www.malwarebytes.com
Open in
urlscan Pro
192.0.66.233
Public Scan
URL:
https://www.malwarebytes.com/blog/scams/2024/12/repeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads
Submission: On December 04 via api from TR — Scanned from US
Submission: On December 04 via api from TR — Scanned from US
Summary
This website contacted 24 IPs
in 2 countries
across 18 domains to perform 99 HTTP transactions.
The main IP is 192.0.66.233, located in
San Francisco, United States and
belongs to AUTOMATTIC, US.
The main domain is www.malwarebytes.com.
The Cisco Umbrella rank of the primary domain is 52743.
TLS certificate: Issued by E5 on October 20th 2024. Valid for: 3 months.
This is the only time www.malwarebytes.com was scanned on urlscan.io!
TLS certificate: Issued by E5 on October 20th 2024. Valid for: 3 months.
This is the only time www.malwarebytes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 31 | 192.0.66.233 192.0.66.233 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 3 | 199.232.192.134 199.232.192.134 | 54113 (FASTLY) (FASTLY) | |
| 2 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 20 | 172.253.63.97 172.253.63.97 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 169.150.236.105 169.150.236.105 | 60068 (CDN77 Dat...) (CDN77 Datacamp Limited) | |
| 1 | 172.64.149.114 172.64.149.114 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 192.0.73.2 192.0.73.2 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 1 | 34.200.6.132 34.200.6.132 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 9 | 104.18.86.42 104.18.86.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 151.101.192.134 151.101.192.134 | 54113 (FASTLY) (FASTLY) | |
| 1 | 172.64.155.119 172.64.155.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 3.166.192.51 3.166.192.51 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 142.251.167.103 142.251.167.103 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 3.167.88.90 3.167.88.90 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 23.50.120.198 23.50.120.198 | 20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.) | |
| 2 | 150.171.28.10 150.171.28.10 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 23.15.70.209 23.15.70.209 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 2 | 142.250.31.102 142.250.31.102 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 142.251.163.102 142.251.163.102 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 172.253.122.156 172.253.122.156 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 13.107.42.14 13.107.42.14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 172.253.63.155 172.253.63.155 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 192.28.144.124 192.28.144.124 | () () | |
| 99 | 24 |
20
172.253.63.97
(United States)
ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
| www.googletagmanager.com |
2
169.150.236.105
(Chicago, United States)
ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-236-105.bunnyinfra.net
ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-236-105.bunnyinfra.net
| plausible.io |
1
34.200.6.132
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-6-132.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-6-132.compute-1.amazonaws.com
| genesis.malwarebytes.com |
2
3.166.192.51
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-51.phl51.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-166-192-51.phl51.r.cloudfront.net
| c.disquscdn.com |
1
142.251.167.103
(Farmingdale, United States)
ASN15169 (GOOGLE, US)
PTR: ww-in-f103.1e100.net
ASN15169 (GOOGLE, US)
PTR: ww-in-f103.1e100.net
| www.google.com |
1
3.167.88.90
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-167-88-90.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-167-88-90.iad55.r.cloudfront.net
| d2jjzw81hqbuqv.cloudfront.net |
2
23.50.120.198
(Marietta, United States)
ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-120-198.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-120-198.deploy.static.akamaitechnologies.com
| snap.licdn.com |
2
23.15.70.209
(United States)
ASN16625 (AKAMAI-AS, US)
PTR: a23-15-70-209.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-15-70-209.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
1
142.251.163.102
(Farmingdale, United States)
ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net
ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net
| analytics.google.com |
4
