www.malwarebytes.com Open in urlscan Pro
2600:9000:214f:7000:8:d3fb:39c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.securitystronghold.com/gates/link/0/1/?url=https%3A%2F%2Festore.malwarebytes.com%2Faffiliate.php%3FACCOUNT%3DMALWARQO%2...
Effective URL:
https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Submission: On November 29 via manual (November 29th 2020, 12:29:51 pm UTC) from GB

Summary HTTP 123 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 36 domains to perform 123 HTTP transactions. The main IP is 2600:9000:214f:7000:8:d3fb:39c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 10th 2020. Valid for: 2 years.

This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.66.206.25 68.66.206.25	55293 (A2HOSTING) (A2HOSTING)
3 3	45.60.14.94 45.60.14.94	19551 (INCAPSULA) (INCAPSULA)
39	2600:9000:214... 2600:9000:214f:7000:8:d3fb:39c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1f18:21a... 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	54.225.220.115 54.225.220.115	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:eb:... 2a02:26f0:eb:3a9::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.206.235 143.204.206.235	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.105 143.204.215.105	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	13.224.93.47 13.224.93.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	52.239.137.4 52.239.137.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	54.72.203.0 54.72.203.0	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.215.69 143.204.215.69	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
2 3	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	52.51.124.53 52.51.124.53	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.217.219.88 3.217.219.88	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
123	41

1 68.66.206.25 (Ann Arbor, United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: 68.66.206.25.static.a2webhosting.com

www.securitystronghold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.14.94 (United States) 3 redirects

ASN19551 (INCAPSULA, US)

estore.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.2checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.avangate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2600:9000:214f:7000:8:d3fb:39c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

genesis.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.220.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-220-115.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:eb:3a9::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.208.38 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

9812475.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.206.235 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-235.fra53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-105.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.93.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-47.zrh50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.137.4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

optanon.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.203.0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-203-0.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.69 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-69.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.124.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-124-53.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.219.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-219-88.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	malwarebytes.com 1 redirects estore.malwarebytes.com www.malwarebytes.com genesis.malwarebytes.com	525 KB
8	doubleclick.net 2 redirects 9812475.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
7	google-analytics.com www.google-analytics.com	38 KB
6	crazyegg.com script.crazyegg.com	70 KB
4	company-target.com 1 redirects api.company-target.com segments.company-target.com Failed	3 KB
4	google.de www.google.de	1 KB
4	google.com www.google.com	815 B
4	bing.com bat.bing.com	17 KB
4	licdn.com snap.licdn.com	6 KB
4	googletagmanager.com www.googletagmanager.com	203 KB
3	facebook.com www.facebook.com	737 B
3	linkedin.com px.ads.linkedin.com Failed www.linkedin.com	3 KB
3	googleadservices.com www.googleadservices.com	36 KB
3	adsrvr.org js.adsrvr.org insight.adsrvr.org	5 KB
2	marketo.net munchkin.marketo.net	7 KB
2	yimg.com s.yimg.com	7 KB
2	avct.cloud 1 redirects ads.avct.cloud	733 B
2	quora.com a.quora.com q.quora.com	14 KB
2	facebook.net connect.facebook.net	92 KB
2	youtube.com www.youtube.com	38 KB
2	windows.net optanon.blob.core.windows.net	29 KB
2	demandbase.com scripts.demandbase.com	32 KB
2	onetrust.com geolocation.onetrust.com	495 B
2	cookielaw.org cdn.cookielaw.org	26 KB
1	yahoo.com sp.analytics.yahoo.com	935 B
1	mktoresp.com 805-usg-300.mktoresp.com	311 B
1	twitter.com analytics.twitter.com	652 B
1	avocet.io 1 redirects ads.avocet.io	140 B
1	bidr.io 1 redirects match.prod.bidr.io	279 B
1	t.co t.co	448 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	jquery.com code.jquery.com	30 KB
1	ipify.org api.ipify.org	250 B
1	avangate.com 1 redirects secure.avangate.com	1 KB
1	2checkout.com 1 redirects secure.2checkout.com	1 KB
1	securitystronghold.com 1 redirects www.securitystronghold.com	652 B
123	36

	Domain	Requested by
39	www.malwarebytes.com	www.malwarebytes.com www.googletagmanager.com
7	www.google-analytics.com	www.malwarebytes.com www.google-analytics.com
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.google.de	www.malwarebytes.com
4	www.google.com	www.malwarebytes.com
4	9812475.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	bat.bing.com	www.googletagmanager.com www.malwarebytes.com bat.bing.com
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	www.googletagmanager.com	www.malwarebytes.com www.googletagmanager.com
3	www.facebook.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googleadservices.com	www.googletagmanager.com code.jquery.com
3	genesis.malwarebytes.com	www.malwarebytes.com
2	munchkin.marketo.net	www.malwarebytes.com munchkin.marketo.net
2	s.yimg.com	www.malwarebytes.com s.yimg.com
2	ads.avct.cloud	1 redirects
2	connect.facebook.net	www.malwarebytes.com connect.facebook.net
2	www.youtube.com	www.malwarebytes.com www.youtube.com
2	optanon.blob.core.windows.net	www.malwarebytes.com optanon.blob.core.windows.net
2	segments.company-target.com	www.malwarebytes.com
2	api.company-target.com	scripts.demandbase.com
2	px.ads.linkedin.com	www.malwarebytes.com
2	scripts.demandbase.com	www.malwarebytes.com
2	js.adsrvr.org	www.googletagmanager.com
2	geolocation.onetrust.com	www.malwarebytes.com code.jquery.com
2	cdn.cookielaw.org	www.malwarebytes.com cdn.cookielaw.org
1	sp.analytics.yahoo.com	s.yimg.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	q.quora.com
1	insight.adsrvr.org	js.adsrvr.org
1	analytics.twitter.com	static.ads-twitter.com
1	ads.avocet.io	1 redirects
1	a.quora.com	www.malwarebytes.com
1	match.prod.bidr.io	1 redirects
1	t.co	www.malwarebytes.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	www.malwarebytes.com
1	code.jquery.com	optanon.blob.core.windows.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.ipify.org	www.malwarebytes.com
1	secure.avangate.com	1 redirects
1	secure.2checkout.com	1 redirects
1	estore.malwarebytes.com	1 redirects
1	www.securitystronghold.com	1 redirects
123	44

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
de.malwarebytes.com
estore.malwarebytes.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
*.malwarebytes.com DigiCert SHA2 High Assurance Server CA	`2020-04-10` - `2022-05-23`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 2	`2020-10-14` - `2021-10-14`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
quora.com Let's Encrypt Authority X3	`2020-11-15` - `2021-02-13`	3 months	crt.sh
*.avct.cloud Let's Encrypt Authority X3	`2020-11-03` - `2021-02-01`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-11-15` - `2020-12-29`	a month	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-28`	a year	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-11-15` - `2021-02-13`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Frame ID: B498D0F08DC85C5867E90E0B81451490
Requests: 120 HTTP requests in this frame

Frame: https://9812475.fls.doubleclick.net/activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1
Frame ID: 2BB2E93358F090D8F141C2B2DFE476ED
Requests: 1 HTTP requests in this frame

Frame: https://9812475.fls.doubleclick.net/activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1
Frame ID: 9C02D6565AD96932AC4013B435841BEA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&upid=r8yigtp&upv=1.1.0
Frame ID: 5EE747A412BBF8BB7EEB39FB10729424
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.securitystronghold.com/gates/link/0/1/?url=https%3A%2F%2Festore.malwarebytes.com%2Faffiliate.php%3F... HTTP 302
https://estore.malwarebytes.com/affiliate.php?ACCOUNT=MALWARQO&AFFILIATE=2108&PATH=https://www.malwarebytes.... HTTP 302
https://secure.2checkout.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fsecure.avangate... HTTP 302
https://secure.avangate.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fwww.malwarebyte... HTTP 302
https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1 Page URL
https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1 Page URL
https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

123
Requests

98 %
HTTPS

52 %
IPv6

36
Domains

44
Subdomains

41
IPs

8
Countries

1187 kB
Transfer

3412 kB
Size

19
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://de.malwarebytes.com/business/
Title: Für Unternehmen

Search URL Search Domain Scan URL

URL: https://estore.malwarebytes.com/order/checkout.php?PRODS=13395654&OPTIONS13395654=1qty%2C1Y&CART=1&CARD=1&DESIGN_TYPE=1&AUTO_PREFILL=1&SHORT_FORM=1&CLEAN_CART=all&ADDITIONAL_UC=1&NO_UPSELL=1&SRC=ctry-DE_os-WINDOWS_flow-SEM_cust-_cart-VARC_promo-25OFF2YEAR
Title: JETZT KAUFEN

