urlscan.io logo urlscan.io
SecurityTrails logo

www.malwarebytes.com Open in urlscan Pro
2600:9000:2156:8000:16:26c7:ff80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a4b644a128aedcbac4fff...
Effective URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197...
Submission: On November 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 5 countries across 36 domains to perform 120 HTTP transactions. The main IP is 2600:9000:2156:8000:16:26c7:ff80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.malwarebytes.com.
TLS certificate: Issued by Amazon on May 26th 2021. Valid for: a year.
This is the only time www.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 13.111.39.192 22606 (EXACT-7)
1 54 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.171.126.230 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.217.30.158 16509 (AMAZON-02)
1 35.167.213.17 16509 (AMAZON-02)
1 2600:1f18:21a... 14618 (AMAZON-AES)
1 13.35.253.91 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a03:2880:f02... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 6 142.250.184.230 15169 (GOOGLE)
1 143.204.98.67 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 143.204.98.83 16509 (AMAZON-02)
2 2a04:4e42:62::84 54113 (FASTLY)
1 51.11.20.152 8075 (MICROSOFT...)
1 34.230.123.66 14618 (AMAZON-AES)
2 2 2620:119:50e7... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 143.204.98.86 16509 (AMAZON-02)
2 2 52.212.206.16 16509 (AMAZON-02)
1 2 143.204.205.121 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 8 104.75.88.209 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.206.124.188 14618 (AMAZON-AES)
2 104.111.234.67 16625 (AKAMAI-AS)
2 3 63.33.204.129 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.136.157 54113 (FASTLY)
1 3.33.220.150 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
1 192.28.144.124 15224 (OMNITURE)
1 44.240.65.163 16509 (AMAZON-02)
120 42
2    13.111.39.192 (United States)

ASN22606 (EXACT-7, US)
PTR: click.malwarebytes.com
click.malwarebytes.com
54    2600:9000:2156:8000:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.malwarebytes.com
2    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    54.171.126.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-126-230.eu-west-1.compute.amazonaws.com
api.intellimize.co
3    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.217.30.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-30-158.eu-west-1.compute.amazonaws.com
117469143.intellimizeio.com
1    35.167.213.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-213-17.us-west-2.compute.amazonaws.com
log.intellimize.co
1    2600:1f18:21ae:6701:3334:1bf4:2185:fae6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
genesis.malwarebytes.com
1    13.35.253.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-91.fra6.r.cloudfront.net
api.demandbase.com
2    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
8019375.fls.doubleclick.net
10919923.fls.doubleclick.net
1    143.204.98.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-67.fra50.r.cloudfront.net
scripts.demandbase.com
1    2600:9000:225e:8400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    143.204.98.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-83.fra50.r.cloudfront.net
cdn.getblueshift.com
2    2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.perk0mean.com
1    34.230.123.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-123-66.compute-1.amazonaws.com
q.quora.com
2    2620:119:50e7:101::9002:e05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
api.company-target.com
2    52.212.206.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    143.204.205.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-121.fra53.r.cloudfront.net
segments.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
www.pinterest.com
www.pinterest.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:1f18:730:b110:c4cb:f288:bc78:c53b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.206.124.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-124-188.compute-1.amazonaws.com
rp4.liadm.com
2    104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com
munchkin.marketo.net
3    63.33.204.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-204-129.eu-west-1.compute.amazonaws.com
ads.avocet.io
ads.avct.cloud
2    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
805-usg-300.mktoresp.com
1    44.240.65.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-65-163.us-west-2.compute.amazonaws.com
api.getblueshift.com
Apex Domain
Subdomains		 Transfer
57 malwarebytes.com
click.malwarebytes.com
www.malwarebytes.com
genesis.malwarebytes.com
543 KB
8 doubleclick.net
8019375.fls.doubleclick.net
10919923.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
4 KB
4 pinterest.de
www.pinterest.de
14 KB
4 google.com
adservice.google.com
www.google.com
1 KB
4 pinterest.com
ct.pinterest.com
www.pinterest.com
2 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
4 KB
4 google-analytics.com
www.google-analytics.com
21 KB
3 company-target.com
api.company-target.com
segments.company-target.com
2 KB
3 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
12 KB
3 facebook.net
connect.facebook.net
133 KB
3 googletagmanager.com
www.googletagmanager.com
163 KB
3 unpkg.com
unpkg.com
4 KB
2 crazyegg.com
script.crazyegg.com
3 KB
2 avct.cloud
ads.avct.cloud
734 B
2 marketo.net
munchkin.marketo.net
6 KB
2 google.de
www.google.de
565 B
2 facebook.com
www.facebook.com
424 B
2 bidr.io
match.prod.bidr.io
1019 B
2 pinimg.com
s.pinimg.com
20 KB
2 getblueshift.com
cdn.getblueshift.com
api.getblueshift.com
3 KB
2 licdn.com
snap.licdn.com
5 KB
2 demandbase.com
api.demandbase.com
scripts.demandbase.com
17 KB
2 intellimize.co
api.intellimize.co
log.intellimize.co
163 KB
2 cookielaw.org
cdn.cookielaw.org
27 KB
1 mktoresp.com
805-usg-300.mktoresp.com
311 B
1 t.co
t.co
470 B
1 twitter.com
analytics.twitter.com
676 B
1 adsrvr.org
insight.adsrvr.org
261 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 avocet.io
ads.avocet.io
140 B
1 googleadservices.com
www.googleadservices.com
15 KB
1 rlcdn.com
id.rlcdn.com
66 B
1 quora.com
q.quora.com
424 B
1 perk0mean.com
secure.perk0mean.com
304 B
1 intellimizeio.com
117469143.intellimizeio.com
4 KB
1 onetrust.com
geolocation.onetrust.com
256 B
120 36
Domain Requested by
54 www.malwarebytes.com 1 redirects www.malwarebytes.com
www.googletagmanager.com
4 www.pinterest.de s.pinimg.com
www.malwarebytes.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.malwarebytes.com
3 ct.pinterest.com s.pinimg.com
www.malwarebytes.com
3 10919923.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.malwarebytes.com
3 8019375.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.malwarebytes.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.googletagmanager.com www.malwarebytes.com
www.googletagmanager.com
3 unpkg.com 1 redirects www.malwarebytes.com
www.googletagmanager.com
2 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 ads.avct.cloud 1 redirects
2 munchkin.marketo.net www.malwarebytes.com
munchkin.marketo.net
2 www.google.de www.malwarebytes.com
2 www.google.com www.malwarebytes.com
2 adservice.google.com 8019375.fls.doubleclick.net
10919923.fls.doubleclick.net
2 www.facebook.com www.malwarebytes.com
2 segments.company-target.com 1 redirects www.malwarebytes.com
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com 2 redirects
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 snap.licdn.com www.googletagmanager.com
2 cdn.cookielaw.org www.malwarebytes.com
cdn.cookielaw.org
2 click.malwarebytes.com 2 redirects
1 api.getblueshift.com cdn.getblueshift.com
1 805-usg-300.mktoresp.com munchkin.marketo.net
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 insight.adsrvr.org
1 static.ads-twitter.com www.malwarebytes.com
1 www.pinterest.com 1 redirects
1 ads.avocet.io 1 redirects
1 rp4.liadm.com www.malwarebytes.com
1 rp.liadm.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 id.rlcdn.com www.malwarebytes.com
1 api.company-target.com scripts.demandbase.com
1 px4.ads.linkedin.com www.malwarebytes.com
1 www.linkedin.com 1 redirects
1 q.quora.com www.malwarebytes.com
1 secure.perk0mean.com www.googletagmanager.com
1 cdn.getblueshift.com www.malwarebytes.com
1 b-code.liadm.com www.googletagmanager.com
1 scripts.demandbase.com www.malwarebytes.com
1 api.demandbase.com www.malwarebytes.com
1 genesis.malwarebytes.com www.malwarebytes.com
1 log.intellimize.co api.intellimize.co
1 117469143.intellimizeio.com api.intellimize.co
1 geolocation.onetrust.com www.malwarebytes.com
1 api.intellimize.co www.malwarebytes.com
120 51
Subject Issuer Validity Valid
www.malwarebytes.com
Amazon		 2021-05-26 -
2022-06-24		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
api.intellimize.co
Amazon		 2021-01-23 -
2022-02-21		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.intellimizeio.com
Amazon		 2021-01-23 -
2022-02-21		 a year crt.sh
log.intellimize.co
Amazon		 2021-01-22 -
2022-02-20		 a year crt.sh
*.malwarebytes.com
DigiCert SHA2 High Assurance Server CA		 2020-04-10 -
2022-05-23		 2 years crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-20 -
2022-09-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2021-10-18 -
2022-10-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.getblueshift.com
Amazon		 2021-09-08 -
2022-10-07		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
secure.norm0care.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-19		 a year crt.sh
*.quora.com
R3		 2021-11-14 -
2022-02-12		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2021-03-29 -
2022-04-06		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Frame ID: 11B9585C09F958681B0E7BF4736F6A86
Requests: 110 HTTP requests in this frame

Frame: https://117469143.intellimizeio.com/storage.html
Frame ID: 0217D773EF149D7FAD24210BC96E987D
Requests: 1 HTTP requests in this frame

Frame: https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Frame ID: 91DE111AA0F2E0AF1E234DA46C4F410A
Requests: 2 HTTP requests in this frame

Frame: https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Frame ID: D29A6D30A28CC264A64720F0C48221A7
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C2F289EBFAD82B7F713EAF43993DC3F
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 5D22C98B8E6AE30E04C4B01DE14982BB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malwarebytes Website Terms of ServiceThe official Malwarebytes logo

Page URL History Show full URLs

  1. http://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a... HTTP 301
    https://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a... HTTP 302
    https://www.malwarebytes.com/tos/?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_... HTTP 301
    https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v... Page URL