172.253.122.156
(United States)
ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
| stats.g.doubleclick.net | |
| td.doubleclick.net |
2
172.253.63.155
(United States)
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
malwarebytes.com
www.malwarebytes.com — Cisco Umbrella Rank: 52743 genesis.malwarebytes.com — Cisco Umbrella Rank: 276528 |
1 MB |
| 20 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
484 KB |
| 9 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329 |
207 KB |
| 6 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 |
5 KB |
| 4 |
google.com
www.google.com — Cisco Umbrella Rank: 3 google.com — Cisco Umbrella Rank: 1 analytics.google.com — Cisco Umbrella Rank: 142 |
20 B |
| 4 |
disqus.com
malwarebytesunpacked.disqus.com — Cisco Umbrella Rank: 415692 disqus.com — Cisco Umbrella Rank: 1315 |
29 KB |
| 2 |
linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333 www.linkedin.com Failed |
1 KB |
| 2 |
marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3671 |
6 KB |
| 2 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 359 |
15 KB |
| 2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831 |
15 KB |
| 2 |
disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 6938 |
841 B |
| 2 |
plausible.io
plausible.io — Cisco Umbrella Rank: 9011 |
2 KB |
| 2 |
wp.com
stats.wp.com — Cisco Umbrella Rank: 3804 pixel.wp.com — Cisco Umbrella Rank: 3757 |
3 KB |
| 1 |
mktoresp.com
805-usg-300.mktoresp.com |
318 B |
| 1 |
cloudfront.net
d2jjzw81hqbuqv.cloudfront.net |
12 KB |
| 1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514 |
316 B |
| 1 |
gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2458 |
10 KB |
| 1 |
weglot.com
api.weglot.com — Cisco Umbrella Rank: 20754 |
2 KB |
| 99 | 18 |
| Domain | Requested by | |
|---|---|---|
| 31 | www.malwarebytes.com |
www.malwarebytes.com
|
| 20 | www.googletagmanager.com |
www.malwarebytes.com
www.googletagmanager.com |
| 9 | cdn.cookielaw.org |
www.malwarebytes.com
cdn.cookielaw.org |
| 3 | td.doubleclick.net |
www.googletagmanager.com
|
| 3 | malwarebytesunpacked.disqus.com |
www.malwarebytes.com
malwarebytesunpacked.disqus.com |
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 2 | px.ads.linkedin.com |
snap.licdn.com
|
| 2 | google.com |
www.googletagmanager.com
|
| 2 | munchkin.marketo.net |
www.malwarebytes.com
munchkin.marketo.net |
| 2 | bat.bing.com |
www.googletagmanager.com
bat.bing.com |
| 2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
| 2 | c.disquscdn.com |
malwarebytesunpacked.disqus.com
|
| 2 | plausible.io |
www.malwarebytes.com
plausible.io |
| 1 | 805-usg-300.mktoresp.com |
munchkin.marketo.net
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | analytics.google.com |
www.googletagmanager.com
|
| 1 | d2jjzw81hqbuqv.cloudfront.net |
www.googletagmanager.com
|
| 1 | www.google.com |
www.googletagmanager.com
|
| 1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
| 1 | disqus.com |
malwarebytesunpacked.disqus.com
|
| 1 | pixel.wp.com |
www.malwarebytes.com
|
| 1 | genesis.malwarebytes.com |
www.malwarebytes.com
|
| 1 | secure.gravatar.com |
www.malwarebytes.com
|
| 1 | api.weglot.com |
www.malwarebytes.com
|
| 1 | stats.wp.com |
www.malwarebytes.com
|
| 0 | www.linkedin.com Failed | |
| 99 | 26 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| malwarebytes.com E5 |
2024-10-20 - 2025-01-18 |
3 months | crt.sh |
| *.disqus.com Sectigo RSA Domain Validation Secure Server CA |
2024-04-16 - 2025-04-16 |
a year | crt.sh |
| *.wp.com Sectigo ECC Domain Validation Secure Server CA |
2023-11-28 - 2024-12-28 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| plausible.io R10 |
2024-11-29 - 2025-02-27 |
3 months | crt.sh |
| api.weglot.com WE1 |
2024-10-27 - 2025-01-25 |
3 months | crt.sh |
| *.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2023-12-05 - 2025-01-04 |
a year | crt.sh |
| cookielaw.org WE1 |
2024-10-11 - 2025-01-09 |
3 months | crt.sh |
| geolocation.onetrust.com WE1 |
2024-10-11 - 2025-01-09 |
3 months | crt.sh |
| a.disquscdn.com Amazon RSA 2048 M02 |
2024-07-30 - 2025-08-27 |
a year | crt.sh |
| *.google.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2024-12-02 - 2025-12-01 |
a year | crt.sh |
| www.bing.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-09-16 - 2025-03-15 |
6 months | crt.sh |
| *.marketo.net DigiCert TLS RSA SHA256 2020 CA1 |
