try.malwarebytes.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=
Effective URL:
https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFN...
Submission: On October 04 via api (October 4th 2022, 8:21:29 pm UTC) from CH — Scanned from DE

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 32 domains to perform 100 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is try.malwarebytes.com.
TLS certificate: Issued by R3 on September 25th 2022. Valid for: 3 months.

This is the only time try.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	18.66.15.15 18.66.15.15	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:5200:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.240.71 99.86.240.71	16509 (AMAZON-02) (AMAZON-02)
7	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4843	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.17.47 108.138.17.47	16509 (AMAZON-02) (AMAZON-02)
17	143.204.214.226 143.204.214.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	52.203.231.66 52.203.231.66	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.30.152.75 52.30.152.75	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.215.69 143.204.215.69	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	143.204.215.129 143.204.215.129	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	104.96.148.88 104.96.148.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:206... 2600:9000:206f:8c00:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	52.17.231.22 52.17.231.22	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.245.208.72 35.245.208.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
100	42

1 104.17.73.206 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

go2.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

try.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.15.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-15.vie50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5200:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-71.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4843 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-47.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 143.204.214.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-226.fra53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.231.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-231-66.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.152.75 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-75.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-69.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-129.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.148.88 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-148-88.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8c00:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.231.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-231-22.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.245.208.72 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.208.245.35.bc.googleusercontent.com

r1.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	90 KB
8	gstatic.com fonts.gstatic.com	126 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 6423 r1.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 97533	93 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	21 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 a.clarity.ms — Cisco Umbrella Rank: 6645 c.clarity.ms — Cisco Umbrella Rank: 1219	26 KB
4	google.com www.google.com — Cisco Umbrella Rank: 19 region1.analytics.google.com — Cisco Umbrella Rank: 3900	966 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 12938	26 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 665 c.bing.com — Cisco Umbrella Rank: 426	13 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 874 script.hotjar.com — Cisco Umbrella Rank: 1166 vars.hotjar.com — Cisco Umbrella Rank: 1268 in.hotjar.com — Cisco Umbrella Rank: 2355	70 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3460	715 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	132 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171	532 B
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 2556 api.company-target.com — Cisco Umbrella Rank: 8247	2 KB
3	malwarebytes.com go2.malwarebytes.com try.malwarebytes.com www.malwarebytes.com — Cisco Umbrella Rank: 30386	25 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2855	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6929	7 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 833	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	175 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 27714	36 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	393 B
1	t.co t.co — Cisco Umbrella Rank: 550	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 544195	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 19485	203 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1198	2 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 900	98 B
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 38707	245 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 11282	19 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
100	32

	Domain	Requested by
17	d9hhrg4mnvzow.cloudfront.net	try.malwarebytes.com
8	fonts.gstatic.com	fonts.googleapis.com
7	www.google-analytics.com	try.malwarebytes.com www.google-analytics.com
7	dev.visualwebsiteoptimizer.com	try.malwarebytes.com dev.visualwebsiteoptimizer.com
4	cdn.bizible.com	www.googletagmanager.com try.malwarebytes.com cdn.bizible.com
3	www.google.de	try.malwarebytes.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com try.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	c.clarity.ms	1 redirects
2	a.clarity.ms	cdn.bizible.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	try.malwarebytes.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google.com	try.malwarebytes.com
2	px.ads.linkedin.com	2 redirects
2	munchkin.marketo.net	go2.malwarebytes.com munchkin.marketo.net
2	segments.company-target.com	1 redirects try.malwarebytes.com
2	match.prod.bidr.io	2 redirects
2	www.googletagmanager.com	try.malwarebytes.com www.googletagmanager.com
2	d34qb8suadcc4g.cloudfront.net	try.malwarebytes.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	try.malwarebytes.com
1	analytics.twitter.com
1	t.co
1	static.ads-twitter.com	go2.malwarebytes.com
1	c.bing.com	1 redirects
1	r1.visualwebsiteoptimizer.com	cdn.bizible.com
1	in.hotjar.com	cdn.bizible.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	cdn.bizibly.com	try.malwarebytes.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	try.malwarebytes.com
1	www.linkedin.com	1 redirects
1	www.malwarebytes.com	www.googletagmanager.com
1	unpkg.com	www.googletagmanager.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	try.malwarebytes.com
1	events.ub-analytics.com	try.malwarebytes.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	tag.demandbase.com	try.malwarebytes.com
1	snap.licdn.com	try.malwarebytes.com
1	static.hotjar.com	try.malwarebytes.com
1	try.malwarebytes.com	go2.malwarebytes.com
1	go2.malwarebytes.com
100	46

This site contains no links.

Subject Issuer	Validity	Valid
go2.malwarebytes.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
try.malwarebytes.com R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-14` - `2022-10-12`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
www.malwarebytes.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Frame ID: 0215ED7B98E6CD8AE772F5F1399093E1
Requests: 99 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: B287921E9ABFA50B69BEFE99823CB471
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0081/2893/site/try.malwarebytes.com.json?t=1
Frame ID: 247EFAD2E00A71170B17A1AAD119C9EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3C... Page URL
https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXl... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

100
Requests

95 %
HTTPS

42 %
IPv6

32
Domains

46
Subdomains

42
IPs

6
Countries

890 kB
Transfer

2652 kB
Size

57
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I= Page URL
https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ&verifyHash=5c5fc101d86a7a2146e17299f475baeae267ffa5

Request Chain 48

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1664914883653%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%252Fswitch-and-save%252F%253Fmkt_tok%253DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&liSync=true&e_ipv6=AQIRhp2e-1EeqQAAAYOkqQZYMaYowgclpilJcHSUm_3TS1jUP9rV6Lv5h-UzfdIl9Kkd7A-VUbpw

Request Chain 90

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&RedC=c.clarity.ms&MXFR=0D928843094E60FB0FF39A700D4E6E2D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&MUID=0A80179F14396AB1374B05AC15956B12

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=
go2.malwarebytes.com/ 539 B
1 KB 766ms
539ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-R8LaREMZ/DH9abbPu1YdsqJYwEcGtukShzsWyoaENMg=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 75509f9f5b13995d-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-R8LaREMZ/DH9abbPu1YdsqJYwEcGtukShzsWyoaENMg=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 04 Oct 2022 20:21:22 GMT
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: b36cf9255beb2df7

GET
H/1.1 200
OK Primary Request / Show response
try.malwarebytes.com/switch-and-save/ 153 KB
23 KB 221ms
49ms Document
text/html 3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 26d2a2391f5c80e8c0a3c025a07b069614d1e43c604b8607f8d35da972ef0b6f

Request headers

Referer: https://go2.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 22406
content-location: https://try.malwarebytes.com/switch-and-save/
content-type: text/html; charset=utf-8
date: Tue, 04 Oct 2022 20:21:23 GMT
etag: "a:a5b3429938c043f2bb8cff15559cf4cc"
link: <https://try.malwarebytes.com/switch-and-save/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: b6915a7c-df33-4a57-8602-8fe0f3c9e29f
x-unbounce-variant: a
x-unbounce-visitorid: a5b34299-38c0-43f2-bb8c-ff15559cf4cc

