cloud.malwarebytes.com
Open in
urlscan Pro
13.225.78.25
Public Scan
URL:
https://cloud.malwarebytes.com/download?t=U6b0JfCKH9gdfHFdTSINQwr9VMdDSFPvReMBD_A5tzljq6jG-jDJsa6OENr9BeTaIw2zZ4Y5AGldyGOJMsZ83...
Submission: On October 06 via manual from US — Scanned from DE
Submission: On October 06 via manual from US — Scanned from DE
Summary
This website contacted 19 IPs
in 5 countries
across 13 domains to perform 42 HTTP transactions.
The main IP is 13.225.78.25, located in
United States and
belongs to AMAZON-02, US.
The main domain is cloud.malwarebytes.com.
The Cisco Umbrella rank of the primary domain is 3350.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 17th 2022. Valid for: a year.
This is the only time cloud.malwarebytes.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 17th 2022. Valid for: a year.
This is the only time cloud.malwarebytes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Size: 22 MB (22872064 bytes, 93% done)
Downloaded from: https://nebula-agent-installers-mb-prod.s3.amazonaws.com/714a4681-904e-4f46-9f0b-d5c789a62aa5/epa-win/1.2.986/Setup.MBEndpointAgent.x64.msi?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASTSHMMBVCATXFDMF%2F20221006%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221006T175814Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEDgaCXVzLWVhc3QtMSJHMEUCIE%2BfLYSjBdwx9C%2BRqcIOB%2B7YW29wU4d7QZD32vHO%2FGBzAiEAgo4R91Btp93XM%2BThvYejTtRW58Dtb202T8gbg3bcgXYq%2FAMI8P%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAEGgwxNzk0NjQ1OTM1MTQiDNmfUaFyw8XhMiggHyrQA612aOhl1YOkza5XWChSb0ThxzExw2u5W4n6JC12YDREk%2BNWmfg3iOyilz3%2Bv25IvK5jtIYhKjxD0UsKk3olKXDi5WWckXXfFSnohXxLOgNC%2FZahZOm9U5v1Gi4Lf4MnvCJLWrvS7DATFIxnZ%2B2BT4g1viPLfxV834%2BJ86PG%2B2A5oGYRJ9j0LNe%2FZmql8yTKKsJuXU%2FDDY5LFatfplCYxwEJvrsChqecK%2F7QRuXrW7oyJVDNxHRN3L3T1BQ6VE9%2BiZ%2FzJ1IYdC%2BckQXCS3v%2BF0e4gXapf0%2BEqEluTVIoBGi%2FWkES2rksJX%2BLWDFI9T5XUYhQvFRxohXcFE%2FcVVXZb80KBYkqw1HlYdy%2BrcWLORCtWqkM5HpyULNKYGUDf19ZXT%2BvLne38TZsVEWbVW%2FeztrzwEFqpCUgs6r%2FS8NrpIfQj6tYvgWLGnMdn4s%2B7YDV1qFMebTOscukp353ChImpK5zRs6V7ZrJpOLYXvnA%2FidV6ANVJDmi2RH4HivKcGToHae3VxyL6FRA9pN2IGDZwDBEO83dxHU3qRTXfgvuiLQ8oerIHlOjyjKcO6HOUYlpLGQZICFCOg24Mn5owk9afLr2YU2hssxRn9i2n9XSWS6cMKHd%2B5kGOqUBtL%2BlxQVLhKhlUWS4czd8Jo1WaW8j6jKJC6yNcxV9eDz42DXg98M12%2F1ek9ag7QuDs5czJSGqkTzym18%2FbYU4DLwWcdiyWrDXOUEbrizOCDR82jg8R3i7XcxeEK8UahuaYPMvQ6%2B3lylljzouV53%2FomEnn2zGekF1kRXrWr75aVTLmd0HVEctcs4b89WE9w%2F00Q6yP%2FWuhLYkl0%2BTHHrN1syGyC1H&X-Amz-SignedHeaders=host&X-Amz-Signature=9e29f209115141b297984accb09161d995d1e0a826f1e2cab11503bb3c26ff11
Domain & IP information
11
13.225.78.25
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-25.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-25.fra2.r.cloudfront.net