Search URL Search Domain Scan URL

URL: https://estore.malwarebytes.com/order/checkout.php?PRODS=13395654&OPTIONS13395654=1qty%2C2Y&CART=1&CARD=1&DESIGN_TYPE=1&AUTO_PREFILL=1&SHORT_FORM=1&CLEAN_CART=all&ADDITIONAL_UC=1&NO_UPSELL=1&SRC=ctry-DE_os-WINDOWS_flow-SEM_cust-_cart-VARC_promo-25OFF2YEAR
Title: KAUFEN UND 25 % SPAREN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Malwarebytes/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/malwarebytes
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Malwarebytes
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/malwarebytes
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/malwarebytesofficial/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.securitystronghold.com/gates/link/0/1/?url=https%3A%2F%2Festore.malwarebytes.com%2Faffiliate.php%3FACCOUNT%3DMALWARQO%26AFFILIATE%3D2108%26PATH%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Flp%252Fsem%252F%253FAFFILIATE%253D2108%26AFFSRC%3DSSH1&tid=22842 HTTP 302
https://estore.malwarebytes.com/affiliate.php?ACCOUNT=MALWARQO&AFFILIATE=2108&PATH=https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&AFFSRC=SSH1 HTTP 302
https://secure.2checkout.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fsecure.avangate.com%2Fc.php%3Fa%3Dw%26s%3Dnk7emq9pd0ti7ebkede32e4169ceskm8%26u%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Flp%252Fsem%252F%253FAFFILIATE%253D2108%2526__c%253D1%26h%3D7019a6b2a53caf07469e26aaabc71ba8&h=90e8614a6ba72d9f7658673e44ec15fe HTTP 302
https://secure.avangate.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&h=7019a6b2a53caf07469e26aaabc71ba8 HTTP 302
https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1 Page URL
https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1 Page URL
https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.securitystronghold.com/gates/link/0/1/?url=https%3A%2F%2Festore.malwarebytes.com%2Faffiliate.php%3FACCOUNT%3DMALWARQO%26AFFILIATE%3D2108%26PATH%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Flp%252Fsem%252F%253FAFFILIATE%253D2108%26AFFSRC%3DSSH1&tid=22842 HTTP 302
https://estore.malwarebytes.com/affiliate.php?ACCOUNT=MALWARQO&AFFILIATE=2108&PATH=https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&AFFSRC=SSH1 HTTP 302
https://secure.2checkout.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fsecure.avangate.com%2Fc.php%3Fa%3Dw%26s%3Dnk7emq9pd0ti7ebkede32e4169ceskm8%26u%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Flp%252Fsem%252F%253FAFFILIATE%253D2108%2526__c%253D1%26h%3D7019a6b2a53caf07469e26aaabc71ba8&h=90e8614a6ba72d9f7658673e44ec15fe HTTP 302
https://secure.avangate.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&h=7019a6b2a53caf07469e26aaabc71ba8 HTTP 302
https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Request Chain 30

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1 HTTP 302
https://9812475.fls.doubleclick.net/activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1

Request Chain 45

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g

Request Chain 81

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1 HTTP 302
https://9812475.fls.doubleclick.net/activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1606652974739%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Flp%252Fsem%252Fde%252F%253FAFFILIATE%253D2108%2526__c%253D1%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&liSync=true

Request Chain 96

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g&verifyHash=fc8e035d31f59f65b3663e83e02715b3366f5723

Request Chain 105

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j HTTP 301
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.malwarebytes.com/lp/sem/
Redirect Chain

https://www.securitystronghold.com/gates/link/0/1/?url=https%3A%2F%2Festore.malwarebytes.com%2Faffiliate.php%3FACCOUNT%3DMALWARQO%26AFFILIATE%3D2108%26PATH%3Dhttps%253A%252F%252Fwww.malwarebytes.co...
https://estore.malwarebytes.com/affiliate.php?ACCOUNT=MALWARQO&AFFILIATE=2108&PATH=https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&AFFSRC=SSH1
https://secure.2checkout.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fsecure.avangate.com%2Fc.php%3Fa%3Dw%26s%3Dnk7emq9pd0ti7ebkede32e4169ceskm8%26u%3Dhttps%253A%252F%252Fwww.ma...
https://secure.avangate.com/c.php?a=w&s=nk7emq9pd0ti7ebkede32e4169ceskm8&u=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&h=7019a6b2a53caf07469e26aaabc71ba8
https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

2 KB
2 KB

302ms
268ms

Document
text/html

2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ff1d372f496f3a78a87d3c08ab1a4da2b607ebe0eb264a615f0e6cff3b74d870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /lp/sem/?AFFILIATE=2108&__c=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: GKD=%96%B9%CB%D4%A1%97%A7%B4%A8%83%92%94%C7%C2%8C%99%A6%88%B4%B1%A9%A9%B5%9F%A9%DF%99u%A9%96%81%CC%C5%D5%89%DF%A8%AE%8Ep%95%CB%B8%A8; AVG_AFF_%95%B5%BC%A0%94%A9%94~=%95%CB%A8%E2%96%AD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; AVG_AFF_SRC_%95%CB%A8%E2%96%A6%80~[%95%B5%BC%A0%94%A9%94~]=%9D%92%B1%B4%94%BD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; visid_incap_1232002=SgkkqUMGRouZi1YPypfnbyyUw18AAAAAQUIPAAAAAAC+4fYwpekHt5SNUtH1C+4T; incap_ses_465_1232002=+155EyBKjxkOdLg0SAN0BiyUw18AAAAATN4cYYdLMXugO4+GIFMpsQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
content-length: 822
date: Sun, 29 Nov 2020 12:29:32 GMT
server: Apache
set-cookie: SSID=CADodh2oAAAAAAAslMNfQSOEGCyUw18BAAAAAAAAAAAALJTDXwBNNfjeAAPSIR8ALJTDXwEAqtMAARjSHQAslMNfAQD_4wAB_hEgACyUw18BAKvlAAGkPSAALJTDXwEA1OAAAblKHwAslMNfAQBU0AABbCMdACyUw18BAAvTAAHevx0ALJTDXwEAmeIAAdz1HwAslMNfAQC61gABtDMeACyUw18BAPLUAAG0Cx4ALJTDXwEAquMAASALIAAslMNfAQDp4gABWvwfACyUw18BAA; path=/; domain=.malwarebytes.com; expires=Mon, 29-Nov-2021 12:29:32 GMT SSSC=551.G6900521971172516673.1|53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:57080.2040274:57556.2050745:58009.2094556:58089.2096218:58282.2100000:58367.2101758:58795.2112932; path=/; domain=.malwarebytes.com SSRT=LJTDXwABAA; path=/; domain=.malwarebytes.com; expires=Mon, 29-Nov-2021 12:29:32 GMT
rtss: 1-2-98
accept-ranges: bytes
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
via: 1.1 0fd12a25ab67f5f967cfdd1e5752efd4.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4 FRA53-C1
pragma: no-cache
expires: Sun, 31 May 2020 19:11:42 GMT
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-id: y9voNzbWWczanbzTbmB-bFukVpcNZot95ASMJaoDCjSNxGYHeynrFQ==

Redirect headers

server: nginx
date: Sun, 29 Nov 2020 12:29:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: PHPSESSID=nk7emq9pd0ti7ebkede32e4169ceskm8; path=/; secure; HttpOnly GKD=%A9%B9%B9%9B%A9%BD%9Dr%9E%86%B0%92%B1%9E%B6%98%90%AB%ACu%AD%CE%B9%DD%AA%D2%A7r%9E%86%99%91%C7%9D%B3%99%9D%88%9D%B7%A1%B9%B0%A8; expires=Tue, 08-Oct-2030 12:29:32 GMT; Max-Age=311040000; path=/; domain=.avangate.com AVG_AFF_%95%B5%BC%A0%94%A9%94~=%95%CB%A8%E2%96%AD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; expires=Mon, 29-Mar-2021 12:29:32 GMT; Max-Age=10368000; path=/; domain=.avangate.com AVG_AFF_SRC_%95%CB%A8%E2%96%A6%80~[%95%B5%BC%A0%94%A9%94~]=%9D%92%B1%B4%94%BD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; expires=Mon, 29-Mar-2021 12:29:32 GMT; Max-Age=10368000; path=/; domain=.avangate.com visid_incap_848850=N/E5zVIxSZuajIv9fq39ViyUw18AAAAAQUIPAAAAAABh85nG6Gy4Plk1w7xtoiSr; expires=Mon, 29 Nov 2021 10:38:36 GMT; HttpOnly; path=/; Domain=.avangate.com; Secure; SameSite=None incap_ses_465_848850=CEf2ASz6AARAdLg0SAN0BiyUw18AAAAAYyx2MZWoBUQ/Rbhs8dZe7w==; path=/; Domain=.avangate.com; Secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
strict-transport-security: max-age=15552000
x-robots-tag: noindex, nofollow
x-cdn: Incapsula
x-content-type-options: nosniff
x-iinfo: 6-78363876-78363877 NNNN CT(14 17 0) RT(1606652972337 0) q(0 0 0 1) r(1 1) U11

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 15 KB
6 KB 61ms
58ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3d98b12490a6734925658a90821a5eb7355b957c31f247ed475419a18605909

Request headers

Referer: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:32 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
rtss: 1-2-34
content-length: 5854
sbss: 1
last-modified: Sun, 22 Nov 2020 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: YNWE8-Iz-Tk-z3ZpEMkopsT8iashYSZJ07Hw-wlgvSWTDrYBqYTmYg==
expires: Mon, 30 Nov 2020 12:29:32 GMT

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 19 KB
8 KB 12ms
10ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js?d={{%20site.time%20|%20replace:%20%27%20%27,%20%27-%27%20|%20replace:%20%27:%27,%20%27-%27%20}}
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498391
etag: W/"9dc098a2322aa2bbc4e9329155c2f58e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: JZ-c9j2TijPhy7gfnYjwfOVZjJOa0xCzV3XJx2ULiT3HQaTzRvvsaw==

GET
H2 200 affiliate-sem-links.js Show response
www.malwarebytes.com/js/ 2 KB
1 KB 14ms
12ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/affiliate-sem-links.js?d={{%20site.time%20|%20replace:%20%27%20%27,%20%27-%27%20|%20replace:%20%27:%27,%20%27-%27%20}}
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73df43c53d47a5d38293a9055fa2a5835b8a5a67a186e9d510913fcfef1c4757

Request headers

Referer: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:03 GMT
server: AmazonS3
age: 498381
etag: W/"4bdf4bb78ddf4e04b8546767b0e717c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bagCShnZomDHCWhCp3BEDOpdQb6EXNpusTmUSSzkQwXZClTaLnRH3g==