2024-10-22 - 2025-10-24 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| *.doubleclick.net WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| www.linkedin.com DigiCert SHA2 Secure Server CA |
2024-10-14 - 2025-04-14 |
6 months | crt.sh |
| *.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-08-15 - 2025-09-15 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.malwarebytes.com/blog/scams/2024/12/repeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads
Frame ID: 00308DF1ABDD8B7E47270FEF60FA5378
Requests: 96 HTTP requests in this frame
Frame:
https://disqus.com/embed/comments/?base=default&f=malwarebytesunpacked&t_i=124214&t_u=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&t_d=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads&t_t=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads&s_o=default
Frame ID: CE3E2D27342C301C8C1A429499A3FBBE
Requests: 1 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 19B39F291EFB08E7251ABD745202BF92
Requests: 1 HTTP requests in this frame
Frame:
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 5C98EBA6BBF27358C67A6B36A3DC1F96
Requests: 1 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.malwarebytes.com
Frame ID: 2D36537287F00565D613313691DC45C4
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-K8KCHE3KSC&gacid=196966599.1733278627>m=45je4bk0v872204243z86688972za200zb6688972&dma=0&gcs=G1--&gcd=13l3l3R3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=663993812
Frame ID: 7BE6017929C5DF1FAEFBA215C71ED2DC
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/rul/930356311?random=1733278627569&cv=11&fst=1733278627569&fmt=3&bg=ffffff&guid=ON&async=1>m=45be4bk0v9137103858za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&hn=www.googleadservices.com&frm=0&tiba=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads%20%7C%20Malwarebytes&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&auid=100192708.1733278626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 61960F779B838A3A26EEEA74F4F54472
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/rul/407675570?random=1733278627587&cv=11&fst=1733278627587&fmt=3&bg=ffffff&guid=ON&async=1>m=45be4bk0v9137103858za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&hn=www.googleadservices.com&frm=0&tiba=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads%20%7C%20Malwarebytes&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&auid=100192708.1733278626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: DE6F563F80F560A5648290753EF231D6
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Repeat offenders drive bulk of tech support scams via Google Ads | MalwarebytesDetected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Marketo
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Weglot
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- wp-content/plugins/weglot
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
27 Outgoing links
These are links going to different origins than the main page.
URL: https://my.malwarebytes.com/en/login
Title: Sign In
Title: Sign In
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-mb-nav-threatdown
Title: ThreatDown >
Title: ThreatDown >
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/pricing/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cat-en-us-navbar-pricing-business-pricing-click
Title: Business pricing (5+ employees)
Title: Business pricing (5+ employees)
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/partner-program/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-navbar-partners-explore-partnerships-en-test
Title: ThreatDown: Malwarebytes for Business
Title: ThreatDown: Malwarebytes for Business
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/partner-program/partner-reseller/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-navbar-partners-solution-providers-en-test
Title: Resellers
Title: Resellers
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/partner-program/msp/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-navbar-partners-managed-service-providers-en-test
Title: Managed Service Providers (MSP/ISS) >
Title: Managed Service Providers (MSP/ISS) >
Search URL Search Domain Scan URL
URL: https://support.malwarebytes.com/hc/en-us
Title: Malwarebytes Personal Support
Title: Malwarebytes Personal Support
Search URL Search Domain Scan URL
URL: https://support.threatdown.com/hc/en-us/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-navbar-support-Threatdown-business-click