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 137ms
32ms Stylesheet
text/css 18.66.15.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-15.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 02:00:32 GMT
content-encoding: gzip
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
x-amz-version-id: 2AQj3zSW.kdmInzoSdWpR0AQxgxgO5c_
last-modified: Mon, 06 Jun 2022 23:24:03 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 9742852
etag: "e50d1ee693e25d7a1512f9322cc1259e"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: -69_ZuIKPcWesUciSBT3wtwoOC08AqXxgYJ37WuHo0u8NaBimFml-g==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 84ms
19ms Script
application/javascript 2600:9000:2057:5200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 10:02:58 GMT
content-encoding: gzip
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 5134706
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1856
x-amz-cf-id: EYGh-NGpcgyPe9IE9xlvnMERLVWX7LAocZQ3tB0RQ_sVjgjG7y8IDg==

GET
H2 200 main.bundle-384ff03.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 56ms
40ms Script
application/javascript 18.66.15.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-15.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:51:57 GMT
content-encoding: gzip
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 5401767
etag: "1825a0c47b2e38b6cf30a4072987bce1"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33495
x-amz-cf-id: Fl_GEpPy_GweWlrLNelNnPRkh5GOIl1WNp3Gy6r18YgltRi629F4og==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
4 KB 84ms
26ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&f=1&vn=1.3
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ed2b32dd78ffc0ab3ef5c4a2e1ebbbd3585b74abe957a74015f05ff4eea9ac82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1664886262"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-2233835.js Show response
static.hotjar.com/c/ 4 KB
2 KB 187ms
59ms Script
application/javascript 99.86.240.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Requested by

Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-71.vie50.r.cloudfront.net

Software

Resource Hash

b5875fd350ec0114f9a5f9d7d5567bec403e992e57ad9f87ce2d77f957460645

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 20
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f28205a1f64e27cf698d4a8e9c05a02a
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: eu_nLYmZTspghdbkutRNBepn1lkBdUIUxOMKIiujcFkz8jLq4qzOxA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
19ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 19:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3926
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 04 Oct 2022 21:15:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
97 KB 101ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29476b17c8aed2df8b060a0aa97624bc5d1eee4f476864c55a741c421210dc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98692
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Oct 2022 20:21:23 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 24ms
21ms Script
application/javascript 2600:9000:2057:5200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 04:44:06 GMT
content-encoding: gzip
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 4894638
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: p0xgxVsawsgn3pH1B5KuBUV8epv5qy73UskOjBxPVQqsMcrtfTFTEQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 116ms
30ms Script
application/x-javascript 2a02:26f0:11a::6867:4843
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4843 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74785
accept-ranges: bytes
content-length: 3063

GET
H2 200 HWyTnY16.min.js Show response
tag.demandbase.com/ 69 KB
19 KB 76ms
22ms Script
application/javascript 108.138.17.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/HWyTnY16.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-47.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

682a2bdf04b0d90132d6ec2963b95fedb972c71dff32471dfba4dca28b45522e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: kLvDncV4.StcgbwbpsZPhLvHxe67cHu8
content-encoding: gzip
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
date: Tue, 04 Oct 2022 20:15:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 364
x-cache: Hit from cloudfront
last-modified: Fri, 23 Sep 2022 16:07:59 GMT
server: AmazonS3
etag: W/"7b2a7b5e3fb7adffead3297c21c57e09"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: d_MSlfJj8mz4g-PBL_tKDtLkVlMkQB87jDUp2Tvi9L_YHByqeyHYiw==

GET
H2 200 c8aebdbf-rip-and-replace-lp-1140x344.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 29 KB
10 KB 72ms
20ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/c8aebdbf-rip-and-replace-lp-1140x344.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231b5480f3dbee04cdb9f3bffd6ec377eb09841c6693f3ae2e14d9ee8e472ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 02:54:06 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: JW.6tsm8qQsrR85r3z_r3r0vgV8i05pj
last-modified: Wed, 21 Sep 2022 13:22:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1013238
etag: W/"42a3baeaecc9e430ef373e08c62cf5ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: TVkUW81qXt0j9-Myztbxez9iGsuzJyeNjTupa-hoOqKb5hfU7uvbiQ==

GET
H2 200 7354c6c0-g2-banner-1400x450-1.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 25 KB
6 KB 75ms
24ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/7354c6c0-g2-banner-1400x450-1.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8610007330b9bb2ec79d5ac356ca2dd621d4c4296ff7d813931853962485ab35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:01:28 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: hFMOhpvFhh1S73B1Kf_Lwl7wveGiOBMc
last-modified: Wed, 14 Sep 2022 13:56:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1750796
etag: W/"bb4b9a8fc57f702210396c6e38b02a10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: cMS-z8baUHXPnb0phPo-Rz-rbtsynIFJ-AnJQARngMs_5gTuPubieQ==

GET
BLOB 200
OK 81fc3004-b737-40ac-8d51-907e6f6eab44
https://try.malwarebytes.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://try.malwarebytes.com/81fc3004-b737-40ac-8d51-907e6f6eab44
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 148ms
59ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

948f25ca27346cf34b8eb1be40b6dc88289c1515b9320b95c880370ae707b6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 20:21:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 20:21:23 GMT

GET
H2 200 5aa2a483-mwb-for-business-logo-horz-b.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 9 KB
4 KB 29ms
23ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/5aa2a483-mwb-for-business-logo-horz-b.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:41 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: lA6DPzf_QXLbjspa4xOAaApwv1_YyiaO
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794343
etag: W/"86720f295785c42af708f960cc7fcd68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: v-VXcWW-YWKUGYgAf9mAiKgj6kobpN6ctIQHc_3J_CxukpL_PPUl3g==

GET
H2 200 a0e423ac-youtube.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 781 B
1 KB 28ms
22ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/a0e423ac-youtube.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
x-amz-version-id: IYJMt_EnNa6dC.wJqBdxCwPS0du0WYPs
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: "081f067d429b3c6a78729d7deac02168"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 781
x-amz-cf-id: jzylPHWITeI9le0l6JMfdzL6tWFtmhFfSyDxyVgorYKFrtr-6nq0Eg==

GET
H2 200 f95669e3-twitter.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 1 KB
1021 B 30ms
25ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/f95669e3-twitter.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: 63y54GT2G2ATvVDai2ZyaJTBQJUW.d5L
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: W/"ddedc6e72875927b487fa5e332377f63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: arNKWmw_w-xBzaQFR10f11DQ4CBNgzbE1rbWDmdMHQrnSf8rcd0IIQ==

GET
H2 200 86f05d8f-linkedin.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 694 B
1 KB 30ms
25ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/86f05d8f-linkedin.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
x-amz-version-id: N1eaeVneJjE3IGkhAgsOAOul.Y.WIc.k
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: "b7d762d9bcb616fca18554d94802d3ee"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 694
x-amz-cf-id: h9K11NtZR4ROlXEDKfIYrbHHTvQxnLFJUWBBryScl34vZZuamPXo7w==