GET
H2 200 index.html Show response
www.malwarebytes.com/lp/sem/pc/ 32 KB
10 KB 238ms
237ms Document
text/html 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ecab47f7c3258e37d5fb99aec3f55916ec5d26de0b83df33b51e41a47f72088f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /lp/sem/pc/index.html?AFFILIATE=2108&__c=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: GKD=%96%B9%CB%D4%A1%97%A7%B4%A8%83%92%94%C7%C2%8C%99%A6%88%B4%B1%A9%A9%B5%9F%A9%DF%99u%A9%96%81%CC%C5%D5%89%DF%A8%AE%8Ep%95%CB%B8%A8; AVG_AFF_%95%B5%BC%A0%94%A9%94~=%95%CB%A8%E2%96%AD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; AVG_AFF_SRC_%95%CB%A8%E2%96%A6%80~[%95%B5%BC%A0%94%A9%94~]=%9D%92%B1%B4%94%BD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; visid_incap_1232002=SgkkqUMGRouZi1YPypfnbyyUw18AAAAAQUIPAAAAAAC+4fYwpekHt5SNUtH1C+4T; incap_ses_465_1232002=+155EyBKjxkOdLg0SAN0BiyUw18AAAAATN4cYYdLMXugO4+GIFMpsQ==; SSID=CADodh2oAAAAAAAslMNfQSOEGCyUw18BAAAAAAAAAAAALJTDXwBNNfjeAAPSIR8ALJTDXwEAqtMAARjSHQAslMNfAQD_4wAB_hEgACyUw18BAKvlAAGkPSAALJTDXwEA1OAAAblKHwAslMNfAQBU0AABbCMdACyUw18BAAvTAAHevx0ALJTDXwEAmeIAAdz1HwAslMNfAQC61gABtDMeACyUw18BAPLUAAG0Cx4ALJTDXwEAquMAASALIAAslMNfAQDp4gABWvwfACyUw18BAA; SSSC=551.G6900521971172516673.1|53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:57080.2040274:57556.2050745:58009.2094556:58089.2096218:58282.2100000:58367.2101758:58795.2112932; SSRT=LJTDXwABAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Response headers

content-type: text/html; charset=UTF-8
content-length: 9601
date: Sun, 29 Nov 2020 12:29:32 GMT
server: Apache
rtss: 1-2-160
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
vary: Accept-Encoding
via: 1.1 f9cbcaddb963320cc8ddff3e446eec07.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4 FRA53-C1
pragma: no-cache
expires: Sun, 31 May 2020 19:05:30 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-id: O0fQN7DLa__hW55G4Lq84qt5nuPgmUMbB9cjMgJVRky0lgIm_CsN1A==

GET
H2 200 jquery-1.11.3.min.js Show response
www.malwarebytes.com/js/ 94 KB
33 KB 15ms
12ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:01 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498393
etag: W/"895323ed2f7258af4fae2c738c8aea49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8EWN3-DcOfn7YR5SWaDT1EHA1WINeH1zf8fVNBto1Z4qUY185Ze_IA==

GET
H2 200 9530a107-0af8-4204-a2c2-217efb78222b.js Show response
cdn.cookielaw.org/consent/ 140 KB
20 KB 26ms
23ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NyuiOqvVdJMyWTtUb2ZlDA==
age: 1919
vary: Accept-Encoding
content-length: 20591
cf-request-id: 06b593e85300002b711582b000000001
x-ms-lease-status: unlocked
last-modified: Wed, 19 Aug 2020 23:29:25 GMT
server: cloudflare
etag: 0x8D84497B6030FBF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eefd8999-101e-000d-0eb0-b137ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f9c55ba18e12b71-FRA

GET
H2 200 useragent.js Show response
www.malwarebytes.com/js/ 1 KB
998 B 20ms
17ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/useragent.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b29e1ec9f8d476c2dfed91412b9d3f101bd5c0e9c6b4b3de4f67fa48bb5e8f59

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:06 GMT
server: AmazonS3
age: 498392
etag: W/"bc2204d854fc7ecc085b5242b1982e4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mcy4_SRHlYy8Xy_x_jN2rPNH_AveTDIad41mIKGMjjyqd7HJCr6XXQ==

GET
H2 200 lang-select.js Show response
www.malwarebytes.com/js/ 511 B
884 B 22ms
19ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/lang-select.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d66ca54a00dfbd3f600ac0fbc499269b8c96465378a0558420f0336be34ee32

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 17:56:05 GMT
server: AmazonS3
age: 498392
etag: "8cb2f187811e7a6892541f32e1d3d35a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 511
x-amz-cf-id: ELlG9PEAKH3mc4A1gzOXZPfkI8V8-JsQ_s5QVl9yTadsecvpWoN98Q==

GET
H2 200 fonts.css
www.malwarebytes.com/css/ 7 KB
1 KB 12ms
10ms Stylesheet
text/css 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts.css
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18b971b4590a40339e26d1cb05809b6a5fb46a05fcf6ba376d3f799ae7a76572

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:53:24 GMT
server: AmazonS3
age: 498392
etag: W/"58294966a4e62a6f6f37502c3d1608eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WhTBTokhH__bWEBP_oLipmO4je8Z5Qt3KNRJMfaGPBwQSE_5XaxM7A==

GET
H2 200 style.css
www.malwarebytes.com/css/ 220 KB
33 KB 16ms
14ms Stylesheet
text/css 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/style.css?d=2020-11-24-17-37-40--0800
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f39efc86119f8b9af75ddc7622c6dcd63e68a031b4cf170fb024c5430e59981d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:53:34 GMT
server: AmazonS3
age: 498392
etag: W/"404746251a79ce049815ab92db1a1afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: U_RYLixrVHyNDotOZJxmXcBEGmHunPf045MhXrkYCfX-vScO4L-9sA==

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 15 KB
6 KB 29ms
27ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3d98b12490a6734925658a90821a5eb7355b957c31f247ed475419a18605909

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
rtss: 1-2-34
content-length: 5854
sbss: 1
last-modified: Sun, 22 Nov 2020 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: UOvZi_hJBWa9om2nZek3bqXMJUz2ZZiIVd_6W6ARl4gGlY5VE4qaaQ==
expires: Mon, 30 Nov 2020 12:29:33 GMT

GET
H2 200 ck.js Show response
www.malwarebytes.com/js/ 3 KB
2 KB 20ms
18ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/ck.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23572ae5ca7dd59065f859330c4f60af40e669cadbe0120c48d0e5967f8cafc

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:01 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498393
etag: W/"766643fc536d4ee5ff8f276d1fcc6519"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: VbFspP0tFAu2FQGP7NUGVGFeJYlTPectfN4_-0_U5s3aapusZveIkA==

GET
H2 200 appendHsh.js Show response
www.malwarebytes.com/js/ 244 B
619 B 20ms
19ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/appendHsh.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66f39afda157857decb630f6ae9eabe94cd36d4271ff8154b11337709c617ba8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:01 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 17:56:03 GMT
server: AmazonS3
age: 498393
etag: "0ff57bfbdb22bfe82792c56ad8b6876e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 244
x-amz-cf-id: lA4vqYeWo9fUyq8W4SSlrhwYRYXF3_8rSVKNLr6q-uHL7HR3mTmKLA==

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 21ms
20ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/modernizr.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:05 GMT
server: AmazonS3
age: 498392
etag: W/"807ce93e9549a3aaa30ae63bda9f2eac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: LUx_hiDz7XjrZVXlZ1tk1GSFa1s6h6-x5KhW3P32wM6RaNJU9PE74A==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 19 KB
8 KB 19ms
18ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498392
etag: W/"9dc098a2322aa2bbc4e9329155c2f58e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Dl1W465di-QvIyLA4GP7LIXeeVMmWdFzZRp5cmSIMSKd8Hx4wS4-ow==

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 338 B
560 B 283ms
89ms XHR
application/json 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0b1e3ca440f9c4ef9b1d4c83d77ffb34c977cc98765770f6e5ee608512ddea03

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Nov 2020 12:29:33 GMT
access-control-allow-credentials: true
server: Apache-Coyote/1.1
access-control-allow-headers: origin, content-type, accept, authorization
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
63 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a1116e8df4d615af41c53dfb33e5391344d3eba04da41ca10f7de60e6db322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64825
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 12:29:33 GMT

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 338 B
559 B 89ms
89ms XHR
application/json 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0b1e3ca440f9c4ef9b1d4c83d77ffb34c977cc98765770f6e5ee608512ddea03

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Nov 2020 12:29:33 GMT
access-control-allow-credentials: true
server: Apache-Coyote/1.1
access-control-allow-headers: origin, content-type, accept, authorization
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 /
www.malwarebytes.com/lp/sem/de/ 99 KB
24 KB 245ms
244ms XHR
text/html 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
via: 1.1 1e00c42760ff679060e160d93e8831b6.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-cache: Miss from cloudfront
content-encoding: gzip
rtss: 1-2-65
content-length: 23658
x-xss-protection: 1; mode=block
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
x-amz-cf-id: zutwVFsjkQ9WdQ_biJr7YfP6md62cAhPd86x-md1QW8NzhsMAqLm6Q==
expires: Sun, 31 May 2020 19:06:51 GMT

GET
H2 200 Locator-Light.woff
www.malwarebytes.com/css/fonts/ 29 KB
29 KB 8ms
7ms Font
binary/octet-stream 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/Locator-Light.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:13 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 17:53:26 GMT
server: AmazonS3
age: 498381
etag: "109ebe99a41270d5a5595e12367dda75"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 29488
x-amz-cf-id: gYUQxWpdbT9TmqFFsmhabD6--IGUmWU0UcCjXJL3-NQgwmiwVFLRfA==

GET
H/1.1 200
OK /
api.ipify.org/ 66 B
250 B 378ms
97ms Script
application/javascript 54.225.220.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery111307579875336249104_1606652973161&_=1606652973162
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.220.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-220-115.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:33 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 66
Vary: Origin
Content-Type: application/javascript