| cloud.malwarebytes.com |
2
2a00:1450:4001:80e::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
18.66.97.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
| static.hotjar.com |
1
13.224.189.26
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net
| script.hotjar.com |
1
18.66.147.116
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
| vars.hotjar.com |
1
54.229.35.143
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-35-143.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-35-143.eu-west-1.compute.amazonaws.com
| in.hotjar.com |
1
13.225.78.124
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net
| vc.hotjar.io |
1
52.217.44.124
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
| nebula-agent-installers-mb-prod.s3.amazonaws.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
malwarebytes.com
1 redirects
cloud.malwarebytes.com — Cisco Umbrella Rank: 3350 |
14 MB |
| 10 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3159 ekr.zdassets.com — Cisco Umbrella Rank: 3703 |
437 KB |
| 4 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3900 www.google.com — Cisco Umbrella Rank: 19 |
906 B |
| 4 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 874 script.hotjar.com — Cisco Umbrella Rank: 1166 vars.hotjar.com — Cisco Umbrella Rank: 1268 in.hotjar.com — Cisco Umbrella Rank: 2355 |
70 KB |
| 3 |
zendesk.com
mwb-biz.zendesk.com — Cisco Umbrella Rank: 837024 |
2 KB |
| 2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171 |
377 B |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 |
20 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129 |
121 KB |
| 1 |
amazonaws.com
nebula-agent-installers-mb-prod.s3.amazonaws.com — Cisco Umbrella Rank: 228194 |
|
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 3460 |
501 B |
| 1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3058 |
257 B |
| 1 |
google.sk
www.google.sk — Cisco Umbrella Rank: 17109 |
501 B |
| 1 |
pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 7813 |
3 KB |
| 42 | 13 |
| Domain | Requested by | |
|---|---|---|
| 11 | cloud.malwarebytes.com |
1 redirects
cloud.malwarebytes.com
|
| 9 | static.zdassets.com |
cloud.malwarebytes.com
static.zdassets.com |
| 3 | region1.analytics.google.com |
www.googletagmanager.com
|
| 3 | mwb-biz.zendesk.com |
static.zdassets.com
|
| 2 | stats.g.doubleclick.net |
www.googletagmanager.com
cloud.malwarebytes.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
cloud.malwarebytes.com |
| 2 | www.googletagmanager.com |
cloud.malwarebytes.com
www.googletagmanager.com |
| 1 | nebula-agent-installers-mb-prod.s3.amazonaws.com |
cloud.malwarebytes.com
|
| 1 | www.google.de |
cloud.malwarebytes.com
|
| 1 | www.google.com |