GET
H2 200 a41c267f-instagram.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 956 B
1 KB 35ms
28ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/a41c267f-instagram.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
x-amz-version-id: Oxys.xF5fI7QzTeoUGJ5sGlw4fXppwKz
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: "883f596fcb6f545aed6128681beba88a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 956
x-amz-cf-id: 6mtztXxrE0F1l6ndHCJ7h11xkArzVCT4tEPdPthxxgqgJNXfRjTeSA==

GET
H2 200 8cd70cf9-facebook.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 276 B
672 B 26ms
19ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/8cd70cf9-facebook.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
x-amz-version-id: RjAHIFSykL4xL0OMDTIgzGf0dj.4TsUl
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: "36e58d5d5809a35372d71afc30c8c32e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 276
x-amz-cf-id: UeBUI0Oqy-fr-lhlBuCzg1mDgh4AsjMDGGGPTbiR5fXcCoJCw9qjdw==

GET
H2 200 1d2aa2c1-check-blue.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 421 B
817 B 25ms
19ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/1d2aa2c1-check-blue.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31ebe2fbfdb73fb07b44ff7bd0e7d536be581c18523bad4bc1c452b32b7fd224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 08:40:28 GMT
x-amz-version-id: BAOaljoxj60PHH019_HLw_IkwxJOOxx1
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 17:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1942856
etag: "90f98003c801eb371a0304a69532e539"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 421
x-amz-cf-id: 2Hv656700zrgU9rZFFSnPMxEqHD8gEG5DM-v2XAtVBG5Eq01uKSF3w==

GET
H2 200 4f280080-rip-and-replace-check-32x24-1.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 639 B
1 KB 27ms
20ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/4f280080-rip-and-replace-check-32x24-1.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40121ee613a3c8cd9e3d2e188d055e1e59257e439552dd52db9d0cce7a5a23f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:23:55 GMT
x-amz-version-id: R4gz3STppO8nEqwTFXZi52GNcUhID09j
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 13:01:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1321049
etag: "a092077bf8422eb8ae522e9477cdf006"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 639
x-amz-cf-id: P43zyCB2eTa9tQWaI-kqDp1trpwuVq2A6gP-EOWJhs5g1jn-aFkAHQ==

GET
H2 200 1b33286c-mrg-effitas-certified-badges_10gp05m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 22 KB
23 KB 30ms
24ms Image
image/png 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/1b33286c-mrg-effitas-certified-badges_10gp05m000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5709905d4a5096649c4e4b687c8260bc9dc96722e807f56c9556b664bee3ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:41 GMT
x-amz-version-id: rg_jeTIWn1Ljp4sRWtE13lbFf76FiLll
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794343
etag: "ac5e5d10c1bfcdfcf9452aa50742eec3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22680
x-amz-cf-id: 51IFqeqpQe2x0fiXHOjjRyw-_bDmb7QUJCTfxhQn1RDCz2KNBsmdMw==

GET
H2 200 0c7fc7df-st-anthony-hospital-logo-navy-162x38_100000003z012009000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 971 B
1 KB 28ms
21ms Image
image/png 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/0c7fc7df-st-anthony-hospital-logo-navy-162x38_100000003z012009000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a030bbc4f3d88b75daf5583ce2edb1b3afa4949f167d853c6c7c5645e317b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:41 GMT
x-amz-version-id: YyrT_s9yaUPPf75tjzMLMzM7l2uX8Awv
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794343
etag: "e2990e780bf68aa3b3424f8c61c0ab7c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 971
x-amz-cf-id: 3SUos5G_rpTMQSvT78jiYKibpqGGnM9Q2LlzLyOvSTbPvxgznFMspg==

GET
H2 200 1f6afa7e-logitech-logo-navy-162x38_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 653 B
1 KB 35ms
28ms Image
image/png 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/1f6afa7e-logitech-logo-navy-162x38_1000000000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29bb94328b38c3b3e62c9d48b7bfefe154bae84e3d124654a48448e63e1304e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:41 GMT
x-amz-version-id: 5FKnWXtxsTz7_LoL_1PLwIxIx05s77X_
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794342
etag: "770bd1b17e254217fab53dab99d79a0b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 653
x-amz-cf-id: cFy0YkApGkNLRFQVHQLj8Vt8vYPYAN3XenopUKSSykrXi6Aht-LN1g==

GET
H2 200 da88c960-university-of-mississippi-logo-navy-162x38_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 1 KB
1 KB 33ms
26ms Image
image/png 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/da88c960-university-of-mississippi-logo-navy-162x38_1000000000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47c5ac17a591c790f88c96b8d8840f3094bfc061e30d88ec2ea1ce55f4c6dcea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:41 GMT
x-amz-version-id: RZVkf8oEFMXxwmb.FRCgNMTxZv61Lau8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794342
etag: "5be03adc5d7a9d72a93f86bb69beaf42"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1081
x-amz-cf-id: eOgti1Nbp_jsW65T1JIaEs-tSYDO0-_Woa4psUMbWk1y8e7xe6lhCw==

GET
H2 200 a3384df1-cdss-logo-navy-162x38_100000004i011000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 1 KB
2 KB 32ms
25ms Image
image/png 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/a3384df1-cdss-logo-navy-162x38_100000004i011000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d5ce0299e6ccd68ee5ed3c9218ca1f1f78b1d118c960581b4a9cda594ea9115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:42 GMT
x-amz-version-id: IUiwtCik_rvN3F.xgFQG7BSpOku917ko
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794342
etag: "cd4af3546f372f1340869e5309b4d37d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1297
x-amz-cf-id: XZ3elm0g8lHm5Q8UqGgMRHoCXEO_zjrKaiuVoDK_bplXEs3m9IcTdQ==

GET
H2 200 8bbabf4c-rip-and-replace-save50-3.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 4 KB
2 KB 34ms
28ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/8bbabf4c-rip-and-replace-save50-3.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c64ee1728da5891d0f082310c3ae78a0cad139139a4aee532aeb2bd5e7915e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:42 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: csVXmmmX7B1GIP5spzSjmZ2Auzmt0nvA
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794342
etag: W/"3580dc86aecf15f7d8987921a906a83e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: -6-fXEJVVbybbGktdI6TSGMxLB7QcK-BOTM4p3FM-HbEPDIqHfLhtg==

GET
H2 200 54b73dea-rip-and-replace-threatassessment-icon.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/ 2 KB
1 KB 34ms
27ms Image
image/svg+xml 143.204.214.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/switch-and-save/54b73dea-rip-and-replace-threatassessment-icon.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-226.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a5a4a547918f1223dc9daeb5d86284ee7027bb98b0f4ab3af4483c3dbc4c736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:55:42 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-version-id: nES2azjs5hSml9tDNWVw2DNZUnAsAOpY
last-modified: Tue, 13 Sep 2022 19:22:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1794342
etag: W/"71f7100d34e3b8d2921c5669f64abf7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: 6FWKwXSxGcCf6WWMF-5dpa1v3mjmIrSuHcaR2tcqExY1wD2ov7RL0g==