Page Statistics

120
Requests

96 %
HTTPS

45 %
IPv6

36
Domains

51
Subdomains

42
IPs

5
Countries

1167 kB
Transfer

3469 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a4b644a128aedcbac4fff80752c318c89ce8efb34 HTTP 301
    https://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a4b644a128aedcbac4fff80752c318c89ce8efb34 HTTP 302
    https://www.malwarebytes.com/tos/?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos HTTP 301
    https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://unpkg.com/aos@2.3.1/dist/aos.css?v=1820842 HTTP 302
  • https://unpkg.com/aos@2.3.1/dist/aos.css
Request Chain 64
  • https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos HTTP 302
  • https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Request Chain 76
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1638235418990%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%252Ftos%253Futm_source%253Dsfmc%2526utm_medium%253Demail%2526utm_campaign%253Db2c_pro_acq_october_csam_v2_60off_163518377197%2526utm_content%253DTos%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&liSync=true&e_ipv6=AQLyD--_swFJnAAAAX1ucLTIGZZ9eaoFxjQR1WKzm1T7IerqzKt6om1EFCI8gKMCNeGmTPiKAA
Request Chain 80
  • https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos HTTP 302
  • https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Request Chain 84
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ&verifyHash=f18000169c0db4724ac96d2751e00d5405ab4c7b
Request Chain 98
  • https://rp.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&wpn=lc-bundle&c=PHRpdGxlPk1hbHdhcmVieXRlcyBXZWJzaXRlIFRlcm1zIG9mIFNlcnZpY2U8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJCeSB1c2luZyBvdXIgU2VydmljZXMsIHlvdSBhZ3JlZSB0byBiZSBib3VuZCBieSB0aGVzZSBUZXJtcy4iPjx0aXRsZSBpZD0ibWFsd2FyZWJ5dGVzLW1haW4tbG9nby10aXRsZSI-VGhlIG9mZmljaWFsIE1hbHdhcmVieXRlcyBsb2dvPC90aXRsZT48aDE-TWFsd2FyZWJ5dGVzIFdlYnNpdGUgVGVybXMgb2YgU2VydmljZTwvaDE- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&wpn=lc-bundle&c=PHRpdGxlPk1hbHdhcmVieXRlcyBXZWJzaXRlIFRlcm1zIG9mIFNlcnZpY2U8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJCeSB1c2luZyBvdXIgU2VydmljZXMsIHlvdSBhZ3JlZSB0byBiZSBib3VuZCBieSB0aGVzZSBUZXJtcy4iPjx0aXRsZSBpZD0ibWFsd2FyZWJ5dGVzLW1haW4tbG9nby10aXRsZSI-VGhlIG9mZmljaWFsIE1hbHdhcmVieXRlcyBsb2dvPC90aXRsZT48aDE-TWFsd2FyZWJ5dGVzIFdlYnNpdGUgVGVybXMgb2YgU2VydmljZTwvaDE-&i6=MjAwMTphYzg6MjA6OTA6MTNhOjox&n3pc=true
Request Chain 104
  • https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j HTTP 307
  • https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j HTTP 307
  • https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
Request Chain 105
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.de/ct.html

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tos
www.malwarebytes.com/
Redirect Chain
  • http://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a4b644a128aedcbac4fff80752c318c89ce8efb34
  • https://click.malwarebytes.com/?qs=8abcd39d25acb5ed9e480d60c675f1839aa5a6a844675c56650c2c7911d19212a419c37a4b644a128aedcbac4fff80752c318c89ce8efb34
  • https://www.malwarebytes.com/tos/?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
  • https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
102 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afd0c61295b7464ed58698be575b0543459680ee77a1542b5276d0cc50fbaae9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
private
date
Tue, 30 Nov 2021 01:23:37 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
WUHAcPidpdsxsD9cEi6P-pU9XxdsQJBErStbVrJ9MP-SrGUFVf_uGA==

Redirect headers

content-type
text/html; charset=UTF-8
content-length
276
location
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
date
Tue, 30 Nov 2021 01:23:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
df3D0aPfvAq67JpYeJKxDpBaO20kxGAfM9ah1RHPfvbwLgtgE_OEYQ==
jquery.min.js
www.malwarebytes.com/js/library/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/library/jquery.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:04 GMT
content-encoding
gzip
etag
W/"a7c934aaaa9d71:0"
last-modified
Tue, 14 Sep 2021 20:51:28 GMT
server
Microsoft-IIS/10.0
age
702
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
r08bROD6dSmXrhrFz5NxeipNnf8ylDgOeVAWGfBd9mbB51xUHd4Nag==
9530a107-0af8-4204-a2c2-217efb78222b.js
cdn.cookielaw.org/consent/ 		140 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NyuiOqvVdJMyWTtUb2ZlDA==
age
9653
vary
Accept-Encoding
content-length
20591
x-ms-lease-status
unlocked
last-modified
Wed, 19 Aug 2020 23:29:25 GMT
server
cloudflare
etag
0x8D84497B6030FBF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
56497d15-001e-007f-3215-b646d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b604582de583743-MXP
expires
Tue, 30 Nov 2021 05:23:38 GMT
117469143.js
api.intellimize.co/client/ 		593 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.intellimize.co/client/117469143.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.126.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-126-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58d8060efe5c1915baa14d243a2109e03adf716153ca47779d550f2e91426d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:38 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-type
application/javascript;charset=utf-8
content-encoding
gzip
vary
Accept-Encoding, User-Agent
expires
0
__bundle.css
www.malwarebytes.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/__bundle.css?f=L2Nzcy9zbGljay5taW4uY3NzLC9jc3Mvc2xpY2stdGhlbWUubWluLmNzcw==
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5188a81f4367c5c6d64601d60463f54fbb233e1271b61b8f72d1d205f3948b4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:37 GMT
content-encoding
gzip
etag
W/"8787 - 0"
last-modified
Mon, 01 Jan 001 00:00:00 G1T
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=30
x-amz-cf-id
bciLoBQi87QlRwvxJQsN1XBgWckf5i62nrAy9pgH46x7eCp9LMcTlA==
bootstrap_mwb.min.css
www.malwarebytes.com/css/ 		87 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/bootstrap_mwb.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"1874e4d5d45d71:0"
last-modified
Sun, 09 May 2021 19:59:35 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jLtVJxYKxely4uVo2Damm-48Bn1B01xkrCefsHQShXM7NuUCNP3VbA==
bootstrap_overrides.min.css
www.malwarebytes.com/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/bootstrap_overrides.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82dd3077aedc1dc7221e3e5213e2728db90f833af6419a1304cbfaa2108f373d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"33dff1d46ddd71:0"
last-modified
Fri, 19 Nov 2021 05:32:24 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XozKB-70oEiz5653lWTw3egkC4dA5HG9mTt1l2uh-IOyTFvkvencMQ==
font-awesome.min.css
www.malwarebytes.com/css/ 		1 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/font-awesome.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 22:58:09 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"cc7451b3dd0d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rGojKTV3ORicFSoYy4PLn759G6Fn0og_pQGbBhTY5Ib_dNPxS6U_AQ==
fonts.min.css
www.malwarebytes.com/css/ 		7 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"1c46f8bc1841d71:0"
last-modified
Tue, 04 May 2021 19:07:33 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w3ibnK7Tbe-D_2X902LMp112PkB63P8QthSubTntaGIVxSEu6iSZIA==
styles.min.css
www.malwarebytes.com/css/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/styles.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38f1b24e7a845342569f8b1b8d4a8bd3a483ee38cb468950809109e6f55e3511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:05 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 21:16:36 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"2df8157bad9ed71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tHcXqmEKGGwOJVLncrKuY6HTDFgIG7x0QcpDfL74jtD1RY7skcdO3A==
styles_overrides.min.css
www.malwarebytes.com/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/styles_overrides.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a8e97c59e0bbb246f33b27dfb0f39fcb1e504bd5949469dc5727e10479bac891

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"fdf59837b6d5d71:0"
last-modified
Tue, 09 Nov 2021 22:07:42 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
t-NhKp-5JQtxuCy3bwsRQIQHvhFAuMyBUSPSGThJ_u2IS4d1yo9ZWg==
styles_components.min.css
www.malwarebytes.com/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/styles_components.min.css?v=1820842
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
98a171b6ab0224e2da70111793d1f6ef31f010fcd40e1cca0ccd45e94a7dddd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 20:52:03 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"aeffa795bb84d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
s18iKXX7MFHAbBOFBRFL-tXWgauvQWiAZizwGb0ID2T8i-ivy2wQmg==
aos.css
unpkg.com/aos@2.3.1/dist/
Redirect Chain
  • https://unpkg.com/aos@2.3.1/dist/aos.css?v=1820842
  • https://unpkg.com/aos@2.3.1/dist/aos.css
25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
8923343
fly-request-id
01FDD92HZBW7QVXMZWSDQFGVXK
content-encoding
br
vary
Accept-Encoding
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b60458348c35a07-MXP

