try.malwarebytes.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=
Effective URL:
https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_m...
Submission: On February 15 via manual (February 15th 2023, 1:47:02 pm UTC) from IN — Scanned from DE

Summary HTTP 228 Redirects Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 38 domains to perform 228 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is try.malwarebytes.com.
TLS certificate: Issued by R3 on February 1st 2023. Valid for: 3 months.

This is the only time try.malwarebytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	18.65.39.33 18.65.39.33	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:c200:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
10	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.27.16 13.32.27.16	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.189.6 13.224.189.6	16509 (AMAZON-02) (AMAZON-02)
1	34.238.109.20 34.238.109.20	14618 (AMAZON-AES) (AMAZON-AES)
7	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
21	108.156.61.61 108.156.61.61	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	108.156.60.114 108.156.60.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:9c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.7.203.104 23.7.203.104	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.17.47 108.138.17.47	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:6c00:16:26c7:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.19.186.201 52.19.186.201	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2016	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
65	18.66.112.39 18.66.112.39	() ()
4	50.16.7.188 50.16.7.188	() ()
228	49

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go2.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

try.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.39.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-33.ams1.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:c200:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-16.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-6.fra2.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.109.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-109-20.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 108.156.61.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-61.ams1.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.60.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-114.ams1.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.203.104 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-203-104.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-47.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:6c00:16:26c7:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.malwarebytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.186.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-201.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

805-usg-300.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 18.66.112.39 (None, )

ASN- ()

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	driftt.com js.driftt.com	751 KB
23	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	418 KB
22	gstatic.com www.gstatic.com fonts.gstatic.com	710 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	2 MB
12	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4098	117 KB
9	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 233	3 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 197	61 KB
7	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 27007	102 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41	21 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5010	96 KB
4	drift.com bootstrap.api.drift.com metrics.api.drift.com	370 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 417 www.linkedin.com — Cisco Umbrella Rank: 572 px4.ads.linkedin.com — Cisco Umbrella Rank: 6267	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 671 script.hotjar.com — Cisco Umbrella Rank: 836 vars.hotjar.com — Cisco Umbrella Rank: 1036 in.hotjar.com — Cisco Umbrella Rank: 1810	73 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 412	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	157 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5268	579 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	236 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8862	33 KB
3	malwarebytes.com go2.malwarebytes.com try.malwarebytes.com www.estore.malwarebytes.com Failed www.malwarebytes.com — Cisco Umbrella Rank: 44342	25 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3837	6 KB
2	company-target.com api.company-target.com — Cisco Umbrella Rank: 4449	1 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5781 scripts.demandbase.com — Cisco Umbrella Rank: 11038	39 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 20257	36 KB
1	mktoresp.com 805-usg-300.mktoresp.com — Cisco Umbrella Rank: 263353	318 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 644	394 B
1	t.co t.co — Cisco Umbrella Rank: 519	377 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	22 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 212	2 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1583	157 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 846	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 657	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1428	8 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1005	376 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 654	98 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13955	203 B
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 26432	245 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 834	5 KB
228	38