GET
H3 200 tag-5e7f5e497a3734e80ca75ea1e81f1ba4.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 172 KB
48 KB 48ms
23ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5e7f5e497a3734e80ca75ea1e81f1ba4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&f=1&vn=1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6199de9e8e3ebde2b14e96843c47640c63c57c383c7d8325d58088fcc008e77b

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Oct 2022 12:23:59 GMT
server: gfra1
etag: "633c25df-c044"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49220

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 111ms
110ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=622914&d=try.malwarebytes.com&u=DCFF5B4BE3410406902ACC37E0A50FCD3&h=2cfe15a7ef942e1919098099b0a47ce3&t=false&r=0.19730477658190093

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 27ms
26ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1981599516&t=pageview&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dp=%2Fswitch-and-save%2Fa%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=887883831&gjid=1810547281&cid=802745506.1664914884&tid=UA-3347303-10&_gid=1463952252.1664914884&_r=1&_slc=1&z=578547328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 355ms
106ms Image
image/gif 52.203.231.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1664914883553&e=pv&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&refr=https%3A%2F%2Fgo2.malwarebytes.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=079c01a1-8c1b-43d9-be23-8713a51b5988&dtm=1664914883552&vp=1600x1200&ds=1600x4069&vid=1&sid=57f3c8d2-8d4e-4f21-b4a0-a2ebc89d1971&duid=876bbf85-fb83-41bb-b516-6e383d014b54&uid=a5b34299-38c0-43f2-bb8c-ff15559cf4cc&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYjY5MTVhN2MtZGYzMy00YTU3LTg2MDItOGZlMGYzYzllMjlmIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.231.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-231-66.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Oct 2022 20:21:23 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.0.9
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ&verifyHash=5c5fc101d86a7a2146e17299f475baeae267ffa5

26 B
409 B

203ms
203ms

Image
image/gif

143.204.215.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ&verifyHash=5c5fc101d86a7a2146e17299f475baeae267ffa5
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: HTTP/1.1
Server: 143.204.215.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-69.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 20:21:24 GMT
Via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 689606587f6dc469
X-Amz-Cf-Id: lAjCnZPt0HKFHltlUFwQXWeXqC4cPwdkLXGzgqRyHTAoopJFBbYeOw==

Redirect headers

Date: Tue, 04 Oct 2022 20:21:24 GMT
Via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAEOWk7GeSwAAB_5kGX_AQ&verifyHash=5c5fc101d86a7a2146e17299f475baeae267ffa5
Connection: keep-alive
trace-id: 4d826638c4be0141
Content-Length: 0
X-Amz-Cf-Id: hYdNzxv4Ix-suHgIfuMcfpazm1WFohd4aB1AVFqufeHdhxtnxu4_jA==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 89ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=887883831&gjid=1810547281&_gid=1463952252.1664914884&_u=IEBAAEAAAAAAACAAI~&z=875792598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 449 B
947 B 123ms
68ms XHR
application/json 143.204.215.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fgo2.malwarebytes.com%2F&page=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&page_title=
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/HWyTnY16.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-129.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 78f83443e748d143a797a3f16a2e3838426f6cd4c02023c2620b7017d179eda1

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: 2ae2ad3f-fddc-4ccf-9da1-0932a0cdb42c
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://try.malwarebytes.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y0RBQe23XMI3RWEclgZPYpRYeDBBaFLD_Yak5vHBMMIxQCykqOxLAQ==
expires: Mon, 03 Oct 2022 20:21:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
78 KB 78ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dd70651954718839ee49caaa3072653f0190c19a37bdb81c767b7668ec37334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 20:21:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 71ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 20:21:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VRXefmfRDy+fDNkpGS2rLkvmgMMxm64AVD0C6LClcUd8rYC0PMh8lL8PBHQsO/tzzBRCBJBTSyllbONLzcMMxg==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 21ms
21ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Oct 2022 21:02:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 113ms
35ms Script
application/x-javascript 104.96.148.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-148-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 20:21:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 21:55:11 GMT
Server: AkamaiNetStorage
ETag: "652cf747f68f64e15276c347eb3aef37:1661464511.126488"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 740

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 97ms
40ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17319071
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FYE5SX54TJZTQVN4X3QYN0MA-fra
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75509fa71d4c6931-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 118ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Oct 2022 20:21:23 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04036147980E493396ABB53674E5FA29 Ref B: FRA31EDGE0119 Ref C: 2022-10-04T20:21:23Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 122ms
28ms Script
application/javascript 2600:9000:206f:8c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:19:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
age: 133
x-powered-by: ASP.NET
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"178b70bdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: Pl4Gabjo0usDfXqZ8gELnNDA52Sq2cJZ0y0Qs8zIkv-ScyIGAo4RSQ==

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
25 KB 92ms
20ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: gzip
last-modified: Mon, 03 Oct 2022 20:11:02 GMT
server: ECS (frb/67D4)
age: 83184
etag: "8f3894264d7d81:0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
content-length: 25492

GET
H3 200 tag-4f64337a3f012173ee32eab7139de355.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 106 KB
27 KB 23ms
23ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-4f64337a3f012173ee32eab7139de355.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5e7f5e497a3734e80ca75ea1e81f1ba4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 96f3bc71532236313c3154a8323f016b8ebda7d32dd9305438df03502f7884bd

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Oct 2022 12:23:59 GMT
server: gfra1
etag: "633c25df-6b9f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27551

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJ...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1664914883653%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJ...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TU...

0
265 B

364ms
198ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&liSync=true&e_ipv6=AQIRhp2e-1EeqQAAAYOkqQZYMaYowgclpilJcHSUm_3TS1jUP9rV6Lv5h-UzfdIl9Kkd7A-VUbpw
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 469C0596678B422C824A74771BEE53E9 Ref B: FRAEDGE1212 Ref C: 2022-10-04T20:21:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqOzRF8DTVoMQqjvDClQ==

Redirect headers

date: Tue, 04 Oct 2022 20:21:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 49D3A9D3C9F84331A19CCF1E72DD84C5 Ref B: FRAEDGE1220 Ref C: 2022-10-04T20:21:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1664914883653&url=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&liSync=true&e_ipv6=AQIRhp2e-1EeqQAAAYOkqQZYMaYowgclpilJcHSUm_3TS1jUP9rV6Lv5h-UzfdIl9Kkd7A-VUbpw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqOzRAnr9+m/Se6ab3Bw==

GET
H2 200 modules.cbd9768ba80ba0be5b17.js Show response
script.hotjar.com/ 254 KB
65 KB 68ms
20ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5657
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66229
last-modified: Tue, 04 Oct 2022 18:46:48 GMT
etag: "483a48bedf96c50163b542fb95446039"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8hkTC3vOsmdaB5WTMEl1WFDsWVFzlue47Mn8aEsV7JWMXTu_a9c7tg==