Redirect headers

date
Tue, 30 Nov 2021 01:23:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01FNQ71BFA0N9E1AAZZ0Q29DGQ
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/aos@2.3.1/dist/aos.css
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b604582d8145a07-MXP
slick.min.js
www.malwarebytes.com/js/user-experience/carousel/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/user-experience/carousel/slick.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"4e8eae52aaa9d71:0"
last-modified
Tue, 14 Sep 2021 20:51:42 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
puLjr6VJfLCPQeiaH_X_iCT_37zTe0TzR5HHq77La1at27OvGy_c1Q==
popper.min.js
www.malwarebytes.com/js/user-experience/tooltip/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/user-experience/tooltip/popper.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"d864614eaaa9d71:0"
last-modified
Tue, 14 Sep 2021 20:51:35 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KYRTD9AxZxL1isL5NRmSVB-aWoWJBucI3PtVfL_qwBmJEuTuP_nQrQ==
bootstrap.min.js
www.malwarebytes.com/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/bootstrap.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:05 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 21:16:44 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"1cc9f12dad93d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
a343zf6tHX-0Tzyav2xlx-VICvPTJPv2o9G_5Vyfh0t4yOKtBs2xPw==
global_mwb.min.js
www.malwarebytes.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/global_mwb.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
423b7866225250067989c395d5834030e4a68b3566aef291add4d50e6f79454a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"1687bb4b6ddad71:0"
last-modified
Mon, 15 Nov 2021 22:08:18 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9phWVRYbyhC3Lx5Zq9gEd13Aq6SQJYrdfRoZhyFYwq0G_IzlCSS4hg==
core_ssdomvar_generic-adapter.min.js
www.malwarebytes.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/core_ssdomvar_generic-adapter.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 14:55:05 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"3a88454ce344d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QBxFx4r8w4I_rgC_Tut5ER_QO105sbMNXQnzrdfTVV_QZClYZNDgzA==
modernizr.js
www.malwarebytes.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/modernizr.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 23:10:06 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"7ecff60bc7dd71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ztn72NEJzZpowTO53yDADnhXgOHCVtQcVvzjzwB4liw0N4sUPja7cQ==
respond.min.js
www.malwarebytes.com/js/ie-fixes/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/ie-fixes/respond.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"10e31071bc7dd71:0"
last-modified
Tue, 20 Jul 2021 23:10:33 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
10vyct1_T_0H1kUzCnFQ3shj6EOXn8zh3Qw3isjmllVzgZ_HeuU-uA==
global.js
www.malwarebytes.com/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/global.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"a4be3752dbad71:0"
last-modified
Tue, 05 Oct 2021 21:07:35 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OIlJBEPAmBYsm51F-ZfBISyWJBOo9GiFfpDq-fL4I3reL6sFE6ZqIg==
global-phone.min.js
www.malwarebytes.com/js/ 		437 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/global-phone.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified
Sat, 22 May 2021 18:40:24 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
"801b64ed394fd71:0"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
437
x-amz-cf-id
grY50_0-6HncAFHb71yykoSNlJf_Zs1xc_qXKEw-cXz87d7Q1RAhTA==
xs.min.js
www.malwarebytes.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/xs.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:28 GMT
content-encoding
gzip
etag
W/"218fcb3b3745d71:0"
last-modified
Mon, 10 May 2021 00:55:55 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
QHoxYwTnoI6VrxcjtZk3oygy9PcWg-I9EoMM08tD-FAHNvtrj1eqgQ==
animate-on-scroll.min.js
www.malwarebytes.com/js/user-experience/animation/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/user-experience/animation/animate-on-scroll.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"53cb6f55aaa9d71:0"
last-modified
Tue, 14 Sep 2021 20:51:47 GMT
server
Microsoft-IIS/10.0
age
476
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MYk6n20kP0sEROxMNHwsawYPYHIPoxTHq9el6PwbBcGG8lNw3aPg-w==
__bundle.css
www.malwarebytes.com/ 		902 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/__bundle.css?f=L2Nzcy9wYWdlcy90b3MubWluLmNzcw==
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12a144d1b9940533a766692b596766dc8f8500cf6f429b3a937a9bd282368a92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag
W/"878 - 0"
last-modified
Mon, 01 Jan 001 00:00:00 G1T
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=30
content-length
902
x-amz-cf-id
RJvYHU3jDqtwx0Znxkycs7B-jYALHqFocz89hylCIzIM3gmsu27Q7A==
new.svg
www.malwarebytes.com/images/ 		1 KB
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/new.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 17:17:31 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
etag
W/"7b43235cc045d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zyGHj7O7kahQjYrNY3lTZhU55QR-a9ce_99pQRsHecQoKyfAOuegcA==
arrow.svg
www.malwarebytes.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/arrow.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"4a4c15ea34dd71:0"
last-modified
Thu, 20 May 2021 18:10:09 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GNO3H2J4ab5bQsYoIrGZGHLT9CmjbOlJHSa5-iIquUw0-2HYYaTslQ==
smb.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/website-refresh/business-nav/smb.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"83912578ce53d71:0"
last-modified
Fri, 28 May 2021 14:33:47 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
q4rE8v0XRGAY_BZvjOV7flZtuqeSuiTeszCiOv1W5q0BtlGKIEAPAw==
buy-label.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/website-refresh/business-nav/buy-label.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77d3df1a0650536bb4e87f2108eb58dd7d91c954bf188dc17f2e5a898f971bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"8874eb2b5c5dd71:0"
last-modified
Wed, 09 Jun 2021 18:20:48 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EYkanr5uB4TN1DICNasm_bjhdOPJyj8ItQnmr5cFoeQIdU5fsW2rpg==
mid-size.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/website-refresh/business-nav/mid-size.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"7965927dce53d71:0"
last-modified
Fri, 28 May 2021 14:33:56 GMT
server
Microsoft-IIS/10.0
age
698
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RxzFUrL4y2sZZz33lLiW6nTWH0zlvKPo9WMrW_Po_5pYpj0cDTq4VQ==
large-ent.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/website-refresh/business-nav/large-ent.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
content-encoding
gzip
etag
W/"8d462b7dce53d71:0"
last-modified
Fri, 28 May 2021 14:33:55 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2gCuQoAW1zAOoreRsAt2V2ktgK00mtK0sPYMiQMfANbkDnAVtt8nBg==
arrow.svg
www.malwarebytes.com/images/refreshed_homepage/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/refreshed_homepage/arrow.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:07 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 02:24:44 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
etag
W/"13eab97d5536d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
eecVhiy_RVu8VJgtbWBDMzoxlimRIv_E6ElCQffCHommEaKRoBvpRg==
call.svg
www.malwarebytes.com/images/website-refresh/business-nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/website-refresh/business-nav/call.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:12:00 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 14:33:48 GMT
server
Microsoft-IIS/10.0
age
698
x-powered-by
ASP.NET
etag
W/"fba28f78ce53d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PO63UYMM3fAfuOR4kgC_FE9Rx_eosgSpMrbw5GRl-BJGQoSwU1VfUw==
partner-icon.svg
www.malwarebytes.com/images/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/partner-icon.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"4bd440d54a36d71:0"
last-modified
Wed, 21 Apr 2021 01:08:26 GMT
server
Microsoft-IIS/10.0
age
698
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YG8q6xdOPzA8AuDH9VVt4E1bU0z8CuZ7wIE-KROqQJC_HuzgJpmhwQ==
optimus-systems.webp
www.malwarebytes.com/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/partners/optimus-systems.webp
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified
Wed, 21 Apr 2021 02:05:43 GMT
server
Microsoft-IIS/10.0
age
698
x-powered-by
ASP.NET
etag
"78bd4d65236d71:0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1832
x-amz-cf-id
Ns7paUN2VVe8qpHO5ZiMDdklyzgtg2xrvIL6a6_LETJDcR7ri55RWQ==
rsa2021.jpg
www.malwarebytes.com/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/rsa2021.jpg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:07 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag
"9c6452f84336d71:0"
last-modified
Wed, 21 Apr 2021 00:19:18 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
28006
x-amz-cf-id
ArAR5Y6qHA1tdx_YMDyJJAORNYyTV8MyBDiTJeo3DoV3N05EVwu25A==
watch-personal-icon.svg
www.malwarebytes.com/images/icons/ 		1 KB
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/watch-personal-icon.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:07 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 01:09:39 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
etag
W/"daff704b36d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w_7bDuFHOy_z1hJWGIj6nGuYL01FDyVoY5REV3YR0SLBojZ9-XHfKQ==
watch-business-icon.svg
www.malwarebytes.com/images/icons/ 		1 KB
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/watch-business-icon.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:07 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 01:09:36 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
etag
W/"969b39ff4a36d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GB_8-OrVE5WGwV4wi-tHWDoUtdN2BsU2IVMeUNwI8jFZ3aikpni00g==
privacy.svg
www.malwarebytes.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/privacy.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:07 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 00:19:15 GMT
server
Microsoft-IIS/10.0
age
211
x-powered-by
ASP.NET
etag
W/"86a81f64336d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
07hWcggcMgZflDRS8CjAoTZ15QoWrhcQLH0B6dKYhzhhjLimy32D6w==
optanon.css
cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/skins/6.4.0/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/9530a107-0af8-4204-a2c2-217efb78222b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E062TbpGx6vwVsuuNM/jFw==
age
10195
vary
Accept-Encoding
content-length
5561
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:01 GMT
server
cloudflare
etag
0x8D83F440F482A65
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b1b34e5b-301e-00ff-506c-c4e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b6045831eba3743-MXP
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 		32 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery35104010989101434952_1638235418031&_=1638235418032
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=136585140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b604586dd277034-FRA
content-length
32
gtm.js
www.googletagmanager.com/ 		286 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afd158803cd7b683c2580e97e9c2cc2eec31a49527f95c5674a4b03823b6f9f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90555
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 01:23:38 GMT
world.svg
www.malwarebytes.com/images/footer/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/footer/world.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:08 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 00:48:18 GMT
server
Microsoft-IIS/10.0
age
210
x-powered-by
ASP.NET
etag
W/"3cff4e54836d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tfk-7oeQ1du593Ym68xFzUu2zCcyp1nPtOXY2q23ujNT3738RDP4pw==
footer.min.js
www.malwarebytes.com/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/footer.min.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:20:06 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 21:05:43 GMT
server
Microsoft-IIS/10.0
age
212
x-powered-by
ASP.NET
etag
W/"b3df5a5daa67d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-A_GgiV-wPbEgfDyUbPptecsol3FqsrhOX2GuVsrHg6A4h48RQqNLw==
utilities.js
www.malwarebytes.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/utilities.js?v=136585140
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f96934c1807c0dc35bea06051f92b58a4c33f9eaa6741f0aaf695cafe747e86b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:15:42 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 22:08:28 GMT
server
Microsoft-IIS/10.0
age
476
x-powered-by
ASP.NET
etag
W/"46677516ddad71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YiB6RqmEFpv3f7Cv2OutqYEjfiNR82Sz28Fvyp3mwJ8kJT2A9fRl5g==
storage.html
117469143.intellimizeio.com/ Frame 0217 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://117469143.intellimizeio.com/storage.html
Requested by
Host: api.intellimize.co
URL: https://api.intellimize.co/client/117469143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.30.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-30-158.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6af8f29a43c21d300fc27ed7a491118857d4a7977a2fc665169e7a3936709b02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
content-type
text/html; charset=utf-8
content-length
4095
x-powered-by
Express
content-encoding
gzip
etag
W/"fff-/xschHDHXqhueNaRTDU9Kh1adbQ"
logger
log.intellimize.co/ 		3 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.intellimize.co/logger?et=pv&ieuid=03ab20e4de.1638235418&isftu=true&icip=185.232.23.183&o.pid=117469143&vs=visible&cgv=v3.e3771ff&rid=1c415246-e994-419c-9bf2-ad9df8e4afa9&pvid=ff018dfc-8beb-40da-b094-b18a91e71969&sid=1638235418-9661-85cd-8eb1ca7853c4&pid=random-policy&pts=1638235418&cs=i&hpurl=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&iuad=b4088f046bf9a570f2964ffc86d258ff&lut=1638235418266&ltz=Etc%2FUnknown&bww=1600&bwh=1200&so=landscape&ca=%7B%22user-status%22%3A%22new%22%2C%22sawDownloadPage%22%3A%22false%22%2C%22attempted-purchase%22%3A%22false%22%2C%22clicked-tax-time-sale-link%22%3A%22false%22%2C%22completed-purchase%22%3A%22false%22%7D&ia=%7B%22ts%22%3A%22EM%22%2C%22utm%22%3A%22email%22%2C%22uts%22%3A%22sfmc%22%2C%22utcn%22%3A%22Tos%22%2C%22utcm%22%3A%22b2c_pro_acq_october_csam_v2_60off_163518377197%22%7D&pids=%5B%22137696076%22%5D&aids=%5B%22187594865%22%2C%22187594907%22%2C%22187594996%22%5D
Requested by
Host: api.intellimize.co
URL: https://api.intellimize.co/client/117469143.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.213.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-213-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept
*/*
Referer
https://www.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.malwarebytes.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
wai.gif
genesis.malwarebytes.com/api/v1/ 		400 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://genesis.malwarebytes.com/api/v1/wai.gif
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=136585140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:21ae:6701:3334:1bf4:2185:fae6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
afc2052acab2a7f0a4ba58941e641e2f26895f42b595bcad04f519b5b5c64737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Nov 2021 01:23:38 GMT
access-control-allow-credentials
true
server
Apache-Coyote/1.1
access-control-allow-headers
origin, content-type, accept, authorization
access-control-allow-methods
GET, POST
content-type
application/json
graphik-regular.otf
www.malwarebytes.com/css/fonts/ 		128 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/graphik-regular.otf
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:12:21 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 14:21:31 GMT
server
Microsoft-IIS/10.0
age
677
x-powered-by
ASP.NET
etag
W/"2d511589727dd71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/otf
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TX6TpqM2-FkntO0jay6quVeYydmYZneCE7hwU8V_0YyCZ7_ThXURWw==
twitter.svg
www.malwarebytes.com/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/twitter.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
114c908673dd0a1d941aed822ee32d91137959b5e74c052a41c2bfa727fc39cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"74acb41aa67d71:0"
last-modified
Tue, 22 Jun 2021 21:04:56 GMT
server
Microsoft-IIS/10.0
age
722
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
V2deYMj_2mPI9sD2K9SUmVirIo0ks6Ir95NUcqzZVScWiM_NUiIlLw==
facebook.svg
www.malwarebytes.com/images/icons/ 		755 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/facebook.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cc66564f28ce75f1163d19a8cc24af86585ac54d0a353711e8da41870244f988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified
Tue, 22 Jun 2021 21:05:02 GMT
server
Microsoft-IIS/10.0
age
722
x-powered-by
ASP.NET
etag
"32f6f144aa67d71:0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
755
x-amz-cf-id
ZdDwsRGDrXWo2bnWt5TNJZ3OYLisyQiD7ID4Ged9TpiNH9VCVUgQ3w==
linkedin.svg
www.malwarebytes.com/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/linkedin.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d100d17da4f09eef30aa0f2710314d659524ea4860c6024487aec519da4d4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"36245c47aa67d71:0"
last-modified
Tue, 22 Jun 2021 21:05:07 GMT
server
Microsoft-IIS/10.0
age
721
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0WVzZwJsFCwv2eIMnr2hv667CuivokVPIbD8IkRf8ZCBjIlZ4KnAAg==
youtube.svg
www.malwarebytes.com/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/youtube.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
43c4be0978be63a15635e3c31e24e922069ac8863be3c1741e8b55091153d082