Title: ThreatDown Business Support
Title: ThreatDown Business Support
Search URL Search Domain Scan URL
URL: https://forums.malwarebytes.com/
Title: Community Forums
Title: Community Forums
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Malwarebytes/
Search URL Search Domain Scan URL
URL: https://twitter.com/malwarebytes
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/malwarebytes
Search URL Search Domain Scan URL
URL: https://www.ic3.gov/AnnualReport/Reports/2023_IC3Report.pdf
Title: 2023 Internet Crime Report
Title: 2023 Internet Crime Report
Search URL Search Domain Scan URL
URL: http://www.facebook.com/sharer.php?u=https://www.malwarebytes.com/blog/scams/2024/12/repeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads
Search URL Search Domain Scan URL
URL: https://twitter.com/intent/tweet?text=Repeat+offenders+drive+bulk+of+tech+support+scams+via+Google+Ads+https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&via=Malwarebytes
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.malwarebytes.com/blog/scams/2024/12/repeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&summary=&source=
Search URL Search Domain Scan URL
URL: https://go.onelink.me/app/516cebeb
Search URL Search Domain Scan URL
URL: https://apps.apple.com/US/app/id1327105431?mt=8
Search URL Search Domain Scan URL
URL: https://forums.malwarebytes.com/forum/122-false-positives
Title: False Positive Report
Title: False Positive Report
Search URL Search Domain Scan URL
URL: https://my.malwarebytes.com/
Title: Sign in to MyAccount
Title: Sign in to MyAccount
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-mb-footer-threatdown-logo
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-mb-footer-threatdown-endpoint-solution
Title: Business Endpoint Security Solutions
Title: Business Endpoint Security Solutions
Search URL Search Domain Scan URL
URL: https://www.threatdown.com/partner-program/msp/?utm_campaign=mwb-referral&utm_source=malwarebytes.com&utm_medium=referral&utm_content=cta-en-us-footer-partner-msp
Title: Managed Service Provider (MSP) Program
Title: Managed Service Provider (MSP) Program
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Malwarebytes
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/Malwarebytes
Title: Youtube
Title: Youtube
Search URL Search Domain Scan URL
URL: https://www.instagram.com/malwarebytesofficial
Title: Instagram
Title: Instagram
Search URL Search Domain Scan URL
URL: https://www.onetrust.com/products/cookie-consent/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 86- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1733278627280&li_adsId=694fd06e-f677-4948-8e5f-26791077bcca&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1733278627280&li_adsId=694fd06e-f677-4948-8e5f-26791077bcca&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1733278627280%26li_adsId%3D694fd06e-f677-4948-8e5f-26791077bcca%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fblog%252Fscams%252F2024%252F12%252Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads%26cookiesTest%3Dtrue%26liSync%3Dtrue
99 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
repeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads
www.malwarebytes.com/blog/scams/2024/12/ |
139 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RobotoSerif-Medium.a8a104b1.woff2
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
172 KB 172 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RobotoSerif-Medium.00ec4109.woff
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
125 KB 126 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RobotoSerif-light.725d86a1.woff2
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
174 KB 174 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RobotoSerif-light.bbcf9d54.woff
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
121 KB 121 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Regular.b009a76a.woff2
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
15 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Regular.f1e2a767.woff
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Bold.227c9319.woff2
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
15 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Bold.77ecb942.woff
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Black.2e8becfc.woff2
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