	Domain	Requested by
65	js.driftt.com	go2.malwarebytes.com js.driftt.com
21	d9hhrg4mnvzow.cloudfront.net	try.malwarebytes.com
18	www.youtube.com	try.malwarebytes.com www.youtube.com
13	www.gstatic.com	www.google.com www.gstatic.com www.youtube.com
10	www.google.com	try.malwarebytes.com www.gstatic.com www.youtube.com www.google.com
9	fonts.gstatic.com	www.youtube.com www.google.com
8	jnn-pa.googleapis.com	www.youtube.com
7	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
7	www.google-analytics.com	try.malwarebytes.com cdn.bizible.com www.google-analytics.com
6	dev.visualwebsiteoptimizer.com	try.malwarebytes.com dev.visualwebsiteoptimizer.com cdn.bizible.com
5	googleads.g.doubleclick.net	2 redirects www.youtube.com www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com try.malwarebytes.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google.de	try.malwarebytes.com
3	www.googletagmanager.com	try.malwarebytes.com www.googletagmanager.com
3	cdn.bizible.com	try.malwarebytes.com cdn.bizible.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	www.facebook.com	try.malwarebytes.com
2	region1.analytics.google.com	www.googletagmanager.com
2	static.doubleclick.net	www.youtube.com
2	munchkin.marketo.net	go2.malwarebytes.com munchkin.marketo.net
2	stats.g.doubleclick.net	cdn.bizible.com www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	api.company-target.com	cdn.bizible.com js.driftt.com
2	d34qb8suadcc4g.cloudfront.net	try.malwarebytes.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	try.malwarebytes.com
1	805-usg-300.mktoresp.com	munchkin.marketo.net
1	analytics.twitter.com	try.malwarebytes.com
1	t.co	try.malwarebytes.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	alb.reddit.com	try.malwarebytes.com
1	in.hotjar.com	cdn.bizible.com
1	www.malwarebytes.com	www.googletagmanager.com
1	scripts.demandbase.com	go2.malwarebytes.com
1	unpkg.com	www.googletagmanager.com
1	static.ads-twitter.com	go2.malwarebytes.com
1	www.redditstatic.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	try.malwarebytes.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	cdn.bizible.com
1	id.rlcdn.com	try.malwarebytes.com
1	cdn.bizibly.com	try.malwarebytes.com
1	events.ub-analytics.com	try.malwarebytes.com
1	tag.demandbase.com	try.malwarebytes.com
1	snap.licdn.com	try.malwarebytes.com
1	static.hotjar.com	try.malwarebytes.com
1	try.malwarebytes.com	go2.malwarebytes.com
1	go2.malwarebytes.com
0	www.estore.malwarebytes.com Failed	go2.malwarebytes.com
228	53

This site contains no links.

Subject Issuer	Validity	Valid
go2.malwarebytes.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
try.malwarebytes.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.unbounce.com Amazon	`2023-01-09` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.malwarebytes.com Amazon RSA 2048 M02	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Frame ID: FF2B9BE0851D59E0ED1B28A180B8601F
Requests: 100 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
Frame ID: 0213A1ADC138756457CE47303759C00D
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
Frame ID: F87F189B40F1DE824197800C8B5251CA
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 98201388183CCA6285B13D5D1810073B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=wmi262v5pi8d
Frame ID: 3F94E4E63E62E6F37B5C0BA5FC626562
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
Frame ID: AAB504D952E5C1C6B658335667856A82
Requests: 11 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Frame ID: 771E0372B21AFA150B6BB434B34B1B36
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
Frame ID: 05B279921EB3D369411A35BDB602E0C0
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXj... Page URL
https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_em... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

228
Requests

98 %
HTTPS

49 %
IPv6

38
Domains

53
Subdomains

49
IPs

6
Countries

4626 kB
Transfer

13895 kB
Size

51
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ= Page URL
https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1676468807831%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%252Fmdr-consultation%252F%253Futm_source%253Dmarketo%2526utm_medium%253Demail%2526utm_campaign%253Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%2526mkt_tok%253DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&liSync=true&e_ipv6=AQISbcHwiVj_fgAAAYZVU-u-e_TOJblRnT4EZ5t7R3FQHvYTWctmx3J6imxB2RN8UyjbzNJHHETi

Request Chain 93

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 98

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

228 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=
go2.malwarebytes.com/ 648 B
1 KB 354ms
184ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-VS8Q/hn9YvMa6rz75uTeKV8ER0QkMffbpSDvnbM7s5A=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 799e7ddd4a129213-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-VS8Q/hn9YvMa6rz75uTeKV8ER0QkMffbpSDvnbM7s5A=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Wed, 15 Feb 2023 13:46:47 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: fc5ab843224ad623