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:11:36 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 21:05:19 GMT
server
Microsoft-IIS/10.0
age
721
x-powered-by
ASP.NET
etag
W/"20e2a34eaa67d71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LBNFEGVCIPXsOhPR6M83RLvL94QeqlohqOTa-QB2RiBAxzuyJgaIUA==
instagram_icon.svg
www.malwarebytes.com/images/icons/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/icons/instagram_icon.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles_overrides.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:16:05 GMT
content-encoding
gzip
etag
W/"76ef21c94a36d71:0"
last-modified
Wed, 21 Apr 2021 01:08:06 GMT
server
Microsoft-IIS/10.0
age
647
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HihUErNWObxFG0U4pxygk-fDLxtefcv3dulioPlDcMm-GspxQMWGCA==
ic-search.svg
www.malwarebytes.com/images/footer/ 		601 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.malwarebytes.com/images/footer/ic-search.svg
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/styles_overrides.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/css/styles_overrides.min.css?v=1820842
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:22:29 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag
"6d56f524836d71:0"
last-modified
Wed, 21 Apr 2021 00:48:14 GMT
server
Microsoft-IIS/10.0
age
69
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
601
x-amz-cf-id
yS588GJF31u8nGXFgJFFQpyNKOUcJYBNWqb98eCvRg2pEi0353qZcg==
graphik-medium.otf
www.malwarebytes.com/css/fonts/ 		134 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/graphik-medium.otf
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 14:21:06 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
FRA50-C1
x-powered-by
ASP.NET
etag
W/"d150747a727dd71:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/otf
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
aGGoSIer5jL_LddWyFr-DerwXQiqA4dmasHEvIRZ5zD-M7TsabS9Xw==
graphik-semibold.otf
www.malwarebytes.com/css/fonts/ 		135 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/graphik-semibold.otf
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:15:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 14:21:53 GMT
server
Microsoft-IIS/10.0
age
476
x-powered-by
ASP.NET
etag
W/"5cc7ae96727dd71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/otf
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MFMHc-gb6pyCjUaRedzl0HLj3Gbg-riPVDW1XK-dTSu9I_Z7QWJ2-Q==
graphik-bold.otf
www.malwarebytes.com/css/fonts/ 		136 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/graphik-bold.otf
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:15:42 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 14:19:57 GMT
server
Microsoft-IIS/10.0
age
476
x-powered-by
ASP.NET
etag
W/"941f7751727dd71:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/otf
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BEsY9I7CPn7USWZDsROb4cv3xT8w_lVCKzxKW5RUiAS5Y0SzLws-ug==
graphik-light.otf
www.malwarebytes.com/css/fonts/ 		132 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/graphik-light.otf
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:10:25 GMT
content-encoding
gzip
etag
W/"fe63516e727dd71:0"
last-modified
Tue, 20 Jul 2021 14:20:46 GMT
server
Microsoft-IIS/10.0
age
792
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/otf
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
totZoWPij4G8Y0q6A0CXbSjQTZMtccQM6B5yBCF1aQpb40HLdYFkQw==
socicon.woff
www.malwarebytes.com/css/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/css/fonts/socicon.woff
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1