GET
H2 200 ard.png
www.malwarebytes.com/__ssobj/ 0
463 B 59ms
58ms Image
text/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/__ssobj/ard.png?6900521971172516673_1-551-1606652972&n=1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Fri, 02 Oct 2020 14:38:22 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 1-2-32
content-length: 0
x-amz-cf-id: tQmgbTgCKXWVg_mkdOtv9d4d8XqOTj7wI0NnGWka9TYyL7kJZ5xUaA==
sbss: 1
expires: -1

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 16ms
15ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E062TbpGx6vwVsuuNM/jFw==
age: 705
vary: Accept-Encoding
content-length: 5561
cf-request-id: 06b593ea4700002b7129a33000000001
x-ms-lease-status: unlocked
last-modified: Thu, 13 Aug 2020 04:48:01 GMT
server: cloudflare
etag: 0x8D83F440F482A65
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ecbcc1ab-001e-0030-2cb7-b482cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f9c55bd3a3f2b71-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
249 B 31ms
30ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery111307579875336249104_1606652973163&_=1606652973164

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5f9c55bd4f32d6f9-FRA
content-length: 32
cf-request-id: 06b593ea4b0000d6f9459bd000000001

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 7ms
7ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:01 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498393
etag: W/"cb45a71066aa90353febec3e66fe17d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 5tEEThT4oRGa4ioH67Xv_2mHqzSWyAmwaoZ8s-GCOVdEaYwpwL2YRg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2412
date: Sun, 29 Nov 2020 11:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 29 Nov 2020 13:49:21 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 36ms
15ms Script
application/x-javascript 2a02:26f0:eb:3a9::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a9::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10804
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 3 KB
2 KB 52ms
33ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fad69e675e60bf4ff15786bb96ca857fd275e3fe95bdcad01e3935b9c1f34ea

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 412174
cf-polished: origSize=2833
ce-version: 11.1.156
cf-request-id: 06b593ea8400002b89773a8000000001
last-modified: Tue, 24 Nov 2020 17:59:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5f9c55bd98562b89-FRA
cf-bgj: minify

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: FB940568F7984EDFB440140B21D471E5 Ref B: FRAEDGE1215 Ref C: 2020-11-29T12:29:33Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H3-Q050

200

activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2...
9812475.fls.doubleclick.net/ Frame 2BB2
Redirect Chain

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem...
https://9812475.fls.doubleclick.net/activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F...

0
0

87ms
53ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9812475.fls.doubleclick.net/activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9812475.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Nov 2020 12:29:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 428
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Nov-2020 12:44:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Nov 2020 12:29:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9812475.fls.doubleclick.net/activityi;dc_pre=CJWnnt7gp-0CFUvjuwgdpFYIuQ;src=9812475;type=conve0;cat=forms000;ord=1;num=9278890528736;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 44ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35be42c1d7d03e862cc9c3eed912b992f8a3a9a52e3eb0f7f2da3669da580ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38702
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 12:29:33 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 90ms
25ms Script
application/x-javascript 143.204.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-206-235.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 07:51:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 16688
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: I_N4_TwmCfR6_Xf8Ym2EAVympDJdfQ0c21bsVmlymgj4T_3LQ-bCvg==

GET
H2 200 HWyTnY16.min.js
scripts.demandbase.com/ 59 KB
16 KB 138ms
36ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: G_I1nzXs6N7en1Yo2P1mWO8aaOEwwr_e
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 14:12:04 GMT
server: AmazonS3
age: 136
etag: "9e4a5c172d9ba1d2c711305ace1fa4be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Sun, 29 Nov 2020 12:27:18 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: hgCg1ZOG6C8hQiCCnX9K7Ny9Vf4QIJAYkPtxgU1F7Vq2WQmH3U--Cw==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
394 B 46ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=15861582&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&ul=en-us&de=UTF-8&dt=Redirecting...%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=948166861&gjid=1283665641&cid=2011056424.1606652974&tid=UA-3347303-10&_gid=1346009720.1606652974&_r=1&_slc=1&cd20=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd1=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&z=1716584963

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 113ms
113ms Script
application/x-javascript 2a02:26f0:eb:3a9::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a9::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55285
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&Ver=2&mid=112199b8-7132-4734-83fa-619508cf0a3a&sid=8945a080323e11ebb9337ff95fd3a967&vid=8945b620323e11eb81455160f7a46a7b&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Redirecting...%20%7C%20Malwarebytes&p=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&r=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&lt=754&evt=pageLoad&msclkid=N&sv=1&rn=737322
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 954DEEAC968F4750BDB64CB929ABB64B Ref B: FRAEDGE1215 Ref C: 2020-11-29T12:29:33Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/data-scripts/0081/ 4 KB
1 KB 30ms
17ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=5355509
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2524fc423108b3be5e97821e0f2591e25ca4738c741261e68d064c6f3fed73db

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 412168
ce-version: 11.1.156
content-length: 1002
cf-request-id: 06b593eab9000005c8f8be1000000001
last-modified: Tue, 24 Nov 2020 18:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 5f9c55bdf9cf05c8-FRA

GET
H2 200 conversion_async.js
www.googleadservices.com/pagead/ 30 KB
12 KB 101ms
37ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Nov 2020 12:29:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3347303-10&cid=2011056424.1606652974&jid=948166861&gjid=1283665641&_gid=1346009720.1606652974&_u=YEBAAEAAAAAAAC~&z=969878171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 29 Nov 2020 12:29:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.156.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 98 KB
32 KB 18ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.156.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c296926f0373bc2a7adca2ac63a50ce44726c012e2d888cba37339313b9cde8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Nov 2020 16:53:53 GMT
server: cloudflare
age: 412176
cf-polished: origSize=104478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 5f9c55be19a02b89-FRA
cf-request-id: 06b593eacb00002b899e3d5000000001
cf-bgj: minify

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3347303-10&cid=2011056424.1606652974&jid=948166861&_u=YEBAAEAAAAAAAC~&z=187860733

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 51ms
31ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3347303-10&cid=2011056424.1606652974&jid=948166861&_u=YEBAAEAAAAAAAC~&z=187860733

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request / Show response
www.malwarebytes.com/lp/sem/de/ 99 KB
24 KB 312ms
312ms Document
text/html 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6adfa7904ed2e99122851dae4e6a7e34464a6ee8b570245b3d5994682a536b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.malwarebytes.com
:scheme: https
:path: /lp/sem/de/?AFFILIATE=2108&__c=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: GKD=%96%B9%CB%D4%A1%97%A7%B4%A8%83%92%94%C7%C2%8C%99%A6%88%B4%B1%A9%A9%B5%9F%A9%DF%99u%A9%96%81%CC%C5%D5%89%DF%A8%AE%8Ep%95%CB%B8%A8; AVG_AFF_%95%B5%BC%A0%94%A9%94~=%95%CB%A8%E2%96%AD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; AVG_AFF_SRC_%95%CB%A8%E2%96%A6%80~[%95%B5%BC%A0%94%A9%94~]=%9D%92%B1%B4%94%BD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8; visid_incap_1232002=SgkkqUMGRouZi1YPypfnbyyUw18AAAAAQUIPAAAAAAC+4fYwpekHt5SNUtH1C+4T; incap_ses_465_1232002=+155EyBKjxkOdLg0SAN0BiyUw18AAAAATN4cYYdLMXugO4+GIFMpsQ==; SSID=CADodh2oAAAAAAAslMNfQSOEGCyUw18BAAAAAAAAAAAALJTDXwBNNfjeAAPSIR8ALJTDXwEAqtMAARjSHQAslMNfAQD_4wAB_hEgACyUw18BAKvlAAGkPSAALJTDXwEA1OAAAblKHwAslMNfAQBU0AABbCMdACyUw18BAAvTAAHevx0ALJTDXwEAmeIAAdz1HwAslMNfAQC61gABtDMeACyUw18BAPLUAAG0Cx4ALJTDXwEAquMAASALIAAslMNfAQDp4gABWvwfACyUw18BAA; SSSC=551.G6900521971172516673.1|53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:57080.2040274:57556.2050745:58009.2094556:58089.2096218:58282.2100000:58367.2101758:58795.2112932; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+29+2020+13%3A29%3A33+GMT%2B0100+(Central+European+Standard+Time)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1; visited=true; SSRT=LZTDXwADAA; _gcl_au=1.1.126114399.1606652974; _ga=GA1.2.2011056424.1606652974; _gid=GA1.2.1346009720.1606652974; _gat=1; _uetsid=8945a080323e11ebb9337ff95fd3a967; _uetvid=8945b620323e11eb81455160f7a46a7b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1

Response headers

content-type: text/html; charset=UTF-8
content-length: 23537
date: Sun, 29 Nov 2020 12:29:33 GMT
server: Apache
rtss: 1-2-98
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
vary: Accept-Encoding
via: 1.1 b65847a7ad45381be5cfdaa6e8987064.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4 FRA53-C1
pragma: no-cache
expires: Sun, 31 May 2020 19:11:42 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-id: _VoWA6gQWKETjhMsSKK0eVXVe37xmMi7zMnTmoJkH6s2IltrAyDE_w==

GET collect
px.ads.linkedin.com/ 0
0

GET
H2 200 ip.json
api.company-target.com/api/v2/ 431 B
944 B 168ms
88ms XHR
application/json 13.224.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&page=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&page_title=Redirecting...%20%7C%20Malwarebytes&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-47.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:33 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
request-id: cecba34c-321b-4fc1-b2c2-9ddb4184bc88
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xoAdUbuku27vAX6oyc4dLIT1HWhfMij5XTmJPQS1XWFgLq_TDOqoRg==
expires: Sat, 28 Nov 2020 12:29:33 GMT

GET

log
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g

0
0

GET
H2 204 track
www.malwarebytes.com/__ssobj/ 0
360 B 56ms
56ms XHR
text/plain 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/track?event=ssPageloadTimer&value=0.021&x=1606676750401-1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 01:22:43 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 1-2-84
x-amz-cf-id: u_kH5UiNgOQk1fq-aJSRKRmU5pHvHCIwPyAv81jErm6Lcieg3v-paA==
sbss: 1
expires: -1