cloud.malwarebytes.com
|
| 1 | vc.hotjar.io |
cloud.malwarebytes.com
|
| 1 | in.hotjar.com |
cloud.malwarebytes.com
|
| 1 | vars.hotjar.com |
static.hotjar.com
|
| 1 | www.google.sk |
cloud.malwarebytes.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | static.hotjar.com |
cloud.malwarebytes.com
|
| 1 | ekr.zdassets.com |
static.zdassets.com
|
| 1 | rum-static.pingdom.net |
cloud.malwarebytes.com
|
| 42 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nebula-agent-installers-mb-prod.s3.amazonaws.com |
| www.malwarebytes.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.malwarebytes.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-17 - 2023-05-17 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| pingdom.net Cloudflare Inc ECC CA-3 |
2021-12-14 - 2022-12-13 |
a year | crt.sh |
| ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-08 - 2022-12-15 |
6 months | crt.sh |
| mwb-biz.zendesk.com Cloudflare Inc ECC CA-3 |
2022-05-05 - 2023-05-05 |
a year | crt.sh |
| *.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.google.sk GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.hotjar.io Amazon |
2022-07-18 - 2023-08-16 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
| *.s3.amazonaws.com Amazon |
2021-12-15 - 2022-12-03 |
a year | crt.sh |
This page contains 3 frames:
Frame:
https://nebula-agent-installers-mb-prod.s3.amazonaws.com/714a4681-904e-4f46-9f0b-d5c789a62aa5/epa-win/1.2.986/Setup.MBEndpointAgent.x64.msi?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASTSHMMBVCATXFDMF%2F20221006%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221006T175814Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEDgaCXVzLWVhc3QtMSJHMEUCIE%2BfLYSjBdwx9C%2BRqcIOB%2B7YW29wU4d7QZD32vHO%2FGBzAiEAgo4R91Btp93XM%2BThvYejTtRW58Dtb202T8gbg3bcgXYq%2FAMI8P%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAEGgwxNzk0NjQ1OTM1MTQiDNmfUaFyw8XhMiggHyrQA612aOhl1YOkza5XWChSb0ThxzExw2u5W4n6JC12YDREk%2BNWmfg3iOyilz3%2Bv25IvK5jtIYhKjxD0UsKk3olKXDi5WWckXXfFSnohXxLOgNC%2FZahZOm9U5v1Gi4Lf4MnvCJLWrvS7DATFIxnZ%2B2BT4g1viPLfxV834%2BJ86PG%2B2A5oGYRJ9j0LNe%2FZmql8yTKKsJuXU%2FDDY5LFatfplCYxwEJvrsChqecK%2F7QRuXrW7oyJVDNxHRN3L3T1BQ6VE9%2BiZ%2FzJ1IYdC%2BckQXCS3v%2BF0e4gXapf0%2BEqEluTVIoBGi%2FWkES2rksJX%2BLWDFI9T5XUYhQvFRxohXcFE%2FcVVXZb80KBYkqw1HlYdy%2BrcWLORCtWqkM5HpyULNKYGUDf19ZXT%2BvLne38TZsVEWbVW%2FeztrzwEFqpCUgs6r%2FS8NrpIfQj6tYvgWLGnMdn4s%2B7YDV1qFMebTOscukp353ChImpK5zRs6V7ZrJpOLYXvnA%2FidV6ANVJDmi2RH4HivKcGToHae3VxyL6FRA9pN2IGDZwDBEO83dxHU3qRTXfgvuiLQ8oerIHlOjyjKcO6HOUYlpLGQZICFCOg24Mn5owk9afLr2YU2hssxRn9i2n9XSWS6cMKHd%2B5kGOqUBtL%2BlxQVLhKhlUWS4czd8Jo1WaW8j6jKJC6yNcxV9eDz42DXg98M12%2F1ek9ag7QuDs5czJSGqkTzym18%2FbYU4DLwWcdiyWrDXOUEbrizOCDR82jg8R3i7XcxeEK8UahuaYPMvQ6%2B3lylljzouV53%2FomEnn2zGekF1kRXrWr75aVTLmd0HVEctcs4b89WE9w%2F00Q6yP%2FWuhLYkl0%2BTHHrN1syGyC1H&X-Amz-SignedHeaders=host&X-Amz-Signature=9e29f209115141b297984accb09161d995d1e0a826f1e2cab11503bb3c26ff11