Request headers

Referer
https://www.malwarebytes.com/css/fonts.min.css?v=1820842
Origin
https://www.malwarebytes.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:03 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag
"40f92f23727dd71:0"
last-modified
Tue, 20 Jul 2021 14:18:40 GMT
server
Microsoft-IIS/10.0
age
35
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
font/x-woff
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
20472
x-amz-cf-id
ssntUL5dUV1ZGS-2wjV5Wx1toN3FxSJdx2fjLli2M-oCl7xy4_dG0w==
intl-sites.json
www.malwarebytes.com/js/ 		890 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/intl-sites.json
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=136585140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 23:52:59 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
etag
"9d93b9b04336d71:0"
last-modified
Wed, 21 Apr 2021 00:17:18 GMT
server
Microsoft-IIS/10.0
age
5438
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
890
x-amz-cf-id
BthGACErpWSv90lI41VIPSAlylddM5bJoU46WGq-VVzuM9vuE_-e-w==
ip.json
api.demandbase.com/api/v2/ 		434 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demandbase.com/api/v2/ip.json?key=5527c2aa519592df7d44a24d0105731b
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/js/library/jquery.min.js?v=136585140
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-91.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e6452e80c5b5888037f7ec5b858dc2d810a3b84fc9cc3e941336612d7896587e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:38 GMT
Identification-Source
CENTRAL
X-Amz-Cf-Pop
FRA6-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Access-Control-Max-Age
7200
Connection
keep-alive
Request-ID
56e10179-95bb-4f85-afc0-4decb181d6ee
Content-Encoding
gzip
Pragma
no-cache
Access-Control-Allow-Origin
https://www.malwarebytes.com
Server
nginx
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json;charset=utf-8
Via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Api-Version
v2
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
Ip2ojVpCL2JH2vAm1BuYiPxzw9VlUkDKT7tSXja0WsaeVwE4YzUYXA==
Expires
Mon, 29 Nov 2021 01:23:38 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=79534
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
Dg+IVKOUi/h6ExFD8dPrb4H6iwIq0fNnDQ7ARHnoZxs80VfkjELXsCpqQlYSMC/UnFM2H2ZcIEXwwUhj+jTeig==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 30 Nov 2021 01:23:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1351
date
Tue, 30 Nov 2021 01:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 30 Nov 2021 03:01:07 GMT
activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_sou...
8019375.fls.doubleclick.net/ Frame 91DE
Redirect Chain
  • https://8019375.fls.doubleclick.net/activityi;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_s...
  • https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2F...
529 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3ce7a42d1ca6eb66acc503522455352bb93b858223a58ae3fc435f6fb1a967a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 01:23:39 GMT
expires
Tue, 30 Nov 2021 01:23:39 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
419
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 01:23:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HWyTnY16.min.js
scripts.demandbase.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.demandbase.com/HWyTnY16.min.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
IE5IzYwU4gx7oNbzFWwbL4ZS6nSJjwBv
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 23:24:47 GMT
server
AmazonS3
age
822
etag
W/"c890c8c9866d4d0ee9b287e7db203091"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Tue, 30 Nov 2021 01:11:05 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LXpBsmoOCYFzIE7NZ7Ir5qSc4NYYKGgJjnxk_fMVS1hdbtwhpe63Dw==
web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
2604114
fly-request-id
01FK9KJ3TWMF7MXS5J5QY52FXB
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b6045888f735a07-MXP
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10919923
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf9501f1f609706902f28d0dbf88d5d4467357d7707fca26439ed69d2b6a8c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36005
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 01:23:38 GMT
a-06kg.min.js
b-code.liadm.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-06kg.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
c86a4ff5993b96a3a497952d1542fe93d46efdda55c98da63843694d4da41af7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:14:38 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c7.cloudfront.net (CloudFront)
server
ZIO-Http
age
14940
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-cf-id
X58i3N1knORTHmbGLose4MYmndbWrMa2a71OFoZxFbLUdQUE-dw8uA==
blueshift.js
cdn.getblueshift.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01fcf88d0ee0ff3cc10a948024394b5a87004538985081ca233b7a95ff286a12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:18:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 14 Sep 2021 21:58:07 GMT
Server
AmazonS3
Age
331
ETag
"a3a9cba0964243c154ed1cbda397de87"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1960
X-Amz-Cf-Id
YRBSlGYz9SV6E6FhaagKKWgpBe6fEyzKqg9dwX2rOcDQ81hzK3_BKw==
activityi;register_conversion=1;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%2...
8019375.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8019375.fls.doubleclick.net/activityi;register_conversion=1;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
fastly-restarts
1
x-cdn
fastly
etag
"95580b4fad0d5513b92f05a5be0d5a38"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
172061.js
secure.perk0mean.com/js/ 		16 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.perk0mean.com/js/172061.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 01:23:39 GMT
Server
Kestrel
Content-Type
text/javascript
Expires
0
Cache-Control
no-store, must-revalidate
Connection
keep-alive
Content-Length
16
Request-Context
appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
demandbase-forms.js
www.malwarebytes.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:13:26 GMT
content-encoding
gzip
etag
W/"83427fbdbc7dd71:0"
last-modified
Tue, 20 Jul 2021 23:12:41 GMT
server
Microsoft-IIS/10.0
age
619
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KTQGV3TBxaNP1MFPP29lEZrt6Pnspi-olvokk6xiPO6ivSH8yPM8PQ==
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-930356311
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e46eea5de661ca05377bb73f11b4e8eedcda50674eab9bda30fcbe8c595dc441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39654
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 01:23:38 GMT
pixel
q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/ 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/64fab857ca52427587d3bd14a8d437b7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.123.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-123-66.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,24dee90cf2381c35958cfb3a0b37593b,10.0.0.204,30256,185.232.23.183,,131707101917,1,1638235419.352,0.002,,.,0,0,0.000,0.004,-,0,0,197,222,111,10,26847,,,,,,-,
Content-Type
image/gif
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_octo...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2567940%26time%3D1638235418990%26url%3Dhttps%253A%252F%252Fwww.malwarebytes.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_octo...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_oct...
0
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&liSync=true&e_ipv6=AQLyD--_swFJnAAAAX1ucLTIGZZ9eaoFxjQR1WKzm1T7IerqzKt6om1EFCI8gKMCNeGmTPiKAA
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
HzXBV28uvBbgHYRnmCsAAA==

Redirect headers

date
Tue, 30 Nov 2021 01:23:39 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2567940&time=1638235418990&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&liSync=true&e_ipv6=AQLyD--_swFJnAAAAX1ucLTIGZZ9eaoFxjQR1WKzm1T7IerqzKt6om1EFCI8gKMCNeGmTPiKAA
x-li-proto
http/2
x-li-pop
prod-lor1
content-length
0
x-li-uuid
FknqQW8uvBagbkikwioAAA==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
j55DzG7S3Hmy47Z63uVW/+Ma6Vq++8h2YqJOSW3avPYgIooCd8NN/NvJKQThd+aRFANFyKZXPXCHFFMwNIF0Gw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 30 Nov 2021 01:23:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1480959392203028
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1480959392203028?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf22dcb03336ee1598b51fe9e0545009ffebbc736a8c94492d8f4587823ef7b0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89477
x-xss-protection
0
pragma
public
x-fb-debug
7Ngk1bLCTBHNxMjSBDb7xtV4UGKpb52afbb5S6raqddOiFvxOszA72Mf87mBJOUIu1ElUmgnZqR8mTWpxUCSRw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 30 Nov 2021 01:23:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 30 Nov 2021 02:03:49 GMT
activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Fu...
10919923.fls.doubleclick.net/ Frame D29A
Redirect Chain
  • https://10919923.fls.doubleclick.net/activityi;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%...
  • https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3...
535 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10919923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
cc66980711a9ad38d5f2b20f0068f95b8c125f2343b9527c93c64be4161a1a78
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 01:23:39 GMT
expires
Tue, 30 Nov 2021 01:23:39 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
420
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 30 Nov 2021 01:23:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;register_conversion=1;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3D...
10919923.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10919923.fls.doubleclick.net/activityi;register_conversion=1;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
main.6ae4a9fc.js
s.pinimg.com/ct/lib/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"9850391ff02e4a98b00efa3acfbbbb10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18814
access-control-expose-headers
X-CDN
ip.json
api.company-target.com/api/v2/ 		434 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&page_title=Malwarebytes%20Website%20Terms%20of%20Service&src=tag&key=5527c2aa519592df7d44a24d0105731b
Requested by
Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/HWyTnY16.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e6452e80c5b5888037f7ec5b858dc2d810a3b84fc9cc3e941336612d7896587e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
request-id
c3868560-648a-4e7c-aa91-9c00502fc9e0
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://www.malwarebytes.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
f2WlILmB0Dq8g0qG1d5_O5MPtWvvMa5O8E3PDdFIbE-fYOkslOtRpg==
expires
Mon, 29 Nov 2021 01:23:39 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ&verifyHash=f18000169c0db4724ac96d2751e00d5405ab4c7b
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ&verifyHash=f18000169c0db4724ac96d2751e00d5405ab4c7b
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
HTTP/1.1
Server
143.204.205.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-121.fra53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:39 GMT
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
15482e232e742d45
X-Amz-Cf-Id
e7WgVI7mbJwAmI4wfBUkS12qWIau2O5D7IhUHOG1p4YMjWKg1mEucg==