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1606652973853&cv=9&fst=1606652973853&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&tiba=Redirecting...%20%7C%20Malwarebytes&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
530 B 49ms
35ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1606652973853&cv=9&fst=1606651200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&tiba=Redirecting...%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=1949866606&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
530 B 48ms
33ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1606652973853&cv=9&fst=1606651200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2F%3FAFFILIATE%3D2108%26__c%3D1&tiba=Redirecting...%20%7C%20Malwarebytes&async=1&fmt=3&is_vtc=1&random=1949866606&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=15861582&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&ul=en-us&de=UTF-8&dt=Redirecting...%20%7C%20Malwarebytes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=2011056424.1606652974&tid=UA-3347303-10&_gid=1346009720.1606652974&cd20=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd1=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Paris&cd12=IDF&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=FR&cd18=(Non-Company%20Visitor)&z=1234426735

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 11:18:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4250
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST 0
bat.bing.com/actionp/ 0
0

GET
H2 200 sem-common.css
www.malwarebytes.com/lp/sem/assets/css/ 51 KB
9 KB 73ms
71ms Stylesheet
text/css 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b0598a37d86cbb420c950f32282e506ead47932390ba5b38dc7ae26ec60d48c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 08:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 23774
x-cache: Miss from cloudfront
rtss: 1-2-32
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
via: 1.1 541a8e92039ccf40eff671406e456e36.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-amz-cf-id: fYU1htykaHPhfqXVM1rlwmWgwk0a2kJcJqJQE8C0ZWX4ySO6SEo8Rw==

GET
H2 200 fonts.css
www.malwarebytes.com/css/ 7 KB
1 KB 12ms
10ms Stylesheet
text/css 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts.css
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18b971b4590a40339e26d1cb05809b6a5fb46a05fcf6ba376d3f799ae7a76572

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:53:24 GMT
server: AmazonS3
age: 498393
etag: W/"58294966a4e62a6f6f37502c3d1608eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 4Lq0SiIhvYAukYNUX8tBVmn-4gCua_Zx9JFaS5EolhS14o6N9PQIuQ==

GET
H2 200 jquery-1.12.4.min.js Show response
www.malwarebytes.com/lp/sem/assets/js/ 95 KB
33 KB 74ms
72ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/js/jquery-1.12.4.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 08:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 24689
x-cache: Miss from cloudfront
rtss: 1-2-65
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 10131483569b12d46be11abd6f162905.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-amz-cf-id: DCxH1_56z-2EmiX_WNh1ih_mO2LJHefI21_WzEnfoE1-W-hcFEi3AA==

GET
H/1.1 200
OK f76e4699-f667-4eae-9177-dcd167e7f028.js Show response
optanon.blob.core.windows.net/consent/ 149 KB
23 KB 211ms
54ms Script
application/x-javascript 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/consent/f76e4699-f667-4eae-9177-dcd167e7f028.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ad3a1f2f938066fde063e488f7d4cc1abb68e22c335e77fa380eb5b5883a5f16

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 29 Nov 2020 12:29:34 GMT
Content-Encoding: GZIP
Last-Modified: Fri, 19 Jul 2019 15:58:35 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: iuAWsqY7B7zJImo80Ff2gQ==
ETag: 0x8D70C61F5138C86
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 5bcc391c-b01e-0162-1e4b-c6d96b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: public, max-age=14400
x-ms-version: 2009-09-19
Content-Length: 22992

GET
H2 200 mess.js Show response
www.malwarebytes.com/js/ 11 KB
3 KB 14ms
13ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/mess.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb6584dd063f7e6deaec1350f203155a0fad402a022d6a2a75da1a82ae49c161

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:11 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:05 GMT
server: AmazonS3
age: 498384
etag: W/"f263deaca952e6384fef63f6b0757bfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xMnk9OsF_CtTEyp6X3tQSf8CLE_S8k01A4CvuxrqjyuhAGyDxWqqrQ==

GET
H2 200 modernizr.js Show response
www.malwarebytes.com/js/ 14 KB
6 KB 14ms
12ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/modernizr.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:05 GMT
server: AmazonS3
age: 498393
etag: W/"807ce93e9549a3aaa30ae63bda9f2eac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: SpqId74DbhXIrkSjLIMfYiIQ2Qllb1zdAwZJI6EOToAeQvVFXH4RSg==

GET
H2 200 core.js+ssdomvar.js+generic-adapter.js Show response
www.malwarebytes.com/__ssobj/ 15 KB
6 KB 32ms
30ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3d98b12490a6734925658a90821a5eb7355b957c31f247ed475419a18605909

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
rtss: 1-2-84
content-length: 5854
sbss: 1
last-modified: Sun, 22 Nov 2020 00:00:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 5TFwbWvFlR3IJ2RF6Zbjr4q3ChutEAaBLeNeqeMYEM8sesBUyDzpag==
expires: Mon, 30 Nov 2020 12:29:34 GMT

GET
H2 200 src-param-generator.js Show response
www.malwarebytes.com/js/ 2 KB
1 KB 14ms
13ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/src-param-generator.js?d=2020-11-24-17-37-40--0800
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd828e5a9fe484ff3de7c853f0adf85f162708e31bcb07b0dd99809b5f50b76a

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:06 GMT
server: AmazonS3
age: 498383
etag: W/"30e71ba3572543998b5782d405c4b8b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 9vLDWoJaZODeK_6NT5fdZ_jfxn7KMFPLDRIP6HMVVMSQRwzDPE-Kjg==

GET
H2 200 bluebird.min.js Show response
www.malwarebytes.com/lp/sem/assets/js/ 77 KB
23 KB 78ms
77ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/js/bluebird.min.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

67d7993c36df8dfb317efe03cdd393809687adeec6ae11182180e995b0b9a5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 08:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 23774
x-cache: Miss from cloudfront
rtss: 1-2-34
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 8cedfb7a16a346fb0119eb355ecdaf4c.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-amz-cf-id: dw87rzhqmKTVWFP45jMKuO60m_n0ZnSwSboTBmBKUR4LC0_CSEZLHA==

GET
H2 200 custom.js Show response
www.malwarebytes.com/lp/sem/assets/js/ 13 KB
4 KB 68ms
67ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/js/custom.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e0252b2781720497bde3ad1b383e98a8db35db7e4d79f6fabef4f67bc9eaea4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 08:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 23774
x-cache: Miss from cloudfront
rtss: 1-2-98
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 6ee1ff35a93d86a6b935b6d59393098c.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-amz-cf-id: VbAzsIE_qw_eQWn_W0jOgdsoDNG9aGMnp5XlHetYnLp4-w-5diFIoQ==

GET
H2 200 router.js Show response
www.malwarebytes.com/lp/sem/assets/js/ 4 KB
2 KB 69ms
68ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/js/router.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ba85322379a07fbf88e8b1e2086cf20c0bd246d2744373e23cc426bc25e696e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 08:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 23774
x-cache: Miss from cloudfront
rtss: 1-2-98
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 a3602df8c59827c17c06f3fdeb58f5d7.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
x-amz-cf-id: qWK7Sk2kJDww258pkuRB_pKDfotsQDLh4Ak7OdlQoDeDht3vhcm_wg==

GET
H2 200 global.js Show response
www.malwarebytes.com/js/ 19 KB
8 KB 14ms
13ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/global.js?d=2020-11-24-17-37-40--0800
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:02 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498393
etag: W/"9dc098a2322aa2bbc4e9329155c2f58e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mnE6LeIOV4WEvjq-dENtfDFWtDhVY5Wu6FEucu_gJsgLwHX3nGiKEg==

GET
H2 200 affiliate-sem-links.js Show response
www.malwarebytes.com/js/ 2 KB
1 KB 21ms
21ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/affiliate-sem-links.js?d=2020-11-24-17-37-40--0800
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73df43c53d47a5d38293a9055fa2a5835b8a5a67a186e9d510913fcfef1c4757

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:03 GMT
server: AmazonS3
age: 498383
etag: W/"4bdf4bb78ddf4e04b8546767b0e717c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: d1c2GNn-9dvcOFCA38RbTN9ufUzzb_82VxUOHW2AUWBYjs9UGFVARA==

GET
H/1.1 200
OK optanon.css
optanon.blob.core.windows.net/skins/5.2.0/default_flat_bottom_two_button_white/v2/css/ 23 KB
6 KB 53ms
52ms Stylesheet
text/css 52.239.137.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://optanon.blob.core.windows.net/skins/5.2.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/f76e4699-f667-4eae-9177-dcd167e7f028.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 624f53e9a51a40facdf352a914a135940a7cc3e129959d2d06bdf94e32ee0cbc

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 29 Nov 2020 12:29:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 20:24:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: EpnQqR8+GNyFFCyAbY4jgg==
ETag: 0x8D73D3F6BA9BC1B
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 5bcc394f-b01e-0162-4c4b-c6d96b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5564

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 31ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: optanon.blob.core.windows.net
URL: https://optanon.blob.core.windows.net/consent/f76e4699-f667-4eae-9177-dcd167e7f028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1606652974.dop213.fr8.t,1606652974.cds210.fr8.hn,1606652974.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 wai.gif Show response
genesis.malwarebytes.com/api/v1/ 338 B
559 B 90ms
89ms XHR
application/json 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/mess.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:21ae:6700:665f:c6c5:93f5:30a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0b1e3ca440f9c4ef9b1d4c83d77ffb34c977cc98765770f6e5ee608512ddea03

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Nov 2020 12:29:34 GMT
access-control-allow-credentials: true
server: Apache-Coyote/1.1
access-control-allow-headers: origin, content-type, accept, authorization
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2 200 arsmaquetteprolight-webfont.woff
www.malwarebytes.com/lp/sem/assets/fonts/ 30 KB
31 KB 68ms
66ms Font
application/font-woff 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/fonts/arsmaquetteprolight-webfont.woff