15 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Black.f5677eb2.woff
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/fonts/ |
20 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
shape-challenger-2.307bef30.png
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-loader.6f9ac78c.gif
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/images/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-play.5ed26b30.png
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/images/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-store.0d6e625d.png
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/images/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.malwarebytes.com/_static/ |
163 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-fonts.css
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/ |
2 KB 577 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-blog.css
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/ |
64 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base.css
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/ |
166 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/library/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
front-js.js
www.malwarebytes.com/wp-content/plugins/weglot/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Malwarebytes_Labs_logo_Color-2.png
www.malwarebytes.com/wp-content/uploads/sites/2/2023/07/ |
962 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
offender.jpg
www.malwarebytes.com/wp-content/uploads/sites/2/2024/12/ |
120 KB 121 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image_6d6dbe.png
www.malwarebytes.com/wp-content/uploads/sites/2/2024/12/ |
40 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image_94caca.png
www.malwarebytes.com/wp-content/uploads/sites/2/2024/12/ |
182 KB 182 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ThreatDown_Horizontal_Reverse-2-2.svg
www.malwarebytes.com/wp-content/uploads/sites/2/2023/11/ |
28 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
count.js
malwarebytesunpacked.disqus.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.malwarebytes.com/wp-includes/js/jquery/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.malwarebytes.com/_static/ |
80 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-vwo-personalization-threatdown.js
www.malwarebytes.com/wp-content/themes/malwarebytes/assets/build/ |
698 B 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.malwarebytes.com/_static/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202449.js
stats.wp.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
495 KB 149 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
plausible.io/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
embed.js
malwarebytesunpacked.disqus.com/ |
80 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
pageviews
api.weglot.com/ |
2 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
577 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
436 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8ff7688dd7aaf66effb89c65203ee7c3
secure.gravatar.com/avatar/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
locate
genesis.malwarebytes.com/api/v1/ |
413 B 595 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 177 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
count-data.js
malwarebytesunpacked.disqus.com/ |
355 B 938 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
event
plausible.io/api/ |
2 B 493 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 52 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 270 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 52 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 52 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a
www.googletagmanager.com/ |
0 52 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
disqus.com/embed/comments/ Frame CE3E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
82971089-2677-4e1e-8fab-44444f76330b.json
cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
69 B 316 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cropped-favicon-512x512-1-1.png
www.malwarebytes.com/wp-content/uploads/sites/2/2023/08/ |
562 B 809 B |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202402.1.0/ |
430 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 19B3 |
337 B 841 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 5C98 |