Redirect headers

Date
Tue, 30 Nov 2021 01:23:39 GMT
Via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=ACfRkU7DSvoAACt76DCPLQ&verifyHash=f18000169c0db4724ac96d2751e00d5405ab4c7b
Connection
keep-alive
trace-id
99ad6e31a7871c2a
Content-Length
0
X-Amz-Cf-Id
q_ilA7c_xgmxmV6qPTSlCZFVWWsM3Zyyy0ImdGxDgL-p_uccMNOmsw==
464526.gif
id.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
via
1.1 google
alt-svc
clear
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3347303-10&cid=679519356.1638235419&jid=2095506171&uid=A65D1E5F-602D-401B-A7C0-BF4F05D0CBF1&gjid=307608948&_gid=1649043589.1638235419&_u=aGBAgEAjAAAAAE~&z=1381974905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 30 Nov 2021 01:23:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.malwarebytes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=907995129&t=pageview&_s=1&dl=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&ul=en-us&de=UTF-8&dt=Malwarebytes%20Website%20Terms%20of%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=2095506171&gjid=307608948&cid=679519356.1638235419&uid=A65D1E5F-602D-401B-A7C0-BF4F05D0CBF1&tid=UA-3347303-10&_gid=1649043589.1638235419&gtm=2wgba1MKSKW3&z=426757105
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 07:20:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14378
x-xss-protection
0
server
cafe
etag
684346926396516684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 01:23:39 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&rl=&if=false&ts=1638235419116&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1638235419115.1277311301&it=1638235418998&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 30 Nov 2021 01:23:39 GMT
/
ct.pinterest.com/user/ 		509 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Atrue%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&cb=1638235419120
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.936656b8.1638235419.1734c5e4
x-envoy-upstream-service-time
1
x-pinterest-rid
1262472212452546
pin-unauth
dWlkPVptTXdaREF6TURVdFpXUTFNUzAwTmpobUxXRTBNemN0TlRabE16aGxNR1l4TkRVMA
access-control-allow-origin
https://www.malwarebytes.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
364
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614167509439&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_enabled%22%3Atrue%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1638235419120
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.936656b8.1638235419.1734c5e7
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
8556916152966431
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Dema...
adservice.google.com/ddm/fls/z/ Frame 91DE 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Requested by
Host: 8019375.fls.doubleclick.net
URL: https://8019375.fls.doubleclick.net/activityi;dc_pre=CJv018H2vvQCFQDREQgdSpsBug;src=8019375;type=conta0;cat=sitew0;ord=2338464230960;gtm=2wgba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019375.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium...
adservice.google.com/ddm/fls/z/ Frame D29A 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Requested by
Host: 10919923.fls.doubleclick.net
URL: https://10919923.fls.doubleclick.net/activityi;dc_pre=CPOI2cH2vvQCFXDeEQgdw24KOw;src=10919923;type=count;cat=malwa0;ord=1;num=7913244320800;gtm=2odba1;auiddc=193094203.1638235419;ps=1;~oref=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://10919923.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=907995129&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&ul=en-us&de=UTF-8&dt=Malwarebytes%20Website%20Terms%20of%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAjAAAAAE~&jid=&gjid=&cid=679519356.1638235419&uid=A65D1E5F-602D-401B-A7C0-BF4F05D0CBF1&tid=UA-3347303-10&_gid=1649043589.1638235419&gtm=2wgba1MKSKW3&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Frankfurt%20am%20Main&cd12=HE&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&z=257417404
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 07:20:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1638235419155&cv=9&fst=1638235419155&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&tiba=Malwarebytes%20Website%20Terms%20of%20Service&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69f392207ed80484e2172fd9e743500be58aa601af2ab923afa7097e6fc144e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1121
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=679519356.1638235419&jid=2095506171&_u=aGBAgEAjAAAAAE~&z=317977254
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3347303-10&cid=679519356.1638235419&jid=2095506171&_u=aGBAgEAjAAAAAE~&z=317977254
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3...
  • https://rp4.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%...
13 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&wpn=lc-bundle&c=PHRpdGxlPk1hbHdhcmVieXRlcyBXZWJzaXRlIFRlcm1zIG9mIFNlcnZpY2U8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJCeSB1c2luZyBvdXIgU2VydmljZXMsIHlvdSBhZ3JlZSB0byBiZSBib3VuZCBieSB0aGVzZSBUZXJtcy4iPjx0aXRsZSBpZD0ibWFsd2FyZWJ5dGVzLW1haW4tbG9nby10aXRsZSI-VGhlIG9mZmljaWFsIE1hbHdhcmVieXRlcyBsb2dvPC90aXRsZT48aDE-TWFsd2FyZWJ5dGVzIFdlYnNpdGUgVGVybXMgb2YgU2VydmljZTwvaDE-&i6=MjAwMTphYzg6MjA6OTA6MTNhOjox&n3pc=true
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Server
34.206.124.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-124-188.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:39 GMT
x-pixel-event-id
370f95e2-4551-45ce-84d2-603bd8baea09
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
0
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
d982ceb4fc27aaa3

Redirect headers

date
Tue, 30 Nov 2021 01:23:39 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1638235419177&aid=a-06kg&se=e30&duid=ff3668206ce6--01fnq71cds6252ptq146qxt61a&tna=v2.3.0&pu=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&wpn=lc-bundle&c=PHRpdGxlPk1hbHdhcmVieXRlcyBXZWJzaXRlIFRlcm1zIG9mIFNlcnZpY2U8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJCeSB1c2luZyBvdXIgU2VydmljZXMsIHlvdSBhZ3JlZSB0byBiZSBib3VuZCBieSB0aGVzZSBUZXJtcy4iPjx0aXRsZSBpZD0ibWFsd2FyZWJ5dGVzLW1haW4tbG9nby10aXRsZSI-VGhlIG9mZmljaWFsIE1hbHdhcmVieXRlcyBsb2dvPC90aXRsZT48aDE-TWFsd2FyZWJ5dGVzIFdlYnNpdGUgVGVybXMgb2YgU2VydmljZTwvaDE-&i6=MjAwMTphYzg6MjA6OTA6MTNhOjox&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.malwarebytes.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
76da0e2134341a05
request-time
2
content-length
0
x-content-type-options
nosniff
/
ct.pinterest.com/md/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.936656b8.1638235419.1734c671
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
6843500224898021
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930356311/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930356311/?random=1638235419155&cv=9&fst=1638234000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&tiba=Malwarebytes%20Website%20Terms%20of%20Service&async=1&fmt=3&is_vtc=1&random=2287351284&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930356311/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930356311/?random=1638235419155&cv=9&fst=1638234000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&tiba=Malwarebytes%20Website%20Terms%20of%20Service&async=1&fmt=3&is_vtc=1&random=2287351284&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 6C2F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.malwarebytes.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.malwarebytes.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Tue, 30 Nov 2021 01:23:39 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 01:24:07 GMT
Server
AkamaiNetStorage
ETag
"461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
s
ads.avct.cloud/
Redirect Chain
  • https://ads.avocet.io/s?add=5b8e9b462be173e55d6569fc&ty=j
  • https://ads.avct.cloud/s?r=1&add=5b8e9b462be173e55d6569fc&ty=j
  • https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
0
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
Protocol
H2
Server
63.33.204.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-204-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
content-type
application/javascript