Frame ID: 2F8BB66AC4DD4631348D3AC1B200F2F6
Requests: 31 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/latest/web-widget-framework-bec8a5ff4d17b534ed20.js
Frame ID: 2ECA93B835EE399DA2E9629DFBEAC5B1
Requests: 11 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 255BC4677FB05351B1B50930F7905571
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
MalwarebytesMalwarebytesDetected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://nebula-agent-installers-mb-prod.s3.amazonaws.com/714a4681-904e-4f46-9f0b-d5c789a62aa5/epa-win/1.2.986/Setup.MBEndpointAgent.x64.msi?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASTSHMMBVCATXFDMF%2F20221006%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221006T175814Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEDgaCXVzLWVhc3QtMSJHMEUCIE%2BfLYSjBdwx9C%2BRqcIOB%2B7YW29wU4d7QZD32vHO%2FGBzAiEAgo4R91Btp93XM%2BThvYejTtRW58Dtb202T8gbg3bcgXYq%2FAMI8P%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAEGgwxNzk0NjQ1OTM1MTQiDNmfUaFyw8XhMiggHyrQA612aOhl1YOkza5XWChSb0ThxzExw2u5W4n6JC12YDREk%2BNWmfg3iOyilz3%2Bv25IvK5jtIYhKjxD0UsKk3olKXDi5WWckXXfFSnohXxLOgNC%2FZahZOm9U5v1Gi4Lf4MnvCJLWrvS7DATFIxnZ%2B2BT4g1viPLfxV834%2BJ86PG%2B2A5oGYRJ9j0LNe%2FZmql8yTKKsJuXU%2FDDY5LFatfplCYxwEJvrsChqecK%2F7QRuXrW7oyJVDNxHRN3L3T1BQ6VE9%2BiZ%2FzJ1IYdC%2BckQXCS3v%2BF0e4gXapf0%2BEqEluTVIoBGi%2FWkES2rksJX%2BLWDFI9T5XUYhQvFRxohXcFE%2FcVVXZb80KBYkqw1HlYdy%2BrcWLORCtWqkM5HpyULNKYGUDf19ZXT%2BvLne38TZsVEWbVW%2FeztrzwEFqpCUgs6r%2FS8NrpIfQj6tYvgWLGnMdn4s%2B7YDV1qFMebTOscukp353ChImpK5zRs6V7ZrJpOLYXvnA%2FidV6ANVJDmi2RH4HivKcGToHae3VxyL6FRA9pN2IGDZwDBEO83dxHU3qRTXfgvuiLQ8oerIHlOjyjKcO6HOUYlpLGQZICFCOg24Mn5owk9afLr2YU2hssxRn9i2n9XSWS6cMKHd%2B5kGOqUBtL%2BlxQVLhKhlUWS4czd8Jo1WaW8j6jKJC6yNcxV9eDz42DXg98M12%2F1ek9ag7QuDs5czJSGqkTzym18%2FbYU4DLwWcdiyWrDXOUEbrizOCDR82jg8R3i7XcxeEK8UahuaYPMvQ6%2B3lylljzouV53%2FomEnn2zGekF1kRXrWr75aVTLmd0HVEctcs4b89WE9w%2F00Q6yP%2FWuhLYkl0%2BTHHrN1syGyC1H&X-Amz-SignedHeaders=host&X-Amz-Signature=9e29f209115141b297984accb09161d995d1e0a826f1e2cab11503bb3c26ff11
Title: click here
Title: click here
Search URL Search Domain Scan URL
URL: https://www.malwarebytes.com/premium/
Title: Learn more
Title: Learn more
Search URL Search Domain Scan URL
URL: https://www.malwarebytes.com/mac/
Title: Learn more
Title: Learn more
Search URL Search Domain Scan URL
URL: https://www.malwarebytes.com/vpn/
Title: Learn more
Title: Learn more
Search URL Search Domain Scan URL
URL: https://www.malwarebytes.com/for-home/products/
Title: Want even more protection? See all that we offer.