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
855 B 26ms
25ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=622914&settings_type=1&vn=7.0&exc=3|4
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5e7f5e497a3734e80ca75ea1e81f1ba4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2a8dcd8ad9d88b838d86035bc33dfd359024a0e334d1fffc9fb1ae0e08426fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1664886262"
content-type: application/javascript; charset=UTF-8
cache-control: no-cache,max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=822962652&uid=C940DECB-ED1F-40A5-A015-3A807873919D&gjid=1887743795&_gid=1463952252.1664914884&_u=aHDAgEAjAAAAAGAAI~&z=836627680

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1981599516&t=pageview&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEAjAAAAACAAI~&jid=822962652&gjid=1887743795&cid=802745506.1664914884&uid=C940DECB-ED1F-40A5-A015-3A807873919D&tid=UA-3347303-10&_gid=1463952252.1664914884&gtm=2wga30MKSKW3&z=2035830452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 13:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25313
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 162ms
70ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=887883831&_u=IEBAAEAAAAAAACAAI~&z=1334084640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 120ms
64ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=887883831&_u=IEBAAEAAAAAAACAAI~&z=1334084640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 130ms
31ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 521231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:34:12 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 193ms
95ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 16:02:47 GMT
x-content-type-options: nosniff
age: 15516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 16:02:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 137ms
39ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 521295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:33:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 165ms
67ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:42:13 GMT
x-content-type-options: nosniff
age: 470350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 09:42:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 175ms
77ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 521303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:33:00 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 199ms
102ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:38:58 GMT
x-content-type-options: nosniff
age: 520945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:38:58 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 207ms
110ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:38:58 GMT
x-content-type-options: nosniff
age: 520945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:38:58 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 184ms
87ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300italic,700,900,regular,italic,700italic%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:33:49 GMT
x-content-type-options: nosniff
age: 521254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12580
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:33:49 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 151ms
69ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=822962652&_u=aHDAgEAjAAAAAGAAI~&z=341463722

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 104ms
63ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3347303-10&cid=802745506.1664914884&jid=822962652&_u=aHDAgEAjAAAAAGAAI~&z=341463722

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 115ms
114ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-5e7f5e497a3734e80ca75ea1e81f1ba4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 04 Oct 2022 12:23:58 GMT
server: gfra1
etag: "633c25de-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 149ms
149ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=622914&u=DCFF5B4BE3410406902ACC37E0A50FCD3&s=1664914883&p=1&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221664914883706%22%2C%22r%22%3A%22https%253A%252F%252Fgo2.malwarebytes.com%252F%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Ftry.malwarebytes.com%252Fswitch-and-save%252F%253Fmkt_tok%253DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&r=0&cq=1&vn=7.0.244&vns=undefined&vno=4.0.178&_ru=https%3A%2F%2Fgo2.malwarebytes.com%2F&eTime=1664914883719&random=0.5295675753712068

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1981599516&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEAjAAAAAGAAI~&jid=&gjid=&cid=802745506.1664914884&tid=UA-3347303-10&_gid=1463952252.1664914884&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Bischberg&cd12=BY&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=1219160402

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 13:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25313
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame B287 2 KB
1 KB 100ms
18ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39195
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-id: CeyM66E3gnB6fnA_nizg3CBA7oNGj5svBPN-cFH4DxEF5JZlf1Xh4g==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 42ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 20:21:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QKYgUNXn4B8zm1yU8I1oAjmZVkvPjxTuoNlo9ULal2tsUEk3Iv+Xbg1tFEMvSDL2hOYMLllw2ButMSgcJaUIBQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

922fc02104569946c7d2bee00caac561ddfe909a3f3040850331c37da5b7adc5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Oct 2022 20:21:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86741
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nP8WIFB1TbCEVsaCeKhLUrSCxXDI5ICdLh8seo159kzBn8bwaStlAWRXxdgrVBHgB19vIXYM7PXNNRJd614P6w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
341 B 90ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=2oea30&_p=1981599516&_gaz=1&cid=802745506.1664914884&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F&sid=1664914883&sct=1&seg=0&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 79ms
26ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=802745506.1664914884&gtm=2oea30&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
65ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=802745506.1664914884&gtm=2oea30&aip=1&z=1680166844

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 38ms
37ms Script
application/x-javascript 104.96.148.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.148.88 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-148-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 20:21:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4681
Expires: Thu, 12 Jan 2023 20:21:23 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
309 B 20ms
19ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fgo2.malwarebytes.com%2F&_biz_h=-1906410348&_biz_u=1322074571f54765cb470c172b54283b&_biz_s=7f13ff&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&_biz_t=1664914883838&_biz_i=&_biz_n=0&rnd=197417&cdn_o=a&_biz_z=1664914883839
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
last-modified: Wed, 28 Sep 2022 14:12:01 GMT
server: ECS (frb/6760)
age: 540562
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 kvp
cdn.bizible.com/m/ 43 B
202 B 20ms
20ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/kvp?data=%7B%22ABTest%22%3A%5B%7B%22Exp%22%3A%7B%22Name%22%3A%22Heatmap%22%2C%22Id%22%3A%223%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22website%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22DCFF5B4BE3410406902ACC37E0A50FCD3%22%7D%2C%7B%22Exp%22%3A%7B%22Name%22%3A%22Visitor%20Sessions%20Recorded%22%2C%22Id%22%3A%224%22%7D%2C%22Var%22%3A%7B%22Name%22%3A%22website%22%2C%22Id%22%3A%221%22%7D%2C%22U%22%3A%22DCFF5B4BE3410406902ACC37E0A50FCD3%22%7D%5D%7D&_biz_u=1322074571f54765cb470c172b54283b&_biz_s=7f13ff&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&_biz_t=1664914883841&_biz_i=&_biz_n=1&rnd=449353&cdn_o=a&_biz_z=1664914883841
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
last-modified: Mon, 03 Oct 2022 03:38:18 GMT
server: ECS (frb/67F2)
age: 146585
x-cache: HIT
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 20ms
20ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=1322074571f54765cb470c172b54283b&_biz_s=7f13ff&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&_biz_t=1664914883842&_biz_i=&rnd=117646&cdn_o=a&_biz_z=1664914883842
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:23 GMT
last-modified: Thu, 29 Sep 2022 23:58:32 GMT
server: ECS (frb/67C2)
age: 418971
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 4072696.js Show response
bat.bing.com/p/action/ 1 KB
842 B 50ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f8e7ea877628b0e6f911e3dd6b024e2a5d1f98794e5a23d653a1321eae5f9f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Oct 2022 20:21:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D529213F1152460B8023A366A88D31AB Ref B: FRA31EDGE0119 Ref C: 2022-10-04T20:21:23Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
176 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=06a383be-98c6-41df-ac04-d0696831f825&sid=1ddce2a0442211ed9fa853cdeffa92bc&vid=1ddcff60442211edaae487158770676b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&r=https%3A%2F%2Fgo2.malwarebytes.com%2F&lt=487&evt=pageLoad&sv=1&rn=936964