337 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/82971089-2677-4e1e-8fab-44444f76330b/018e2f1e-12b2-7a41-ab63-6c6e010fa4d9/ |
108 KB 26 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google.com/ccm/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
447 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
malwarebytes.min.js
d2jjzw81hqbuqv.cloudfront.net/integration/clients/ |
48 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
2 KB 1006 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
destination
www.googletagmanager.com/gtag/ |
296 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
296 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/ |
64 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 2D36 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 495 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MWB_logo_horizontal_RGB.png
cdn.cookielaw.org/logos/4e1c8bc8-2743-413b-8699-aad2216e8616/3be7f101-47f0-48ab-ae22-e34efabb8a62/9b43fe5c-b22b-40eb-9d38-57e36d038e98/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
407675570
google.com/pagead/form-data/ |
0 0 |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
407675570
google.com/ccm/form-data/ |
0 20 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 549 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame 7BE6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
attribution_trigger
px.ads.linkedin.com/ |
2 B 980 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
li_sync
www.linkedin.com/px/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4072696.js
bat.bing.com/p/action/ |
363 B 423 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/163/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
930356311
td.doubleclick.net/td/rul/ Frame 6196 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/407675570/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
407675570
td.doubleclick.net/td/rul/ Frame DE6F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
0
bat.bing.com/action/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
visitWebPage
805-usg-300.mktoresp.com/webevents/ |
2 B 318 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
a
www.googletagmanager.com/ |
0 14 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.google.com/pagead/1p-user-list/407675570/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
www.google.com/pagead/1p-user-list/930356311/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
a
www.googletagmanager.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 200 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.linkedin.com
- URL
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1733278627280%26li_adsId%3D694fd06e-f677-4948-8e5f-26791077bcca%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Fblog%252Fscams%252F2024%252F12%252Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads%26cookiesTest%3Dtrue%26liSync%3Dtrue
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=5635a6f9-84f1-4d0a-9c1c-544150a6a9d5&bo=1&sid=dc773670b1e511ef97071515ed04ed3e&vid=dc774310b1e511efa6eadf38f4401744&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads%20%7C%20Malwarebytes&p=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&r=<=2921&evt=pageLoad&sv=1&cdb=AQET&rn=359404
- Domain
- www.google.com
- URL
- https://www.google.com/pagead/1p-user-list/407675570/?random=1733278627587&cv=11&fst=1733277600000&bg=ffffff&guid=ON&async=1>m=45be4bk0v9137103858za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&hn=www.googleadservices.com&frm=0&tiba=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads%20%7C%20Malwarebytes&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&auid=100192708.1733278626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dUy2yiKZekUNrVr7V3BTfxf087DfUkA&random=641183051&rmt_tld=0&ipr=y
- Domain
- www.google.com
- URL
- https://www.google.com/pagead/1p-user-list/930356311/?random=1733278627569&cv=11&fst=1733277600000&bg=ffffff&guid=ON&async=1>m=45be4bk0v9137103858za200&gcd=13l3l3R3l5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&hn=www.googleadservices.com&frm=0&tiba=Repeat%20offenders%20drive%20bulk%20of%20tech%20support%20scams%20via%20Google%20Ads%20%7C%20Malwarebytes&did=dYWJhMj&gdid=dYWJhMj&npa=0&pscdl=noapi&auid=100192708.1733278626&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dn3zhne7kQLrmazHmQPlsxDhR5z1Yyw&random=1794445057&rmt_tld=0&ipr=y