Title: Want even more protection? See all that we offer.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://cloud.malwarebytes.com/api/v1/download?t=U6b0JfCKH9gdfHFdTSINQwr9VMdDSFPvReMBD_A5tzljq6jG-jDJsa6OENr9BeTaIw2zZ4Y5AGldyGOJMsZ83Uj_J8buPa3ibLEhjLN5T78S HTTP 301
- https://cloud.malwarebytes.com/api/v1/download/?t=U6b0JfCKH9gdfHFdTSINQwr9VMdDSFPvReMBD_A5tzljq6jG-jDJsa6OENr9BeTaIw2zZ4Y5AGldyGOJMsZ83Uj_J8buPa3ibLEhjLN5T78S
42 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
download
cloud.malwarebytes.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
cloud.malwarebytes.com/fonts/ |
75 KB 76 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vendors.b7cb23c39951585754eb.js
cloud.malwarebytes.com/ |
13 MB 13 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7028.a38262f0c742a940c928.js
cloud.malwarebytes.com/ |
159 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
301.c7a691c471b6c976af62.js
cloud.malwarebytes.com/ |
29 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.ee138e1824cd5c9eb583.js
cloud.malwarebytes.com/ |
6 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
remoteEntry.js
cloud.malwarebytes.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
109 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pa-5b632c6e54acd30016000074.js
rum-static.pingdom.net/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
87dc00bc-c5e0-4100-8b77-d13d337cedc5
ekr.zdassets.com/compose/ |
431 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-framework-bec8a5ff4d17b534ed20.js
static.zdassets.com/web_widget/latest/ Frame 2ECA |
147 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
mwb-biz.zendesk.com/embeddable/ Frame 2ECA |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-classic-00c6d96.js
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-8165-00c6d96.js
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
663 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-5324-00c6d96.js
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
491 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embeddable_blip
mwb-biz.zendesk.com/ Frame 2ECA |
0 333 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embeddable_blip
mwb-biz.zendesk.com/ Frame 2ECA |
0 281 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
de-de-json-00c6d96.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 2ECA |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
231 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-3155145.js
static.hotjar.com/c/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Regular.woff
cloud.malwarebytes.com/fonts/ |
87 KB 88 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cloud.malwarebytes.com/api/v1/download/ Redirect Chain
|
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.cbd9768ba80ba0be5b17.js
script.hotjar.com/ |
254 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-chat-sdk-00c6d96.js
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 343 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 352 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.sk/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 255B |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3155145/ |
147 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3155145
vc.hotjar.io/sessions/ |
0 257 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web-widget-chat-incoming-message-notification-00c6d96.js
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
208 B 612 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 2ECA |
19 KB 20 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Medium.woff
cloud.malwarebytes.com/fonts/ |
84 KB 85 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
stats.g.doubleclick.net/j/ |
4 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Setup.MBEndpointAgent.x64.msi
nebula-agent-installers-mb-prod.s3.amazonaws.com/714a4681-904e-4f46-9f0b-d5c789a62aa5/epa-win/1.2.986/ |
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