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ba8fc1547703fd75b32e3fda786c42032d061f1b1a7ad8d91fe568c8fe1d7ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 28 Nov 2020 15:18:23 GMT
via: 1.1 78ddfb54ad788c32ecf2935db37685b8.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 76271
x-cache: Miss from cloudfront
content-encoding: gzip
rtss: 1-2-94
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
accept-ranges: bytes
x-amz-cf-id: qx9ZwFiIGScbg2GV2al9AJld6goEsWLEzhLhA_GUt711zw_8ImnSHw==

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
63 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a1116e8df4d615af41c53dfb33e5391344d3eba04da41ca10f7de60e6db322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64825
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 12:29:34 GMT

GET
H2 200 sem_hero.jpg
www.malwarebytes.com/images/backgrounds/ 143 KB
144 KB 11ms
10ms Image
image/jpeg 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malwarebytes.com/images/backgrounds/sem_hero.jpg
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf9594ffd50b906aa3b937160bc995c4bf730bd4e10fb1c6d3e988b4350dcf5a

Request headers

Referer: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:50 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 17:53:42 GMT
server: AmazonS3
age: 498345
etag: "b268640f976ea3bf5dece8270028c11b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 146422
x-amz-cf-id: aNkdk4L14mQKfCSnTAvrOn1z7O1-kxDCF1dPHRT-iA4GjVWUA1NRcg==

GET
H2 200 arsmaquetteproregular-webfont.woff
www.malwarebytes.com/lp/sem/assets/fonts/ 31 KB
31 KB 72ms
70ms Font
application/font-woff 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/lp/sem/assets/fonts/arsmaquetteproregular-webfont.woff

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

c5044faf86cfea9758ce3c44d550c0856b1e768e73fba79c85aee13f5aefbd8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/lp/sem/assets/css/sem-common.css?d=2020-11-24-17-37-40--0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 28 Nov 2020 14:54:01 GMT
via: 1.1 afd7214ed49113ddaef00931a8295535.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 77733
x-cache: Miss from cloudfront
content-encoding: gzip
rtss: 1-2-64
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Nov 2020 01:38:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/font-woff
vary: Accept-Encoding
cache-control: max-age=604800, public
x-amz-cf-pop: LHR62-C4, FRA53-C1
accept-ranges: bytes
x-amz-cf-id: duZY1bsgqvhv3UI6yEewyYhdzf-fLrFgCtbj6zYeVyX23MCBB-7k9Q==

GET
H2 200 socicon.woff
www.malwarebytes.com/css/fonts/ 20 KB
20 KB 12ms
11ms Font
binary/octet-stream 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

Origin: https://www.malwarebytes.com
Referer: https://www.malwarebytes.com/css/fonts.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:06 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
age: 498389
x-cache: Hit from cloudfront
content-length: 20472
last-modified: Mon, 23 Nov 2020 17:53:26 GMT
server: AmazonS3
etag: "1657c09e2f39e574d79de040639def87"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://www.malwarebytes.com
cache-control: private, max-age=31536000, immutable
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: S1r18usUbFo5_k2yMGcvMPniXhQqwQzgSlRK0o1igSpP7CND_3NebA==

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
1 KB 89ms
69ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/assets/js/custom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

215215e7c7284d3529a3a4d0cb7b70bdb3b5767ddd7c8d652d292de64b9433d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: YouTube Frontend Proxy
date: Sun, 29 Nov 2020 12:29:34 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 810
x-xss-protection: 0
expires: Sun, 29 Nov 2020 12:29:34 GMT

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
246 B 24ms
23ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33101388296685385313_1606652974682&_=1606652974683

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5f9c55c3ce3ed6f9-FRA
content-length: 32
cf-request-id: 06b593ee5e0000d6f945a19000000001

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 70ms
69ms Script
application/javascript 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:03:01 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 17:56:04 GMT
server: AmazonS3
age: 498394
etag: W/"cb45a71066aa90353febec3e66fe17d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: private, max-age=31536000, immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xgqcz7fYN5kxq4l_sQItKZSe-FJmLk2YSM8d8EQuQrCsLhGaZJwwig==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2413
date: Sun, 29 Nov 2020 11:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 29 Nov 2020 13:49:21 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 19ms
19ms Script
application/x-javascript 2a02:26f0:eb:3a9::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a9::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10803
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 76ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
via: 1.1 varnish
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
age: 40970
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1606652975.764193,VS0,VE0
x-served-by: cache-fra19151-FRA

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fad69e675e60bf4ff15786bb96ca857fd275e3fe95bdcad01e3935b9c1f34ea

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 412175
cf-polished: origSize=2833
ce-version: 11.1.156
cf-request-id: 06b593ee7000002b898bbf8000000001
last-modified: Tue, 24 Nov 2020 17:59:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5f9c55c3e88c2b89-FRA
cf-bgj: minify

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 31ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: B905D2313CDB4FBA85EDC38E96301492 Ref B: FRAEDGE1215 Ref C: 2020-11-29T12:29:34Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H3-Q050

200

activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2...
9812475.fls.doubleclick.net/ Frame 9C02
Redirect Chain

https://9812475.fls.doubleclick.net/activityi;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem...
https://9812475.fls.doubleclick.net/activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F...

0
0

42ms
42ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9812475.fls.doubleclick.net/activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9812475.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Nov 2020 12:29:34 GMT
expires: Sun, 29 Nov 2020 12:29:34 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 370
x-xss-protection: 0
set-cookie: IDE=AHWqTUl3cSEuFI97tfT5lbEqkwhxPVcpPWxorYgxYtVfy5IFmX1Eoch8r161YxgV; expires=Fri, 24-Dec-2021 12:29:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Nov 2020 12:29:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9812475.fls.doubleclick.net/activityi;dc_pre=CLzl197gp-0CFcPmuwgdI4EA1A;src=9812475;type=conve0;cat=forms000;ord=1;num=7708476734067;gtm=2wgb41;auiddc=126114399.1606652974;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35be42c1d7d03e862cc9c3eed912b992f8a3a9a52e3eb0f7f2da3669da580ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38702
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 12:29:34 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 25ms
24ms Script
application/x-javascript 143.204.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-206-235.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 07:51:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 16689
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: CVlDomwJmZ7BXh0LVyeFLm5eU3HLjuRPFPmlMQsML52gC7CQtP6uwg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
50 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1301807811&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ul=en-us&de=UTF-8&dt=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAC~&jid=&gjid=&cid=2011056424.1606652974&tid=UA-3347303-10&_gid=1346009720.1606652974&_slc=1&cd20=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd1=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&z=80103394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 19ms
19ms Script
application/x-javascript 2a02:26f0:eb:3a9::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a9::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55284
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 2893.json Show response
script.crazyegg.com/pages/data-scripts/0081/ 4 KB
1 KB 14ms
14ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=5355509
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2524fc423108b3be5e97821e0f2591e25ca4738c741261e68d064c6f3fed73db

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 412169
ce-version: 11.1.156
content-length: 1002
cf-request-id: 06b593ee86000005c8f2a32000000001
last-modified: Tue, 24 Nov 2020 18:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 5f9c55c40e3405c8-FRA

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Nov 2020 12:29:34 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4072696&Ver=2&mid=922ea1a3-bb3f-4caa-9031-4b2f1f0dccd1&sid=8945a080323e11ebb9337ff95fd3a967&vid=8945b620323e11eb81455160f7a46a7b&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&p=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&r=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&lt=849&evt=pageLoad&msclkid=N&sv=1&rn=840407
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1C7CBC0B711C4C928D97F66A550420C7 Ref B: FRAEDGE1215 Ref C: 2020-11-29T12:29:34Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.156.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 98 KB
32 KB 16ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.156.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c296926f0373bc2a7adca2ac63a50ce44726c012e2d888cba37339313b9cde8

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Nov 2020 16:53:53 GMT
server: cloudflare
age: 412177
cf-polished: origSize=104478
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 5f9c55c429142b89-FRA
cf-request-id: 06b593ee9500002b899e038000000001
cf-bgj: minify

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1606652974739%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&liSync=true

0
81 B

181ms
181ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&liSync=true
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: YxyKV176SxZQY7vcdSsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: t/lETV76SxaQLhnH5CoAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 0516CE1343F4454C99BF112FAEE79CC7 Ref B: FRAEDGE1213 Ref C: 2020-11-29T12:29:34Z
x-frame-options: sameorigin
date: Sun, 29 Nov 2020 12:29:34 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652974739&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/77da52cd/www-widgetapi.vflset/ 99 KB
36 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/77da52cd/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a99f96133f0b18cb2cd2cf95fd8ceefd21cc214e3889b26ed2797a44754a547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 22:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Nov 2020 19:42:07 GMT
server: sffe
age: 138297
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36756
x-xss-protection: 0
expires: Sat, 27 Nov 2021 22:04:37 GMT

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 59 KB
16 KB 32ms
31ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/HWyTnY16.min.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 009035425552e482b1ae9c4a5431aa53ca93b842120959703c8a7277a06a336f

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: G_I1nzXs6N7en1Yo2P1mWO8aaOEwwr_e
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 14:12:04 GMT
server: AmazonS3
age: 137
etag: "9e4a5c172d9ba1d2c711305ace1fa4be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Sun, 29 Nov 2020 12:27:18 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: kc8s0BTvJ9-4o1OKFoTh7jAUs-dLkvCWZ2jfvB2sdus3v53xYasRQA==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 3 KB
2 KB 141ms
128ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1606652974775&cv=9&fst=1606652974775&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbf508c97a604fbfbe878ea90d45db3175a92fe63cc289e015fa415c37321dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 205ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Sun, 29 Nov 2020 12:29:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c8f1d8c89b673cd8dbbec590de051ae8
x-transaction: 00a4f23200054ff9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 431 B
944 B 113ms
112ms XHR
application/json 13.224.93.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&page=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&page_title=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-47.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 8569b223d593ad62fb87aebe1bdbca8c354ce5fa80d51d301c09365956f53aa0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:34 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
request-id: b6f8620b-3c6a-4911-8a6c-297f1e075ac9
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.malwarebytes.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b-5Il3YfcwuNrWvi6-XfewcuKjKJH_Cih8_SQCnJONNavYKmUHmU9Q==
expires: Sat, 28 Nov 2020 12:29:34 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://segments.company-target.com/log?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g&verifyHash=fc8e035d31f59f65b3663e83e02715b3366f5723