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/a?id=GTM-MKSKW3&v=3&t=t&pid=1765430697&cv=597&rv=4bk0&tc=206&tag_exp=101925629~102067555~102067808~102081485&e=*&eid=33&u=AgAAAIAIAAAAAACA&ut=Ag&h=Ag&tr=5html.5html&ti=2html.2html&z=0
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer function| disqus_config object| global_variables function| loadCSS function| _createClass function| _classCallCheck function| MdBrowserCompatibilityChecker function| jQuery object| geot object| siteConfig object| _stq function| triggerScriptLoader function| loadScripts object| geotWP function| Sifter object| MicroPlugin function| Selectize object| CTRY_CURRENCY_LIST string| country string| hsh object| MESS function| getParameterValue function| personalization_marketingcampaigns_paid function| setCookie function| customerSourceCookie function| st_go function| linktracker_init object| wpcom object| DISQUSWIDGETS object| DISQUS function| plausible object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| OptanonWrapper function| _typeof function| _defineProperty function| _toPropertyKey function| _toPrimitive object| utmParams function| getUTMParameterValue function| storeUTMValuesInCookie function| capitalizeFirstLetter function| populateUTMFieldsFromCookie function| populateUTMFieldsFromURL function| getCookie object| OtTrustedType object| otStubData object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups object| _talkableq string| _linkedin_data_partner_id string| lead_source_url function| get_hostname function| getMainDomain function| setAttributionCookie function| getAttributionCookie object| desitnation_url_keywords object| VWO function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_d12625cfe8 object| uetq function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| talkablePlacementsConfig object| talkable object| _TALKABLE_PER_CLIENT_CONFIG object| GooglebQhCsO object| MunchkinTracker object| ORIBILI19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .malwarebytes.com/blog/scams/2024/12 | Name: gaUserID Value: 4B6F5C30-4FBE-4ED1-B367-6171D5CB66C4 |
|
| disqus.com/ | Name: __jid Value: 308uoi43tfvchk |
|
| .disqus.com/ | Name: disqus_unique Value: 308uojq1cinti2 |
|
| .malwarebytes.com/ | Name: _gcl_au Value: 1.1.100192708.1733278626 |
|
| .malwarebytes.com/ | Name: original_referral_url Value: malwarebytes.com |
|
| .malwarebytes.com/ | Name: most_recent_referral_url Value: malwarebytes.com |
|
| .malwarebytes.com/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Dec+03+2024+16%3A17%3A06+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=366502bf-c782-431c-a421-076663c7ad41&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Fblog%2Fscams%2F2024%2F12%2Frepeat-offenders-drive-bulk-of-tech-support-scams-via-google-ads&groups=BG71%3A1%2CC0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1 |
|
| .malwarebytes.com/ | Name: _ga_K8KCHE3KSC Value: GS1.1.1733278627.1.0.1733278627.60.0.0 |
|
| .malwarebytes.com/ | Name: _ga Value: GA1.1.196966599.1733278627 |
|
| www.malwarebytes.com/ | Name: tkbl_session Value: 8039c3f6-b096-47fe-bce0-366041d5c69a |
|
| .malwarebytes.com/ | Name: _uetsid Value: dc773670b1e511ef97071515ed04ed3e |
|
| .malwarebytes.com/ | Name: _uetvid Value: dc774310b1e511efa6eadf38f4401744 |
|
| .malwarebytes.com/ | Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1733278627740-37953 |
|
| .linkedin.com/ | Name: li_sugr Value: 3b79b0c5-52ca-499e-979d-85fec55648cb |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&3616cbab-b073-4760-8927-ae5e58ed2751" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2996:u=1:x=1:i=1733278627:t=1733365027:v=2:sig=AQFJfcIghuFdmCj85VH0YiKZr7pci5yx" |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQJeR98_1AacfwAAAZOPdPheXPzN2bvm5AGEPOgMS2NU0S8iS43ME2D5Dy6Tsq5tvBIB-0BS2edx3A |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQKmA4ckeXSjogAAAZOPdPheiFzLX8wjUWkfRjeY3atSv7t19ll61_RIssqr6oMZ44CTkxJffO-JDNjLTAMi_Q |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
805-usg-300.mktoresp.com
analytics.google.com
api.weglot.com
bat.bing.com
c.disquscdn.com
cdn.cookielaw.org
d2jjzw81hqbuqv.cloudfront.net
disqus.com
genesis.malwarebytes.com
geolocation.onetrust.com
google.com
googleads.g.doubleclick.net
malwarebytesunpacked.disqus.com
munchkin.marketo.net
pixel.wp.com
plausible.io
px.ads.linkedin.com
secure.gravatar.com
snap.licdn.com
stats.g.doubleclick.net
stats.wp.com
td.doubleclick.net
www.google.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