region1.analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings object| google_tag_manager object| dataLayer boolean| zEACLoaded function| $zopim object| webpackChunkmb_retina function| setImmediate function| clearImmediate object| regeneratorRuntime object| google_tag_data string| GoogleAnalyticsObject function| ga object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ function| hj object| _hjSettings object| nebula object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .malwarebytes.com/ | Name: _gid Value: GA1.2.1231060496.1665079095 |
|
| .malwarebytes.com/ | Name: _ga_K8KCHE3KSC Value: GS1.1.1665079094.1.0.1665079094.60.0.0 |
|
| .malwarebytes.com/ | Name: _ga Value: GA1.1.1532523315.1665079095 |
|
| .malwarebytes.com/ | Name: _hjSessionUser_3155145 Value: eyJpZCI6ImQ2ZmI1Y2VhLWM0MGMtNTEyYS05NjZkLWY2YTMxOWQ0NjQ0NyIsImNyZWF0ZWQiOjE2NjUwNzkwOTQ2MjgsImV4aXN0aW5nIjpmYWxzZX0= |
|
| .malwarebytes.com/ | Name: _hjFirstSeen Value: 1 |
|
| cloud.malwarebytes.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
| .malwarebytes.com/ | Name: _hjSession_3155145 Value: eyJpZCI6IjYyYzBiMTVlLTE0ODYtNDk3Ni05NjVhLTdhZTU5NGEzZTdjYyIsImNyZWF0ZWQiOjE2NjUwNzkwOTQ2NzMsImluU2FtcGxlIjp0cnVlfQ== |
|
| cloud.malwarebytes.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
| .malwarebytes.com/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
| cloud.malwarebytes.com/ | Name: _hjCachedUserAttributes Value: eyJhdHRyaWJ1dGVzIjp7ImFjY291bnRJZCI6bnVsbCwiaXNOZXdNb2R1bGVFbmFibGVkIjpmYWxzZSwibW9kdWxlTmFtZSI6ImNsYXNzaWMifSwidXNlcklkIjpudWxsfQ== |
|
| widget-mediator.zopim.com/ | Name: AWSALBCORS Value: t9SOq7HJ4i6HM85xWbZ1HKLQtzEADnUwvrfBXpZn+uJxsA1wZt6oohiIF6Ay1ACCqe+aFrFbQHTyXoZoOlqsvClJkmO1tSsFjvFeKtzvz3BJrl/7KSVOBvt8jgnO |
|
| .malwarebytes.com/ | Name: __zlcmid Value: 1CJlHSpvKCuPDT9 |
|
| .malwarebytes.com/ | Name: _gat_gtag_UA_3347303_10 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'self' *.malwarebytes.com www.malwarebytes.com malwarebytes.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cloud.malwarebytes.com
ekr.zdassets.com
in.hotjar.com
mwb-biz.zendesk.com
nebula-agent-installers-mb-prod.s3.amazonaws.com
region1.analytics.google.com
rum-static.pingdom.net
script.hotjar.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.google.sk
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.18.72.113
13.224.189.26
13.225.78.124
13.225.78.25
18.66.147.116
18.66.97.10
2001:4860:4802:34::36
2606:4700:10::ac43:5d8
2a00:1450:4001:806::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c09::9a
2a00:1450:400d:806::2008
2a00:1450:400d:80e::2003
52.217.44.124
54.229.35.143
045d043e10ad5e97fd2a1c4ff72fcb9f71cb6d4e1718ac61f202885c6900003b
0d64b73e3d9baa94e4c525d01fa5fc4d45231e1c1d286c1956f8bb99726db941
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01db33fc68ec5dbc144cc2aa44bc1217e380fcf03989531916f10b655cfc38
3ac2ecd3fcfd09e2a1dd6328fa5b72dd568bce10575e9cf5f911f550090b8c92
4112fbc996a10ba2f5be2077f92be5eb143e24061a24f7c99825066ecc5b8a51
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
62f8bf9bc3a64fac882bedecccd7e64b6520971b5864fd5a5a2177a4bcc8b735
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
732d9a34298b322ca16d7417db55ab887936662490697f0f50ff1440e0a8b7b1
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
89cbc3e7b2e36c36c21f2ba377e622a20b22186726df5d18683589fb44c43669
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
a74684ece60b02427c48896128fad86a717899d58257633a7781043da07b9757
a9b3ef0f179532fd23b4c8b4a2dd25709b1f474f27bc20b936285f7a63b2e201
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6e1257178115f6c525e037299694b3ea6657a4befd80c588290158ffec465f0
bffbceaede1bc0db0d1e267ef71f2d5d7b57232da21935e30fe7f5305c8dcb7e
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c9f2872e4ebeeff9215d3100ff4efc818aab01dd7978151f5563add953409bba
cf5ad5dd58f9bd11a4a3effb5ff8de7ad200ee80cdd64d50657dc371c714110f
d4be330ab16f3065029d673a25b7a8152275ed52ebd60a5faa9488e8135e4d06
d6e0fd7bf1cc3b522cc445020112774f507af464850ff5c063d545cc2bcb57ad
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a8c60fd067bbb54baeda23a82ec4dde91ca0bd5a66e1e1b28361575e215e6e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcc12b8f7ff9ff5efcc92a344d81c331eaf36c1c0341d73722c2675d0faeea88
fe109538346b3623429f551e23855031a2e17ef076ab397a51bf1e0b6214ecc2