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Oct 2022 20:21:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69D9F641A7BB4B0F9359825C3EF2C851 Ref B: FRA31EDGE0119 Ref C: 2022-10-04T20:21:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
419 B 152ms
152ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=1322074571f54765cb470c172b54283b&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 05e8a226f3437a0dc83a6e6d99c7ee33b6a83b44b4b087bff1d3e0e4e2717980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Tue, 04 Oct 2022 20:21:23 GMT
cache-control: private, must-revalidate, max-age=21600
server: ECS (frb/6711)
etag: 1015965F
content-length: 116
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 72ms
20ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&rl=https%3A%2F%2Fgo2.malwarebytes.com%2F&if=false&ts=1664914883932&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1664914883931.1838730927&it=1664914883793&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 20:21:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 533ms
109ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1664914883936&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1664914883935-27957&mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&_mchHo=try.malwarebytes.com&_mchPo=&_mchRu=%2Fswitch-and-save%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fgo2.malwarebytes.com%2F&_mchQp=mkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 20:21:24 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 561df8a3-e87c-40a7-858b-817458ab02ce

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2233835/ 147 B
322 B 159ms
49ms XHR
application/json 52.17.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2233835/visit-data?sv=6
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.231.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-231-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 04 Oct 2022 20:21:24 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 4072696 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 297ms
145ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4072696
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4072696.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 12b6c16631d1bba0597b7b31d516f95f7e66d3680e0d8d91e96acae59ec97416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 04 Oct 2022 20:21:23 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0xJU8YwAAAAA4JS15FZpXSKW/e/YdS/oUQlJVMzBFREdFMDcxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-d/s/0.6.42/ 53 KB
23 KB 118ms
118ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-d/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4072696
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:23 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d770d65a4bd4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0xJU8YwAAAAB/btKnNptbTrfGOJ08ZocgQlJVMzBFREdFMDcxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
BLOB 200
OK 2dee5726-5fe9-4534-a427-16b85386a1b7
https://try.malwarebytes.com/ 47 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://try.malwarebytes.com/2dee5726-5fe9-4534-a427-16b85386a1b7
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/switch-and-save/?mkt_tok=ODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 47679
Content-Type: text/javascript

POST
H2 200 analyze Show response
r1.visualwebsiteoptimizer.com/ 0
143 B 436ms
212ms XHR
application/javascript 35.245.208.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.visualwebsiteoptimizer.com/analyze?_a=622914&_u=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.245.208.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.208.245.35.bc.googleusercontent.com
Software: r1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDN9hAqJl8krIVAMr

Response headers

access-control-allow-origin: *
date: Tue, 04 Oct 2022 20:21:24 GMT
content-encoding: gzip
server: r1
content-type: application/javascript; charset=UTF-8

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 156ms
20ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&rl=https%3A%2F%2Fgo2.malwarebytes.com%2F&if=false&ts=1664914884444&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1664914883931.1838730927&it=1664914883793&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Oct 2022 20:21:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect Show response
a.clarity.ms/ 0
161 B 680ms
344ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://try.malwarebytes.com
date: Tue, 04 Oct 2022 20:21:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&RedC=c.clarity.ms&MXFR=0D928843094E60FB0FF39A700D4E6E2D
https://c.clarity.ms/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&MUID=0A80179F14396AB1374B05AC15956B12

42 B
368 B

40ms
39ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&MUID=0A80179F14396AB1374B05AC15956B12
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:24 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7170992F82A4B2699A1046033465DA6 Ref B: FRA31EDGE0119 Ref C: 2022-10-04T20:21:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B5B688C63C5A49D7A83D48C30FCFD69C&MUID=0A80179F14396AB1374B05AC15956B12
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 2893.js Show response
script.crazyegg.com/pages/scripts/0081/ 6 KB
2 KB 88ms
35ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aae97faedf17b2c0000fa504dc145bee19851bcceef8d514fbaf6c8df4ef735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 27034
cf-polished: origSize=5675
ce-version: 11.4.21
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 12:50:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 75509fad58619be8-FRA

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 219ms
31ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:24 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kiad7000104-IAD, cache-vie6350-VIE

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1981599516&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=25%20percent&_u=aHDAgEAjAAAAAGAAI~&jid=&gjid=&cid=802745506.1664914884&uid=C940DECB-ED1F-40A5-A015-3A807873919D&tid=UA-3347303-10&_gid=1463952252.1664914884&gtm=2wga30MKSKW3&z=1776947911

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 13:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25314
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1981599516&t=timing&_s=3&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1617&pdt=5&dns=123&rrt=1&srt=49&tcp=48&dit=487&clt=487&_gst=393&_gbt=516&_cst=395&_cbt=569&_u=aHDAAEAjAAAAAGAAI~&jid=&gjid=&cid=802745506.1664914884&tid=UA-3347303-10&_gid=1463952252.1664914884&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Bischberg&cd12=BY&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=131449435

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 13:19:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25314
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 try.malwarebytes.com.json Show response
script.crazyegg.com/pages/data-scripts/0081/2893/site/ Frame 247E 232 B
478 B 81ms
42ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0081/2893/site/try.malwarebytes.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0081/2893.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60aa32b9acadd842efa211cbcf8679eb952f36f222395ad90544f022a8550d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 20:21:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 26450
ce-version: 11.4.21
content-length: 208
last-modified: Tue, 04 Oct 2022 13:00:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75509fadeef59a2a-FRA

GET
H2 200 adsct
t.co/i/ 43 B
377 B 191ms
125ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=54a31db3-808e-496a-a24d-a25d16f62160&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79f36ac8-108c-460b-ad19-73e170a80c6e&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 04 Oct 2022 20:21:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5795e7947939dee2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8c2431c0fd299fc216172fcf69c8de14bddda45f735f6a09ff0ea2c09148472a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 193ms
133ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=54a31db3-808e-496a-a24d-a25d16f62160&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79f36ac8-108c-460b-ad19-73e170a80c6e&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F%3Fmkt_tok%3DODA1LVVTRy0zMDAAAAGHQTKHFSbLgts8bt8J-Z--60S6TUJyNXlwSmcNDmNd8sFKD20YSFNBxB4p594TBoc-HK5sNHSJrjyeGEL4OkDoGSLibIVBVZRrb-_NtmpdUgKHmrRW&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 04 Oct 2022 20:21:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f8e935a85d218305
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8840a327f79e92c417bde8b6a4d421c2b1f71b8ee6ff9e9fc04a55384ec1ab7b
content-length: 43