bat.bing.com
www.google.com
www.googletagmanager.com
www.linkedin.com
104.18.86.42
13.107.42.14
142.250.31.102
142.251.163.102
142.251.167.103
150.171.28.10
151.101.192.134
169.150.236.105
172.253.122.156
172.253.63.155
172.253.63.97
172.64.149.114
172.64.155.119
192.0.66.233
192.0.73.2
192.0.76.3
192.28.144.124
199.232.192.134
23.15.70.209
23.50.120.198
3.166.192.51
3.167.88.90
34.200.6.132
00893edfb823143a2941fc1762dc460dd131e3c4f8cec2782c60a56d4820a2f8
06f645f02df4d0db97d024a8afaed481530fa1c533631b69a1defe2c5351d6de
0aa10e1d078fcba8a8c9c654650d01b1e9562fb419ca536ad23fcb960bad9b2b
0ed759f9b0f407aa73df997bddf186c37a1927d2b0f8d2f7031067ecacf7581d
1fc4302f08484cb4df0a32e6cf6ce58cc057de2eed9c645cfdabebef1d3306d1
242aa88120783594cb0c56ff247407db601e2a09c4f598f7c7d40b9b2ba6369e
24c613a2bb6db3e4b670cd5ab76d56edd869f3472bc463d8e8431421deb324d3
24ed9db3eb0d97ecf1f0832cbd30bd37744e0d2b520ccdad5af60f7a08a45b90
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d71a55f5dad7cda17ce63dd9d673c81550681f90d9c059ca23e3be81967c602
2e7a03672c8aee8a48a7b996bcbb820055e4ebffe37f197849e801dc2660d8c8
30590261823ba5df8c6c0e2ea141c474a9532d2ebb9d4ccbc45324fb902423b3
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45673e77a8cd19ef020e02d8c339376a7d675b6898d9a9c4c2aa831e6c7272f8
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4ca7509272fd378d23ad6d1c7f7bfce000ae1569832b6347b8bce568816ed159
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5cc65fe8f531ad863a0b62c866debe600d3ab97034423ebc7e4358a405106f73
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fd947b27cb2c1888e7b3bb5272375acdb6efa01968af9a5bca33cbfb9358103
63bf4337537f6f4c363fd1bac1d5a7e0eb0d1468a1ad766e463f0075675cab08
63ccbd40f783b34fe6bc9ef9e971de08e32012b91ee81dd54b325ecf527c1dac
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d1f878259463317e1c90fea81b4f5d842248e14d3b23fb19dc54cf62f5e7eac
6eac02b1761c62ace94875848fb6cf12728c936a19384a7758b07be6c3b86446
71e7d96e0b15924a58f28b82f88627957a5ea25f7a23930c295186f3412cca2c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dfe96249d73eae447d1edadecd5cc098ab76099647c9e2cf8f3b616d5fe5ee7
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
837bb391f879a1edd4521ce965b614bb760c6a2eeacde80329a57631196bea73
83ec965817cc644f3583df6524a72f6632f3ed0ecb311cf9eca63a2f440e5a77
9109bd30c1e43caf4d95fe151f85e6b9a668ba109bbfc93a05baa2b0cdbef069
9493ef8d4ffa2372bc105ae6ff98c9d169c465255578e5ddb4a8a48d56e453aa
97f46152f920909a426691b31b71ed2cfcfc3218465957208b0ae961f68fa590
9f3e06504564c5749ee1d408c20ccd412ab5f00cfc1ebf14e3dfa8748c01c51b
a163f2ca5ba23ca9f8e4a6c3d27665160a63fb7379e4504ca0b05cd676149afb
a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6
a31075ffee8f7f5a8c4fb44cf53c03afb48c73a035e064b7a9af49cf0fa7ca98
a52f68095f3d06ee602c5137a535b020173e2c63f76e9d39c7a36c50e022f680
a89b37fb8a2c2cb333b4f787b8f730de25a9bfbd10fcfcea3185b813c6231e09
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b556aa0c99a333220bef9718a277f81139f356534c0c707430252f445f769b8b
b828af9557954b648fa989cf0365a6dff54ac540e73d16cb2d73c73cc88a921f
bbf5ef817d938f8bbb1bada103e55f96170f62fe6cf7b54b4019071e7072ee15
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2bf4235c36480dd023ae5a3161be4b1d3c5f4728c753788d43530cece558812
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
c8bd9aa9a411bd3248cea9f41fa191e5b57a31528dbb92663fb5191375938bcd
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbba759bdefb771d88291a93680b7d189c0c15f6b844ee02d09e0920ec0b1f45
cc21995a21274029ab122cea9429fc0024dda4a84b01bc5ad8016d20c2f7c04d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4ca27b40c13caa02e52e1db3d3457305f8c03621662ba384ac05791737083e3
d9d1390eeb36b247974f4025fa81fa573f5e91ba603a581dbf93bb4932b9a682
e0fd57c0d9537d9c9884b6a8ad8c1823800d94dcfb6a2cc988780fe65a592fe6
e1076e28bf1095b534cec675b71f48f79e71571b0d1e0b6299bfc1598a16b8b3
e3409ac09af396e35fd67c5e024386d36c52138b7541e6a4644c31a94a2d33a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e912efba4dd82b798fb061f872b0016687932d1648098f501dff644a7ad77a35
eb5dcdf3ebf8d63dacde3a898a2d15c77d39a86c9d38b79c98bc7ebe6834bbe2
f2abf7fbabe298e5823d257e48f5dc2138c6d5e0c210066f76b0067e8eda194f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6537e32263e6c49bf59bd6e4952b6bf06c8f09152c5b016365fef70e35856cf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdf7a139210ad25e0576a0721d45086e047dee38f88ba2995ce745643212c532