26 B
409 B

215ms
215ms

Image
image/gif

143.204.215.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g&verifyHash=fc8e035d31f59f65b3663e83e02715b3366f5723
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-69.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: fa3eef0bdda92012
X-Amz-Cf-Id: 4CT9wIOD2S8RQ3vjmDrUNVPFLzSvMrPNN8LssF9PvjmziEEcuCV3dQ==

Redirect headers

Date: Sun, 29 Nov 2020 12:29:34 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g&verifyHash=fc8e035d31f59f65b3663e83e02715b3366f5723
Connection: keep-alive
trace-id: 9d3b4d1b90288c99
Content-Length: 0
X-Amz-Cf-Id: f5lFA1Xn6ExEkorudUvgoYaQ-OYvdC0ntjCLP_LyMUc84xOvW4FUSQ==

GET
H2 204 track Show response
www.malwarebytes.com/__ssobj/ 0
618 B 30ms
29ms XHR
text/plain 2600:9000:214f:7000:8:d3fb:39c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.malwarebytes.com/__ssobj/track?event=ssPageloadTimer&value=0.005&x=1606683023621-1
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:8:d3fb:39c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 01:22:43 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
rtss: 1-2-84
x-amz-cf-id: mRkwWZv9rBTRSZshF-P2SzvanoZKkb4ULxLOjW9y8fFeZ-SoaazB-g==
sbss: 1
expires: -1

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1301807811&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ul=en-us&de=UTF-8&dt=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=SDCAAEABAAAAAC~&jid=&gjid=&cid=2011056424.1606652974&tid=UA-3347303-10&_gid=1346009720.1606652974&cd20=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd1=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Paris&cd12=IDF&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=FR&cd18=(Non-Company%20Visitor)&z=910396165

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 11:18:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4250
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
89 B 23ms
23ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1606652974775&cv=9&fst=1606651200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&async=1&fmt=3&is_vtc=1&random=1780833981&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
89 B 21ms
20ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1606652974775&cv=9&fst=1606651200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&async=1&fmt=3&is_vtc=1&random=1780833981&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1301807811&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ul=en-us&de=UTF-8&dt=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hash&ea=13c95182fa54910d24c52217209e8dd3&el=0&_u=SDCAAEABAAAAAC~&jid=&gjid=&cid=2011056424.1606652974&tid=UA-3347303-10&_gid=1346009720.1606652974&cd20=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd1=cmpId%3A57080%3BvarId%3A2040274%7CcmpName%3A2020_09_08%20Validation%20Campaign%3BvarName%3AOriginal&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Paris&cd12=IDF&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=FR&cd18=(Non-Company%20Visitor)&cd19=13c95182fa54910d24c52217209e8dd3&z=1142567533

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 11:18:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4251
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: CzCToYu+XvIRrp6I2jcnOz2GNNP0dG65z3QBDKo0glhZrB4Zuv7OxHSvDSFzyoTrBSmemAkVtZdCx7UD0U/cBA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 29 Nov 2020 12:29:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
server: cafe
etag: 18316426844545619554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Nov 2020 12:29:35 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 76ms
24ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 2198
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: E3GPNgkCq5ktS+FZEF46u6xtgL1/Yjm7DA1YjqWJrUQkPLtiki4zvHwQk8wR3yt/H9bHX3sJotQ=
x-served-by: cache-bwi5126-BWI, cache-hhn4052-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1606652975.441327,VS0,VE0
date: Sun, 29 Nov 2020 12:29:35 GMT
vary: Accept-Encoding
x-amz-request-id: 0B7AC2CDB2F933E1
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 765

GET
H2

200

s Show response
ads.avct.cloud/
Redirect Chain

https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j

0
336 B

37ms
37ms

Script
application/javascript

54.194.211.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.194.211.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

location: /s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
date: Sun, 29 Nov 2020 12:29:35 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 87
content-type: text/html; charset=utf-8

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 76ms
25ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 987
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: B2AE569D68D54B88
x-amz-id-2: bgAM2kZoDPtqGb/Lg23FRlOSRzW2nv0nHthzBN9rZfoiYG1X92XCn3t/KW3uI7hdzhS7F7WwNQg=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5581
content-type: application/javascript

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 75ms
24ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/lp/sem/?AFFILIATE=2108&__c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 192ms
142ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Sun, 29 Nov 2020 12:29:35 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8458156857fd409f7ed1c5d2e6ff2ad7
x-transaction: 0066e0c0008475e0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 5EE7 0
0 124ms
37ms Document
text/html 52.51.124.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&upid=r8yigtp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.124.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-124-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8mirph5&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&upid=r8yigtp&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1606652975413&cv=9&fst=1606652975413&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&li=0-1543_1-1595_2-1595_3-0_4-0&ig=1&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

838ec6778a4463958fd867d1a14b55fe1779d640c750abf0708ee6668f81b2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

398ee86d0a758420894121953a673b2e4e3c6270bca4e602a40f84c88fec9dab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70220
x-xss-protection: 0
pragma: public
x-fb-debug: NqAA/cfCvlZVrfiJBpQz5RbUKJVFNpuDe2gSDAF2y1IKqtHF57Eq1e4ZfLVy2RWhzDLi8F4aFArVNz4Pgy8TJg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 29 Nov 2020 12:29:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1550725104
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&rl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&if=false&ts=1606652975453&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606652975451.1192914970&it=1606652975424&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 29 Nov 2020 12:29:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=ViewContent&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&rl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&if=false&ts=1606652975456&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.1.1606652975451.1192914970&it=1606652975424&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 29 Nov 2020 12:29:35 GMT

GET
H2 200 10110317.json Show response
s.yimg.com/wi/config/ 46 B
688 B 167ms
124ms XHR
application/octet-stream 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10110317.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:36 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 29C5A0B8FE024A49
x-amz-id-2: VTBuAKxODZIomcfidiRPW0ajPCiml+EAyNG/GEQJMm9i2TOBSmK6VulcQCuwVezLG/13j+kA6nI=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 23 Jun 2020 16:15:29 GMT
server: ATS
etag: "cc3d0e0815ad7ef45a521c2a63b65393"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: wXZ_nu_nu9aA6v9PTivxO9CdOpSassoA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 28ms
28ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Tue, 09 Mar 2021 12:29:35 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 43 B
422 B 381ms
93ms Image
image/gif 3.217.219.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?j=1&u=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&tag=ViewContent&ts=1606652975464

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.219.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-219-88.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,4d99e44650e0f255458734f326b353c1,10.0.0.234,61358,82.102.18.235,,47955843997,1,1606652975.799,0.001,,.,0,0,0.000,0.004,-,0,0,197,208,104,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK visitWebPage Show response
805-usg-300.mktoresp.com/webevents/ 2 B
311 B 495ms
101ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1606652975493&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1606652975493-82868&_mchHo=www.malwarebytes.com&_mchPo=&_mchRu=%2Flp%2Fsem%2Fde%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&_mchQp=AFFILIATE%3D2108__-____c%3D1
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 77b3fa03-e2bd-48cc-a909-6b275d5edfa4

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
89 B 20ms
20ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1606652975413&cv=9&fst=1606651200000&num=1&guid=ON&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&fmt=3&is_vtc=1&random=1524689716&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
89 B 21ms
20ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1606652975413&cv=9&fst=1606651200000&num=1&guid=ON&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&ref=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&tiba=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&fmt=3&is_vtc=1&random=1524689716&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 12:29:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
935 B 106ms
36ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2029%20Nov%202020%2012%3A29%3A35%20GMT&n=-1&b=Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection&.yp=10110317&f=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&e=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 29 Nov 2020 12:29:35 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sun, 29 Nov 2020 12:29:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fde%2F%3FAFFILIATE%3D2108%26__c%3D1&rl=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1&if=false&ts=1606652976962&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Malwarebytes%20Premium%20%7C%20Anti-Malware%20Protection%22%2C%22meta%3Adescription%22%3A%22Malwarebytes%20Premium%20findet%20und%20beseitigt%20Schadsoftwareprogramme%2C%20die%20von%20Antivirensoftware%20nicht%20entdeckt%20werden.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&ec=2&o=30&fbp=fb.1.1606652975451.1192914970&it=1606652975424&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 12:29:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 29 Nov 2020 12:29:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1606652973829&url=https%3A%2F%2Fwww.malwarebytes.com%2Flp%2Fsem%2Fpc%2Findex.html%3FAFFILIATE%3D2108%26__c%3D1

Domain: segments.company-target.com
URL: https://segments.company-target.com/log?vendor=choca&user_id=AAEQL06_hygAAA_TY7Zp3g

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=4072696&Ver=2&mid=112199b8-7132-4734-83fa-619508cf0a3a&sid=8945a080323e11ebb9337ff95fd3a967&vid=8945b620323e11eb81455160f7a46a7b&vids=1&evt=pageHide