Redirect headers

location
/s?bounce=true&r=1&add=5b8e9b462be173e55d6569fc&ty=j
date
Tue, 30 Nov 2021 01:23:40 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
100
content-type
text/html; charset=utf-8
ct.html
www.pinterest.de/ Frame 5D22
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.de/ct.html
413 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e7ab32c1ca7f896cea1810b34efeba6dce42f434f97b37023958f038ea31f82
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3575683b19236078153c725bafa61498' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1306822598903083; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3575683b19236078153c725bafa61498' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1306822598903083; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-3575683b19236078153c725bafa61498' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
143
pinterest-generated-by
coreapp-webapp-prod-0a038e1b
content-encoding
gzip
pinterest-version
6eab8f3
referrer-policy
origin
x-pinterest-rid
1306822598903083
date
Tue, 30 Nov 2021 01:23:40 GMT
content-length
282
akamai-grn
0.936656b8.1638235420.1734d36f
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.de/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
90
pinterest-generated-by
coreapp-webapp-prod-0a038288
content-encoding
gzip
pinterest-version
6eab8f3
referrer-policy
origin
x-pinterest-rid
1228166047837848
date
Tue, 30 Nov 2021 01:23:40 GMT
akamai-grn
0.936656b8.1638235420.1734d1b1
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
2893.js
script.crazyegg.com/pages/scripts/0081/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45560
cf-polished
origSize=4899
cf-ray
6b604591aca70e06-MXP
ce-version
11.1.361
last-modified
Mon, 29 Nov 2021 12:44:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=79532
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100026-IAD, cache-hhn11548-HHN
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=jtuxrxn&ct=0:fyckj1z&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 01:23:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
munchkin.js
munchkin.marketo.net/161/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/161/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 01:23:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 00:38:21 GMT
Server
AkamaiNetStorage
ETag
"0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4681
Expires
Thu, 10 Mar 2022 01:23:40 GMT
adsct
analytics.twitter.com/i/ 		31 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=544b0805-17e0-42b2-abdf-b1605062e8fa&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
105
pragma
no-cache
last-modified
Tue, 30 Nov 2021 01:23:40 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cdbe72747b2551d8921ff14b792db7d32e3d118c0914b5a9cfd494b03dc945a9
x-transaction
55778348010970cb
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1m5j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=544b0805-17e0-42b2-abdf-b1605062e8fa&tw_document_href=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
105
pragma
no-cache
last-modified
Tue, 30 Nov 2021 01:23:40 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0a532bdf0657d13b055911a3534d5e3cbf19e25716daef5097f111b5353c4221
x-transaction
f8944f2a61a0df4f
expires
Tue, 31 Mar 1981 05:00:00 GMT
visitWebPage
805-usg-300.mktoresp.com/webevents/ 		2 B
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1638235420442&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1638235420442-96542&_mchHo=www.malwarebytes.com&_mchPo=&_mchRu=%2Ftos&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dsfmc__-__utm_medium%3Demail__-__utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197__-__utm_content%3DTos
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.malwarebytes.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 30 Nov 2021 01:23:40 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
e5ef036a-6c3c-4c75-8cbf-60e250ccba25
2893.json
script.crazyegg.com/pages/data-scripts/0081/ 		752 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0081/2893.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ceffdfb3362d9876b65840188c79c8ca903b18a73255f08142d0442e2bb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45572
ce-version
11.1.361
content-length
257
timing-allow-origin
*
last-modified
Mon, 29 Nov 2021 12:44:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6b6045922aae59b9-MXP
/
www.pinterest.de/_/_/csp_report/ Frame 5D22 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?rid=1306822598903083
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-ceaae2db27184529a5b58ed2dc7303ba' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6947606494941588; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-ceaae2db27184529a5b58ed2dc7303ba' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6947606494941588; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.936656b8.1638235420.1734d59e
content-security-policy-report-only
script-src 'nonce-ceaae2db27184529a5b58ed2dc7303ba' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
154
vary
User-Agent, Accept-Encoding
x-pinterest-rid
6947606494941588
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
6eab8f3
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Tue, 30 Nov 2021 01:23:41 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03a384
/
www.pinterest.de/_/_/csp_report/ Frame 5D22 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-92542aaa95a77ecf553d20acdd1cbc6a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4563018911720717; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-92542aaa95a77ecf553d20acdd1cbc6a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4563018911720717; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.936656b8.1638235420.1734d5a2
content-security-policy-report-only
script-src 'nonce-92542aaa95a77ecf553d20acdd1cbc6a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
32
vary
User-Agent, Accept-Encoding
x-pinterest-rid
4563018911720717
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
6eab8f3
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Tue, 30 Nov 2021 01:23:40 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a039f45
/
www.pinterest.de/_/_/csp_report/ Frame 5D22 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: www.malwarebytes.com
URL: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a44d0cd5862bab569d39c2bfd3eb2865' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1642601294604943; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a44d0cd5862bab569d39c2bfd3eb2865' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1642601294604943; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.936656b8.1638235420.1734d5a5
content-security-policy-report-only
script-src 'nonce-a44d0cd5862bab569d39c2bfd3eb2865' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
28
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1642601294604943
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
6eab8f3
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Tue, 30 Nov 2021 01:23:40 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a03bbe1
unity.gif
api.getblueshift.com/ 		42 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1638235421&e=pageload&r=&z=355972&x=8739733907f9c067f09a89f919ba4a7d&k=c4bec003-3ef6-141e-3969-255d7ed23ba3&u=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.65.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-65-163.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.malwarebytes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 01:23:41 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
content-transfer-encoding
binary
content-disposition
inline; filename="unity.gif"
x-xss-protection
1; mode=block
x-request-id
d1726f39-14f0-4f8d-aa62-e8f279bda13c
x-runtime
0.016008
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS, HEAD
content-type
image/gif
pragma
no-cache
access-control-expose-headers
ETag
cache-control
no-cache, no-store
access-control-allow-headers
*,x-requested-with,Content-Type,If-Modified-Since,If-None-Match
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper string| cPubgJNt object| iOverride string| ipgvidtfr object| intellimize function| xqxQk object| iiloc object| iutmprms object| icntxtlftrs object| iMalwarebytes function| iClassExists object| global_variables function| readCookie number| appendHsh object| acceptCookies function| setCookie undefined| audience undefined| industry object| countryError string| country string| hsh object| hasVisited function| enableVpnTopBanner function| hideVpnTopBannerOnDropdownMenu function| updateVpnTopBannerTextValues function| removeVpnTopBanner object| words object| wordArray number| currentWord function| changeWord function| animateLetterOut function| animateLetterIn function| splitLetters undefined| sliderTotalCout undefined| currentSlide undefined| slidesCount undefined| sliderCounter undefined| updateSliderCounter object| $slider undefined| sliderTotalCout_video undefined| currentSlide_video undefined| slidesCount_video undefined| sliderCounter_video undefined| updateSliderCounter_video object| $slider_video function| getQSParameterByName function| cp_search boolean| paginationInit function| InitPagination function| needsCtaId function| removeSpecialCharactersFromUrl function| removeFirstAndLastSlashes function| generateSrcParam string| failed object| CTRY_CURRENCY_LIST object| MESS object| ss_dom_var object| SS object| html5 object| Modernizr boolean| alertFallback object| respond function| overlay function| getVariable boolean| isAdw function| guid string| newID object| mbuuid boolean| uuid boolean| uuidParam object| uuidCookie object| cookieSettings function| EventEmitter object| eventie function| imagesLoaded function| Cookies object| mbamFreeValues object| mbamPremiumValues object| webpageValues undefined| midCookie object| playfairLsd string| midValue boolean| xsourceValue boolean| playfairValue boolean| refpage boolean| mktoLs undefined| lsCookie undefined| xsourceCookie undefined| playfairCookie function| applyXSource function| modURLParam string| intlSitesJsonPath boolean| showGlobalBusinessBanner string| topRedBanner function| scrollToElm function| smoothScrollY function| getReferrerCode function| addParamToLink function| generate2CheckoutLink function| generateCleverbridgeLink function| generateMyAccountLink function| numberToMoney function| isCartReviewCountry function| isWebCartReviewCountry function| isEmbeddedCartReviewCountry function| ProductConfig object| MSO object| MBPricing function| adjustHeight function| equalizeElmHeight function| generateCartLink function| currency function| Popper object| AOS function| showBiz object| over100 string| css object| head object| style function| enableCookies object| gdprCountries undefined| cookiePreference object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| _linkedin_data_partner_id function| fbq function| _fbq object| _fbq_gtm_ids string| GoogleAnalyticsObject function| ga object| lead_source_url function| get_hostname function| getMainDomain function| setAttributionCookie function| getAttributionCookie object| desitnation_url_keywords string| url_query_paramters boolean| found_utm_paramters number| array_index undefined| document_referrer string| _blueshiftid object| blueshift string| qp function| pintrk number| employee_count function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| webVitals function| cwv_dlv function| gtag object| LI object| __li__evt_bus object| liQ function| __extends object| Demandbase object| __db function| DBSegment undefined| demandbaseMarketoFormId string| fieldIds object| fields function| expandFormFields function| showAllFields function| hideFormFields function| demandbaseLoaded function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| cp function| twq object| tradedeskTag object| twttr function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL string| req object| xhr

34 Cookies

Domain/Path Name / Value
.malwarebytes.com/ Name: _gcl_au
Value: 1.1.193094203.1638235419
.malwarebytes.com/ Name: gaUserID
Value: A65D1E5F-602D-401B-A7C0-BF4F05D0CBF1
.malwarebytes.com/ Name: original_referral_url
Value: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
.malwarebytes.com/ Name: most_recent_referral_url
Value: https://www.malwarebytes.com/tos?utm_source=sfmc&utm_medium=email&utm_campaign=b2c_pro_acq_october_csam_v2_60off_163518377197&utm_content=Tos
.malwarebytes.com/ Name: __gtm_campaign_url
Value: https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos
www.malwarebytes.com/ Name: over100
Value: false
.malwarebytes.com/ Name: _ga
Value: GA1.2.679519356.1638235419
.malwarebytes.com/ Name: _gid
Value: GA1.2.1649043589.1638235419
.malwarebytes.com/ Name: _li_dcdm_c
Value: .malwarebytes.com
.malwarebytes.com/ Name: _lc2_fpi
Value: ff3668206ce6--01fnq71cds6252ptq146qxt61a
.malwarebytes.com/ Name: _dc_gtm_UA-3347303-10
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmNSv8sIHLurNS8-wqLB248h9toKrDQdob30YDZB9-nCAB104crZhCmtkyM
.malwarebytes.com/ Name: _fbp
Value: fb.1.1638235419115.1277311301
.malwarebytes.com/ Name: _pin_unauth
Value: dWlkPVptTXdaREF6TURVdFpXUTFNUzAwTmpobUxXRTBNemN0TlRabE16aGxNR1l4TkRVMA
.bidr.io/ Name: bito
Value: ACfRkU7DSvoAACt76DCPLQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.facebook.com/ Name: fr
Value: 0vWPednaKeL84paXd..BhpX0b...1.0.BhpX0b.
.company-target.com/ Name: tuuid
Value: 3dde08ba-5364-4a89-8fcc-0ed99e195886
.company-target.com/ Name: tuuid_lu
Value: 1638235419
.liadm.com/ Name: lidid
Value: ccbd5a9e-5e16-400b-9dfa-f8c57795d019
.linkedin.com/ Name: UserMatchHistory
Value: AQIXmX3qhBz29gAAAX1ucLM6xPZGUgKpS02iFrQz6DFUGrwhKKiKxbYgMFOAJK1xYj0scWfKRBEuRQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIUuAs1bOep3wAAAX1ucLM66717DaygahWnh5fZ8RSxKjqsgpMGlvVMcI36hY2Ndrzo9NQUFxh4tuIiFp0bQw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&72205a9d-1159-4cfa-837b-ba94c2505867"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2502:u=1:x=1:i=1638235419:t=1638321819:v=2:sig=AQHXmaILc1V9gkrW4CHKBTFRbGzqr8nn"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202111300123398cfca905-88aa-472a-8184-2b66fa5e8132AQEZRlyvGe-GAAg5JonPR7Uha-OtY-Gb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzgyMzU0MTk7MjswMjHuTd9Xlk2hkm0NKhQKHmSEeOH3jUyTtc6AiXTo2l1aTA==
.malwarebytes.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Nov+30+2021+01%3A23%3A40+GMT%2B0000+(GMT)&version=6.4.0&landingPath=https%3A%2F%2Fwww.malwarebytes.com%2Ftos%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3Db2c_pro_acq_october_csam_v2_60off_163518377197%26utm_content%3DTos&groups=1%3A1%2C0_165071%3A1%2C101%3A1%2C2%3A1%2C3%3A1%2C102%3A1%2C103%3A1%2C4%3A1%2C104%3A1%2C105%3A1%2C106%3A1%2C107%3A1%2C109%3A1%2C110%3A1%2C112%3A1%2C113%3A1%2C114%3A1%2C115%3A1%2C116%3A1%2C117%3A1%2C118%3A1%2C0_165051%3A1%2C0_165052%3A1%2C0_165053%3A1%2C0_165054%3A1%2C0_165055%3A1%2C0_165056%3A1%2C0_165057%3A1%2C0_165058%3A1%2C0_165059%3A1%2C0_165060%3A1%2C0_165061%3A1%2C0_165062%3A1%2C0_165063%3A1%2C0_165064%3A1%2C0_165065%3A1%2C0_165066%3A1%2C0_165067%3A1%2C0_165068%3A1%2C0_165069%3A1%2C0_165070%3A1%2C0_165072%3A1%2C0_165073%3A1%2C0_165074%3A1%2C0_168809%3A1%2C0_168810%3A1%2C0_171059%3A1%2C0_171060%3A1%2C0_171061%3A1%2C0_171062%3A1%2C0_171063%3A1%2C0_171064%3A1%2C0_172264%3A1%2C0_172327%3A1%2C0_179764%3A1%2C0_172332%3A1%2C0_172328%3A1%2C0_172329%3A1%2C108%3A1%2C111%3A1
.malwarebytes.com/ Name: _mkto_trk
Value: id:805-USG-300&token:_mch-malwarebytes.com-1638235420442-96542
ads.avct.cloud/ Name: uuid
Value: df9f4037-758a-4b9d-a9cb-f03c9ddcef14
.twitter.com/ Name: personalization_id
Value: "v1_M4Pi6WrkTj6iZ8K7POIDNg=="
www.pinterest.de/ Name: _pinterest_sess
Value: TWc9PSZ0WFYvTzJMZkRkNElKVndvMEVoQjhYdHgzOTROUkRlclh5eW9Fa2E4Um05RUVEbHFkKzF2czI4ODM2NUVNREhWV3BwK0Z4UjZWdUt4cmpjc3NKUmNvT2tCT3VSUDhXY3dJeGVLdUF6bmtpVmpJZm5PVWJabUdPNk50cUJscGdjZSZGVzkvWDBOR1ZoMC9tdE42bm10WWNyVGJzNm89
.malwarebytes.com/ Name: _bs
Value: c4bec003-3ef6-141e-3969-255d7ed23ba3