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 103ms
102ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://try.malwarebytes.com
date: Tue, 04 Oct 2022 20:21:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 67ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=2oea30&_p=1981599516&cid=802745506.1664914884&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AC&_z=ccd.v9B&_s=2&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fswitch-and-save%2F&sid=1664914883&sct=1&seg=0&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dt=&en=API%20Resolution&ep.event_category=Demandbase&ep.event_label=IP%20API&_et=62
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 20:21:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
try.malwarebytes.com/switch-and-save/	1970-01-20 10:53:32	Name: ubpv Value: a%2Cb6915a7c-df33-4a57-8602-8fe0f3c9e29f
.malwarebytes.com/switch-and-save	1970-01-20 15:14:10	Name: gaUserID Value: C940DECB-ED1F-40A5-A015-3A807873919D
.go2.malwarebytes.com/	1970-01-20 06:28:36	Name: __cf_bm Value: wmxQ4DJeBtww8rCynkoa02iOZUnCQo8z49zmdq07C8k-1664914882-0-Ack887vp5kJbxoiHxiIBBIGLJvJTfJ5SsS+j0VEODG6V67h2VDmEOgpfHdQ3m6GcVFGjm31g8G+QsQYNXFUkXaI=
try.malwarebytes.com/	1970-01-20 10:47:46	Name: ubvs Value: a5b34299-38c0-43f2-bb8c-ff15559cf4cc
.malwarebytes.com/	1970-01-20 06:32:54	Name: ubvt Value: a5b34299-38c0-43f2-bb8c-ff15559cf4cc
.try.malwarebytes.com/	1970-01-20 15:15:37	Name: _vwo_uuid_v2 Value: DCFF5B4BE3410406902ACC37E0A50FCD3\|2cfe15a7ef942e1919098099b0a47ce3
.malwarebytes.com/	1970-01-20 06:30:01	Name: _gid Value: GA1.2.1463952252.1664914884
.malwarebytes.com/	1970-01-20 06:28:34	Name: _gat Value: 1
.malwarebytes.com/	1969-12-31 23:59:59	Name: __gtm_referrer Value: https%3A%2F%2Fgo2.malwarebytes.com%2F
.malwarebytes.com/	1970-01-20 08:52:34	Name: _vis_opt_s Value: 1%7C
.malwarebytes.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.malwarebytes.com/	1970-01-20 16:04:34	Name: _vwo_uuid Value: DCFF5B4BE3410406902ACC37E0A50FCD3
.malwarebytes.com/	1970-01-20 06:28:34	Name: _dc_gtm_UA-3347303-10 Value: 1
.malwarebytes.com/	1970-01-20 06:28:36	Name: _vwo_sn Value: 0%3A1%3Ar1.visualwebsiteoptimizer.com%3A1%3A1
.malwarebytes.com/	1970-01-20 08:38:10	Name: _vwo_ds Value: 3%3At_1%2Ca_1%3A0%241664914883%3A71.56839592%3A%3A%3A4_1%2C3_1%3A0
.bing.com/	1970-01-20 15:50:10	Name: MUID Value: 0A80179F14396AB1374B05AC15956B12
.malwarebytes.com/	1970-01-20 16:04:34	Name: _ga_K8KCHE3KSC Value: GS1.1.1664914883.1.0.1664914883.60.0.0
.malwarebytes.com/	1970-01-20 15:14:10	Name: _biz_uid Value: 1322074571f54765cb470c172b54283b
.malwarebytes.com/	1970-01-20 06:28:36	Name: _biz_sid Value: 7f13ff
.malwarebytes.com/	1970-01-20 15:14:10	Name: _biz_nA Value: 2
.bizible.com/	1970-01-20 15:14:10	Name: _BUID Value: 1322074571f54765cb470c172b54283b
.bizibly.com/	1970-01-20 15:14:10	Name: _BUID Value: 245f0a6bbde6f14658ea66cc3e845d1a
.bidr.io/	1970-01-20 15:57:08	Name: bito Value: AAEOWk7GeSwAAB_5kGX_AQ
.bidr.io/	1970-01-20 15:57:08	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 07:11:46	Name: UserMatchHistory Value: AQL1EYHhB0DqegAAAYOkqQTa2cby1MiS3yhyEL3PRdx4JvD1YDBFo73DUnmkZAZoKklSK8UvVvdlyA
.linkedin.com/	1970-01-20 07:11:46	Name: AnalyticsSyncHistory Value: AQL697MT216dywAAAYOkqQTaMabCoZ3J2AyZLjq906yvx17tQPe3oBV-NQ1KI8gkVn-c6XCi5lJhJp5rbggAhQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:14:10	Name: bcookie Value: "v=2&5e308323-a6ba-4f41-87a8-9adcf2ce1c99"
.linkedin.com/	1970-01-20 06:30:01	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2852:u=1:x=1:i=1664914883:t=1665001283:v=2:sig=AQF-cY-U8Ela0UuX9HZE56Rdq_QL3XCH"
.malwarebytes.com/	1970-01-20 06:30:01	Name: _uetsid Value: 1ddce2a0442211ed9fa853cdeffa92bc
.malwarebytes.com/	1970-01-20 15:50:10	Name: _uetvid Value: 1ddcff60442211edaae487158770676b
.malwarebytes.com/	1970-01-20 15:14:10	Name: _biz_pendingA Value: %5B%5D
.malwarebytes.com/	1970-01-20 15:14:10	Name: _biz_ABTestA Value: %5B1568091%5D
.malwarebytes.com/	1970-01-20 08:38:10	Name: _fbp Value: fb.1.1664914883931.1838730927
.malwarebytes.com/	1970-01-20 16:04:34	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1664914883935-27957
.malwarebytes.com/	1970-01-20 15:14:10	Name: _hjSessionUser_2233835 Value: eyJpZCI6IjdjNmRjM2ViLThiNGMtNTI5Mi1hNDQxLTM1Njk2NGJhY2YyZCIsImNyZWF0ZWQiOjE2NjQ5MTQ4ODM4NzEsImV4aXN0aW5nIjpmYWxzZX0=
.malwarebytes.com/	1970-01-20 06:28:36	Name: _hjFirstSeen Value: 1
try.malwarebytes.com/	1970-01-20 06:28:35	Name: _hjIncludedInSessionSample Value: 0
.malwarebytes.com/	1970-01-20 06:28:36	Name: _hjSession_2233835 Value: eyJpZCI6IjVhZmMxNDhjLWM1NDktNDEzNy04YzgzLWI3OTdjZGU2NmM1MSIsImNyZWF0ZWQiOjE2NjQ5MTQ4ODM5MzcsImluU2FtcGxlIjpmYWxzZX0=
try.malwarebytes.com/	1970-01-20 06:28:35	Name: _hjIncludedInPageviewSample Value: 1
.malwarebytes.com/	1970-01-20 06:28:36	Name: _hjAbsoluteSessionInProgress Value: 0
.malwarebytes.com/	1970-01-20 15:14:10	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.company-target.com/	1970-01-20 16:04:34	Name: tuuid Value: 9daeb30e-d875-42d4-98a2-907b75bfa978
.company-target.com/	1970-01-20 16:04:34	Name: tuuid_lu Value: 1664914884
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:14:10	Name: bscookie Value: "v=1&20221004202123e240d5c0-30f6-4eb6-80f1-8201a587c4bcAQETBhu_IYle1te5zI83oGMwsIBPE3H7"
.linkedin.com/	1970-01-20 10:47:46	Name: li_gc Value: MTswOzE2NjQ5MTQ4ODM7MjswMjESlvTrk3jZ64S7T4QhL/89pBxgVNguWNj7vOHELyJ0tw==
www.clarity.ms/	1970-01-20 15:14:10	Name: CLID Value: 53c5e7ce74d34e038e42b64ba9f53de8.20221004.20231004
