6727e8256acdfe624ade69af
b569dd28a56f53339cc04cc2e251dcfb426262bd7ad60ed44cc35da0dd3b2cc6
b5b6e293a985bca8d942f45be20c11233b3a6b9699ca59c7063a22e6b9320314
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba0504cfd673e9fbf0bab2b70a67ac1bbea97891e12fc8cd3f94070f0c4898f8
bae35dfcac893390b130c5448ae84b547513aeb7e6883745734892213af3facc
bbed61892c8c7fc3162c81f5669c65d37dd20ca0f24c5b514f8bd559a9f74268
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c13527e6600d478c3cd7ae449acd6813e1c7209a97c0334702ee8d1a999a3a93
c2b61a7c5b7861eb46842ccf373e2524d90d14034f5d56e92ad50f27756156b0
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d4e61ea4aafc5da0b582e7e15077addf35379acc4b7b03df0128ed33ba589884
d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a
d71cfdd73c739b3047673ec76cff3ab05094b852afe7fc1b79f815a8c54fbe89
d977298a77093a654f49e50808dcaca507006201f707269c4724248fede1bbe5
da819542692b3f1c2a667ba34eff3465a82d9756953a1446ab7d0772f9b1edd5
dad63e00a2a978b109879ca1b25fcff3d0b78ad715388be7cbd3b9b804c4348d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfb8eb0e0b152ba0c88f5281a71fbe5261cb76485928bd90150d04c7aa4ff4d6
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed
e2e53e528694d0489b0452944f6e47f8a45448d351cf30513cfa4ff6e5815312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f31eae1ecf9c9b3b7ede28046e684e58fbc2d5d7836837295e9e0679c8dfb370
f50dc78339a9052160c523d10e4412d402487375a296dccfd3b995174cd03e11
f52216dcd90458dce6f8b58985a8d65bf5334a45a1dbd944583d4e914055b317
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da
f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367
fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

blog.malwarebytes.com Open in urlscan Pro 130.211.198.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

96 %HTTPS

51 %IPv6

28 Domains

44 Subdomains

39 IPs

4 Countries

1415 kBTransfer

3535 kBSize

41 Cookies

90 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.malwarebytes.com Open in urlscan Pro
130.211.198.3 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

96 %
HTTPS

51 %
IPv6

28
Domains

44
Subdomains

39
IPs

4
Countries

1415 kB
Transfer

3535 kB
Size

41
Cookies

142 HTTP transactions
0 data transactions