4 Console Messages

Source Level URL
Text
deprecation warning URL: https://www.malwarebytes.com/js/global_mwb.min.js?v=136585140
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-3575683b19236078153c725bafa61498' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10919923.fls.doubleclick.net
117469143.intellimizeio.com
8019375.fls.doubleclick.net
805-usg-300.mktoresp.com
ads.avct.cloud
ads.avocet.io
adservice.google.com
analytics.twitter.com
api.company-target.com
api.demandbase.com
api.getblueshift.com
api.intellimize.co
b-code.liadm.com
cdn.cookielaw.org
cdn.getblueshift.com
click.malwarebytes.com
connect.facebook.net
ct.pinterest.com
genesis.malwarebytes.com
geolocation.onetrust.com
googleads.g.doubleclick.net
id.rlcdn.com
insight.adsrvr.org
log.intellimize.co
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
script.crazyegg.com
scripts.demandbase.com
secure.perk0mean.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
www.pinterest.com
www.pinterest.de
104.111.234.67
104.244.42.3
104.244.42.69
104.75.88.209
108.174.10.14
13.111.39.192
13.35.253.91
142.250.184.226
142.250.184.230
143.204.205.121
143.204.98.67
143.204.98.83
143.204.98.86
192.28.144.124
199.232.136.157
2600:1f18:21ae:6701:3334:1bf4:2185:fae6
2600:1f18:730:b110:c4cb:f288:bc78:c53b
2600:9000:2156:8000:16:26c7:ff80:93a1
2600:9000:225e:8400:8:8845:1500:93a1
2606:4700:10::6814:b844
2606:4700::6810:7eaf
2606:4700::6810:9440
2606:4700::6813:9408
2620:119:50e7:101::9002:e05
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:26f0:6c00::210:ba0a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:62::84
3.33.220.150
34.206.124.188
34.230.123.66
35.167.213.17
35.244.174.68
44.240.65.163
51.11.20.152
52.212.206.16
54.171.126.230
54.217.30.158
63.33.204.129
00fd20f4f37113eb32d3db8a5f527ff1889489442e91630283e58e792f196be8
01fcf88d0ee0ff3cc10a948024394b5a87004538985081ca233b7a95ff286a12
05369fa3ab175c5ba5e63b7c60a872a64f82ddcb1de6a950d73004ed25930e69
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
0b7b26742617990b7000c7eab02062e349a60270347495cc9a542d1578a009ad
0d8ac30d9520ce94e0246020e4bff9b6fea04f92ac0b5f09c7346104b9f5772a
0e7ab32c1ca7f896cea1810b34efeba6dce42f434f97b37023958f038ea31f82
0ed37960a59a6ec6b443f9ef043864d09a51db6fd276ae578d9166467bf986d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114c908673dd0a1d941aed822ee32d91137959b5e74c052a41c2bfa727fc39cd
12a144d1b9940533a766692b596766dc8f8500cf6f429b3a937a9bd282368a92
16278846c24958035769652757c311db3bb306a3b1ec7e4fd5625e863c8e413d
16f961e4eedc84409f706d7043ec879d9a7783c6f317640b0d97a73e98e9e8ea
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
30b410ec60b2dda5e521206ed5b3a9318922f62828db7409240f047f21593bcc
3372e9aa13d55e1687a1d47abe3027e636824d1bc8e3e11736b86691dcc3bd2c
361aabb783830d45d3de5f19c4fe47d295e11518fb0279dd99d589eea8d43319
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610
38f1b24e7a845342569f8b1b8d4a8bd3a483ee38cb468950809109e6f55e3511
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41ceffdfb3362d9876b65840188c79c8ca903b18a73255f08142d0442e2bb646
423b7866225250067989c395d5834030e4a68b3566aef291add4d50e6f79454a
428a1b8240fd924ecfa826e94d6e6852b39ee35eb12b8f5d4302da595f8efbee
43c4be0978be63a15635e3c31e24e922069ac8863be3c1741e8b55091153d082
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c93edc2e73f8f795657eee81ebeab1c19e7d0b63f63762a2d3b014b9bde8840
4d100d17da4f09eef30aa0f2710314d659524ea4860c6024487aec519da4d4f3
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5188a81f4367c5c6d64601d60463f54fbb233e1271b61b8f72d1d205f3948b4c
542f9b9f9ed17fb168e1a1ce299413085d6559f316742f95ad22a291ffd67ffc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58d8060efe5c1915baa14d243a2109e03adf716153ca47779d550f2e91426d3e
5b62da3ed3fe1c94582c2a75526716000f7361ff70c0cc41aae4ee8212735c3e
5b7149de1a843a14d74bcb45359b59016df1ab0665a4f3131da6b8b04bbe5076
5d09ea31b4f26497480482f539fdc221990ae192c8b8be5002f4f2b9bef26876
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6252f8d40b521387483f57b7d0c812912a1d59ce038fdde2bcf67cf920486cac
69f392207ed80484e2172fd9e743500be58aa601af2ab923afa7097e6fc144e1
6af8f29a43c21d300fc27ed7a491118857d4a7977a2fc665169e7a3936709b02
728054ccf1f41ec0afdb688b6db421601bb60d505d9e1e2c2de16d9e4a14b774
77d3df1a0650536bb4e87f2108eb58dd7d91c954bf188dc17f2e5a898f971bb0
7e6aa30a919ae381fbcf4d4d6f970531bf513bf0847097e7927123bf032b0f09
801ef949019934cab56a09d62e801bcf1a7390286df2fcbed0f452aa11cd1a2b
80f0eb912943ad0deab2ad7a8125b7404b726bac65dca9e6be97b063ca490662
82dd3077aedc1dc7221e3e5213e2728db90f833af6419a1304cbfaa2108f373d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8528b83134ef333f8b4f3b722f422569b5121e6fa817c9942bcbb91f5f61ea93
8a849c6ffa64946fefa17e874080dea467783d0e20857bbfbb23480739625648
8c20518cd7e51066b82e8a8a1e8035210741cf808c02268915747960f531061c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98a171b6ab0224e2da70111793d1f6ef31f010fcd40e1cca0ccd45e94a7dddd2
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5361be48e64297f23046a94801067bfcf644391c76de624cbce5560e35d660b
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
a8e97c59e0bbb246f33b27dfb0f39fcb1e504bd5949469dc5727e10479bac891
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad15e02b8d9bee31a51c502cff1977983fa2c8103b769db7ab097750f34016a9
afc2052acab2a7f0a4ba58941e641e2f26895f42b595bcad04f519b5b5c64737
afd0c61295b7464ed58698be575b0543459680ee77a1542b5276d0cc50fbaae9
afd158803cd7b683c2580e97e9c2cc2eec31a49527f95c5674a4b03823b6f9f9
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bf22dcb03336ee1598b51fe9e0545009ffebbc736a8c94492d8f4587823ef7b0
bf9501f1f609706902f28d0dbf88d5d4467357d7707fca26439ed69d2b6a8c4b
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef
c86a4ff5993b96a3a497952d1542fe93d46efdda55c98da63843694d4da41af7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabcba2fb0a11127afe1eba21cbdba800100f5a591ad7870aada8142379a955a
cc66564f28ce75f1163d19a8cc24af86585ac54d0a353711e8da41870244f988
cc66980711a9ad38d5f2b20f0068f95b8c125f2343b9527c93c64be4161a1a78
cf16a6be9c1f8d220216cd8bc2d5a7d68731c383f8a1d394c2727e7564a9ca7a
d6f36a088f7c6dc6459a02c048b23e2407bf38a5249ecbc9547be2fce143f63a
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2adf740376f608d5a3b6977b793a5e1c92c4de9e0a792921b8e24476e56c9ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce7a42d1ca6eb66acc503522455352bb93b858223a58ae3fc435f6fb1a967a
e46eea5de661ca05377bb73f11b4e8eedcda50674eab9bda30fcbe8c595dc441
e6452e80c5b5888037f7ec5b858dc2d810a3b84fc9cc3e941336612d7896587e
ec442600e3c090c1171e6d0aca38073cc048af3a7a301ec06bf933da6aa65c1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f23cbfadc8c38cbcd1a1839f692ffed84691b2458bd9f4269648576de2e310fc
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da
f8869aa9427c07872b91f3bb5485a65a0e389302f54ad6fe1b684c59d97d154a
f96934c1807c0dc35bea06051f92b58a4c33f9eaa6741f0aaf695cafe747e86b
fa07bfad3039513f81cc0551de10a79c7c823bce84a5fbfba5a547f96479a367
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3