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malwarebytes.com/	1970-01-19 23:03:08	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Nov+29+2020+13%3A29%3A35+GMT%2B0100+(Central+European+Standard+Time)&version=5.2.0&landingPath=NotLandingPage&AwaitingReconsent=false&EU=true&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.malwarebytes.com/	1970-01-19 23:03:08	Name: SSRT Value: LpTDXwADAA
.malwarebytes.com/	1970-01-19 14:40:56	Name: _uetvid Value: 8945b620323e11eb81455160f7a46a7b
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSOC Value: 82.102.18.235
.www.malwarebytes.com/	1969-12-31 23:59:59	Name: SSResetOC Value: true
.malwarebytes.com/	1970-01-19 14:17:33	Name: _gat Value: 1
.malwarebytes.com/	1969-12-31 23:59:59	Name: SSSC Value: 551.G6900521971172516673.1\|53332.1909612:54027.1949662:54186.1954328:54514.1969076:54970.1979316:57080.2040274:57556.2050745:58009.2094556:58089.2096218:58282.2100000:58367.2101758:58795.2112932
.malwarebytes.com/	1970-01-19 23:03:02	Name: visid_incap_1232002 Value: SgkkqUMGRouZi1YPypfnbyyUw18AAAAAQUIPAAAAAAC+4fYwpekHt5SNUtH1C+4T
.malwarebytes.com/	1970-01-20 07:48:44	Name: _ga Value: GA1.2.2011056424.1606652974
.malwarebytes.com/	1970-01-19 14:18:59	Name: visited Value: true
.malwarebytes.com/	1969-12-31 23:59:59	Name: incap_ses_465_1232002 Value: +155EyBKjxkOdLg0SAN0BiyUw18AAAAATN4cYYdLMXugO4+GIFMpsQ==
.malwarebytes.com/	1970-01-19 17:10:20	Name: AVG_AFF_%95%B5%BC%A0%94%A9%94~ Value: %95%CB%A8%E2%96%AD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8
.malwarebytes.com/	1970-01-19 17:10:20	Name: AVG_AFF_SRC_%95%CB%A8%E2%96%A6%80~[%95%B5%BC%A0%94%A9%94~] Value: %9D%92%B1%B4%94%BD%BA%B9%92%A9%89%93%B1%D5%9C%DE%92%95%A7%B8
.malwarebytes.com/	1970-01-19 16:27:08	Name: _gcl_au Value: 1.1.126114399.1606652974
.doubleclick.net/	1970-01-19 23:39:08	Name: IDE Value: AHWqTUlu9r5ZAjGjsDYinTbR2T90VSH9vHLliCV7Bzs1IoG0ELvrDcdf5lvPSrEh
.malwarebytes.com/	1970-01-19 23:03:08	Name: SSID Value: CADodh2oAAAAAAAslMNfQSOEGCyUw18BAAAAAAAAAAAALJTDXwBNNfjeAAPSIR8ALJTDXwEAqtMAARjSHQAslMNfAQD_4wAB_hEgACyUw18BAKvlAAGkPSAALJTDXwEA1OAAAblKHwAslMNfAQBU0AABbCMdACyUw18BAAvTAAHevx0ALJTDXwEAmeIAAdz1HwAslMNfAQC61gABtDMeACyUw18BAPLUAAG0Cx4ALJTDXwEAquMAASALIAAslMNfAQDp4gABWvwfACyUw18BAA
.malwarebytes.com/	1970-01-19 14:18:59	Name: _uetsid Value: 8945a080323e11ebb9337ff95fd3a967
.malwarebytes.com/	1970-01-19 14:18:59	Name: _gid Value: GA1.2.1346009720.1606652974
.malwarebytes.com/	1970-01-23 04:41:32	Name: GKD Value: %96%B9%CB%D4%A1%97%A7%B4%A8%83%92%94%C7%C2%8C%99%A6%88%B4%B1%A9%A9%B5%9F%A9%DF%99u%A9%96%81%CC%C5%D5%89%DF%A8%AE%8Ep%95%CB%B8%A8

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.malwarebytes.com/lp/sem/pc/index.html?AFFILIATE=2108&__c=1(Line 1012) Message: setSSOC:82.102.18.235
console-api	log	URL: https://www.malwarebytes.com/lp/sem/de/?AFFILIATE=2108&__c=1(Line 1484) Message: getSSOC:82.102.18.235
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1480959392203028.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
9812475.fls.doubleclick.net
a.quora.com
ads.avct.cloud
ads.avocet.io
analytics.twitter.com
api.company-target.com
api.ipify.org
bat.bing.com
cdn.cookielaw.org
code.jquery.com
connect.facebook.net
estore.malwarebytes.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
match.prod.bidr.io
munchkin.marketo.net
optanon.blob.core.windows.net
px.ads.linkedin.com
q.quora.com
s.yimg.com
script.crazyegg.com
scripts.demandbase.com
secure.2checkout.com
secure.avangate.com
segments.company-target.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
www.securitystronghold.com
www.youtube.com
bat.bing.com
px.ads.linkedin.com
segments.company-target.com
104.109.95.62
104.244.42.131
104.244.42.197
13.224.93.47
143.204.206.235
143.204.215.105
143.204.215.69
151.101.113.2
151.101.12.157
172.217.18.2
192.28.144.124
2001:4de0:ac19::1:b:3a
212.82.100.181
216.58.208.38
2600:1f18:21ae:6700:665f:c6c5:93f5:30a0
2600:9000:214f:7000:8:d3fb:39c0:93a1
2606:4700:10::6814:b844
2606:4700::6810:9540
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9a
2a02:26f0:eb:3a9::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.217.219.88
45.60.14.94
52.239.137.4
52.51.124.53
54.194.211.3
54.225.220.115
54.72.203.0
68.66.206.25
009035425552e482b1ae9c4a5431aa53ca93b842120959703c8a7277a06a336f
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
0b1e3ca440f9c4ef9b1d4c83d77ffb34c977cc98765770f6e5ee608512ddea03
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
0fad69e675e60bf4ff15786bb96ca857fd275e3fe95bdcad01e3935b9c1f34ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18b971b4590a40339e26d1cb05809b6a5fb46a05fcf6ba376d3f799ae7a76572
215215e7c7284d3529a3a4d0cb7b70bdb3b5767ddd7c8d652d292de64b9433d7
2524fc423108b3be5e97821e0f2591e25ca4738c741261e68d064c6f3fed73db
2d66ca54a00dfbd3f600ac0fbc499269b8c96465378a0558420f0336be34ee32
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
35be42c1d7d03e862cc9c3eed912b992f8a3a9a52e3eb0f7f2da3669da580ab9
398ee86d0a758420894121953a673b2e4e3c6270bca4e602a40f84c88fec9dab
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a99f96133f0b18cb2cd2cf95fd8ceefd21cc214e3889b26ed2797a44754a547
4c296926f0373bc2a7adca2ac63a50ce44726c012e2d888cba37339313b9cde8
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
51f4cf88527819ae3950b1820aa534ebf6c2fcbc0894db427ba5ab59d9efd659
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
624f53e9a51a40facdf352a914a135940a7cc3e129959d2d06bdf94e32ee0cbc
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
66f39afda157857decb630f6ae9eabe94cd36d4271ff8154b11337709c617ba8
67d7993c36df8dfb317efe03cdd393809687adeec6ae11182180e995b0b9a5d2
6adfa7904ed2e99122851dae4e6a7e34464a6ee8b570245b3d5994682a536b0d
73df43c53d47a5d38293a9055fa2a5835b8a5a67a186e9d510913fcfef1c4757
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838ec6778a4463958fd867d1a14b55fe1779d640c750abf0708ee6668f81b2d0
84415c35f6869b6b17590d6ba8f3115751f14d54adecbb27123008c416e4556d
84a1116e8df4d615af41c53dfb33e5391344d3eba04da41ca10f7de60e6db322
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8569b223d593ad62fb87aebe1bdbca8c354ce5fa80d51d301c09365956f53aa0
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a23572ae5ca7dd59065f859330c4f60af40e669cadbe0120c48d0e5967f8cafc
a3d98b12490a6734925658a90821a5eb7355b957c31f247ed475419a18605909
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3a1f2f938066fde063e488f7d4cc1abb68e22c335e77fa380eb5b5883a5f16
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0598a37d86cbb420c950f32282e506ead47932390ba5b38dc7ae26ec60d48c9
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b29e1ec9f8d476c2dfed91412b9d3f101bd5c0e9c6b4b3de4f67fa48bb5e8f59
ba85322379a07fbf88e8b1e2086cf20c0bd246d2744373e23cc426bc25e696e9
ba8fc1547703fd75b32e3fda786c42032d061f1b1a7ad8d91fe568c8fe1d7ed1
bb6584dd063f7e6deaec1350f203155a0fad402a022d6a2a75da1a82ae49c161
c5044faf86cfea9758ce3c44d550c0856b1e768e73fba79c85aee13f5aefbd8f
cbf508c97a604fbfbe878ea90d45db3175a92fe63cc289e015fa415c37321dd7
cf9594ffd50b906aa3b937160bc995c4bf730bd4e10fb1c6d3e988b4350dcf5a
dd828e5a9fe484ff3de7c853f0adf85f162708e31bcb07b0dd99809b5f50b76a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0252b2781720497bde3ad1b383e98a8db35db7e4d79f6fabef4f67bc9eaea4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4055fd84425e3545c1c91b2d9a2ac5ffbb2aa53a1ab5510c19ca6277bca1571
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
ecab47f7c3258e37d5fb99aec3f55916ec5d26de0b83df33b51e41a47f72088f
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed2491fc7526ff0b5cfec3fe6f4cf8153796520fc845b735286b0f42183da98a
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f39efc86119f8b9af75ddc7622c6dcd63e68a031b4cf170fb024c5430e59981d
ff1d372f496f3a78a87d3c08ab1a4da2b607ebe0eb264a615f0e6cff3b74d870

www.malwarebytes.com Open in urlscan Pro 2600:9000:214f:7000:8:d3fb:39c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

52 %IPv6

36 Domains

44 Subdomains

41 IPs

8 Countries

1187 kBTransfer

3412 kBSize

19 Cookies

10 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.malwarebytes.com Open in urlscan Pro
2600:9000:214f:7000:8:d3fb:39c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

52 %
IPv6

36
Domains

44
Subdomains

41
IPs

8
Countries

1187 kB
Transfer

3412 kB
Size

19
Cookies

123 HTTP transactions
0 data transactions