.malwarebytes.com/	1970-01-20 15:14:10	Name: _clck Value: 1lnd03j\|1\|f5f\|0
.malwarebytes.com/	1970-01-20 16:04:34	Name: _ga Value: GA1.2.802745506.1664914884
.c.bing.com/	1970-01-20 15:50:10	Name: SRM_B Value: 0A80179F14396AB1374B05AC15956B12
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:50:10	Name: MUID Value: 0A80179F14396AB1374B05AC15956B12
.c.clarity.ms/	1970-01-20 06:28:35	Name: ANONCHK Value: 0
.t.co/	1970-01-20 16:04:34	Name: muc_ads Value: 73d17fd1-cb45-4809-9347-125307c4f410
.twitter.com/	1970-01-20 16:04:34	Name: personalization_id Value: "v1_sskIxeF2aqzeUudi1zqk6A=="
.malwarebytes.com/	1970-01-20 06:30:01	Name: _clsk Value: xfelgu\|1664914885225\|1\|1\|a.clarity.ms/collect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGHQTKHFRfxiYdHt8zRnFVdjC4zPWBOz-R3-dWl8NXxWOlO2IuJldVK9S3CEZt22ONj7Mbvn4I= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-R8LaREMZ/DH9abbPu1YdsqJYwEcGtukShzsWyoaENMg=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
a.clarity.ms
analytics.twitter.com
api.company-target.com
bat.bing.com
builder-assets.unbounce.com
c.bing.com
c.clarity.ms
cdn.bizible.com
cdn.bizibly.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
go2.malwarebytes.com
id.rlcdn.com
in.hotjar.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
r1.visualwebsiteoptimizer.com
region1.analytics.google.com
script.crazyegg.com
script.hotjar.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
try.malwarebytes.com
unpkg.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.malwarebytes.com
104.17.73.206
104.244.42.131
104.244.42.133
104.45.184.134
104.96.148.88
108.138.17.47
13.107.42.14
143.204.214.226
143.204.215.118
143.204.215.129
143.204.215.69
152.195.15.58
18.66.15.15
192.28.144.124
199.232.16.157
20.234.93.27
2001:4860:4802:34::178
2001:4860:4802:34::36
2600:9000:2057:5200:1d:11cf:5800:93a1
2600:9000:206f:8c00:16:26c7:ff80:93a1
2606:4700::6810:7eaf
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:400c:c00::9b
2a00:1450:400d:807::2004
2a00:1450:400d:807::200a
2a00:1450:400d:80d::2003
2a02:26f0:11a::6867:4843
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.202.50
34.96.102.137
35.244.174.68
35.245.208.72
52.17.231.22
52.203.231.66
52.30.152.75
99.86.240.71
99.86.4.101
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
05e8a226f3437a0dc83a6e6d99c7ee33b6a83b44b4b087bff1d3e0e4e2717980
0a5a4a547918f1223dc9daeb5d86284ee7027bb98b0f4ab3af4483c3dbc4c736
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
12b6c16631d1bba0597b7b31d516f95f7e66d3680e0d8d91e96acae59ec97416
1dd70651954718839ee49caaa3072653f0190c19a37bdb81c767b7668ec37334
2231b5480f3dbee04cdb9f3bffd6ec377eb09841c6693f3ae2e14d9ee8e472ab
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
26d2a2391f5c80e8c0a3c025a07b069614d1e43c604b8607f8d35da972ef0b6f
29476b17c8aed2df8b060a0aa97624bc5d1eee4f476864c55a741c421210dc70
29bb94328b38c3b3e62c9d48b7bfefe154bae84e3d124654a48448e63e1304e4
2a8dcd8ad9d88b838d86035bc33dfd359024a0e334d1fffc9fb1ae0e08426fdd
2d5ce0299e6ccd68ee5ed3c9218ca1f1f78b1d118c960581b4a9cda594ea9115
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31ebe2fbfdb73fb07b44ff7bd0e7d536be581c18523bad4bc1c452b32b7fd224
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
40121ee613a3c8cd9e3d2e188d055e1e59257e439552dd52db9d0cce7a5a23f6
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
47c5ac17a591c790f88c96b8d8840f3094bfc061e30d88ec2ea1ce55f4c6dcea
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
60aa32b9acadd842efa211cbcf8679eb952f36f222395ad90544f022a8550d3f
618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434
6199de9e8e3ebde2b14e96843c47640c63c57c383c7d8325d58088fcc008e77b
652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4
682a2bdf04b0d90132d6ec2963b95fedb972c71dff32471dfba4dca28b45522e
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
78f83443e748d143a797a3f16a2e3838426f6cd4c02023c2620b7017d179eda1
7aae97faedf17b2c0000fa504dc145bee19851bcceef8d514fbaf6c8df4ef735
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f
8610007330b9bb2ec79d5ac356ca2dd621d4c4296ff7d813931853962485ab35
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
922fc02104569946c7d2bee00caac561ddfe909a3f3040850331c37da5b7adc5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
948f25ca27346cf34b8eb1be40b6dc88289c1515b9320b95c880370ae707b6bb
96f3bc71532236313c3154a8323f016b8ebda7d32dd9305438df03502f7884bd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5875fd350ec0114f9a5f9d7d5567bec403e992e57ad9f87ce2d77f957460645
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c5a030bbc4f3d88b75daf5583ce2edb1b3afa4949f167d853c6c7c5645e317b9
c64ee1728da5891d0f082310c3ae78a0cad139139a4aee532aeb2bd5e7915e26
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ed2b32dd78ffc0ab3ef5c4a2e1ebbbd3585b74abe957a74015f05ff4eea9ac82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053
f5709905d4a5096649c4e4b687c8260bc9dc96722e807f56c9556b664bee3ff5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8e7ea877628b0e6f911e3dd6b024e2a5d1f98794e5a23d653a1321eae5f9f95
fe62ffc3dd7627c8b0d34b70fe45c7b14dd38c89c66cca13b2e4c71360e42e91

try.malwarebytes.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

95 %HTTPS

42 %IPv6

32 Domains

46 Subdomains

42 IPs

6 Countries

890 kBTransfer

2652 kBSize

57 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

try.malwarebytes.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

95 %
HTTPS

42 %
IPv6

32
Domains

46
Subdomains

42
IPs

6
Countries

890 kB
Transfer

2652 kB
Size

57
Cookies

100 HTTP transactions
1 data transactions