GET
H/1.1 200
OK Primary Request / Show response
try.malwarebytes.com/mdr-consultation/ 135 KB
22 KB 176ms
20ms Document
text/html 3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb3bf52d2956b654034a61ed94356647ab5853604e5fbe0431095be39b2f4442

Request headers

Referer: https://go2.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 21578
content-location: https://try.malwarebytes.com/mdr-consultation/
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 13:46:47 GMT
etag: "a:ef34e1bd69124ff19824f48d6e90bb79"
link: <https://try.malwarebytes.com/mdr-consultation/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 2a429308-58a1-40af-b78f-274ff04c671f
x-unbounce-variant: a
x-unbounce-visitorid: ef34e1bd-6912-4ff1-9824-f48d6e90bb79

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 77ms
14ms Stylesheet
text/css 18.65.39.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-33.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:22:01 GMT
content-encoding: gzip
via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 2204687
etag: "3d27e56a34e34b278ab5e182cbc3b587"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: BvcDVxar1_kq72MDf7Ut8WhsJxlYzdeNxyz0XD7n6c0984rR9kS5wA==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 53ms
7ms Script
application/javascript 2600:9000:211e:c200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2477107
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: Fj3GyL09o3Qgvt9p_cZMFylBLWPXsnco5_PiSFLEiV6dOLQddR7mCA==

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 66ms
7ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 1ae740ebbe1a0c68cdf60b2d5df40126d47e6c69d19bf794b8a99ad5ceb81992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2023 02:55:21 GMT
server: ECS (frb/67D4)
age: 52114
etag: "91acae1dfb3cd91:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
871 B 61ms
24ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6517ce622f7543c43012579eebb219cd6f160eb3d5c66afdbe1117634d2c988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 13:46:47 GMT

GET
H2 200 main.bundle-5dc4c52.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 18ms
16ms Script
application/javascript 18.65.39.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-33.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:35:05 GMT
content-encoding: gzip
via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
x-amz-version-id: pKHv9xoCp.Oeede.gA0bUZ9Qn6jRS9cc
last-modified: Wed, 23 Nov 2022 23:24:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 6095503
etag: "0bf2d86152e7e3622dcf4ab19253e64e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33506
x-amz-cf-id: H-KYVOLMVWtoSlLNJ47TBHIxLGtNokEK4uIm8U9JIvThgVX7UoaNdA==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 10 KB
4 KB 140ms
78ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&f=1&vn=1.3
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 041f99d9ca60c57e94f977320c090c62ec09828ba45f8dee938717c114f19d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1676462611"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-2233835.js Show response
static.hotjar.com/c/ 8 KB
4 KB 137ms
39ms Script
application/javascript 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-16.fra56.r.cloudfront.net

Software

Resource Hash

5e5955aef26f7585a0e94ded14f5d3b4261e463ca87fa95cac47feeb6d3d1666

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/512501030223b1901fbda827ef703b09
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0Qrk-cQrtRK-dD2YZZOq6VT7ihLWwUVRVbYOrGz-20G0Ph96Pm1WMw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 111ms
29ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 13:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 15:12:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 337 KB
103 KB 132ms
53ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8ce59cb75660f270e9aab9c076c2c305849a7cf0eddfad2632b2835b93f79cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105482
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 13:46:47 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 8ms
8ms Script
application/javascript 2600:9000:211e:c200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 03:40:00 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1937208
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: PiKYkylnP2ymWjY896UeHCke-_I2As02Buw0V2vLvMjA17PzlERw-A==

GET
H2 200 uGIGyePoK2M Show response
www.youtube.com/embed/ Frame 0213 68 KB
28 KB 218ms
123ms Document
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c79bb31f7a226c40095cb588ec5f910160c548d7e4912fbc24b79714d4929489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:46:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uGIGyePoK2M Show response
www.youtube.com/embed/ Frame F87F 69 KB
29 KB 176ms
88ms Document
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f95c75c564010d1dfbec8bec4d7a1f933970e00f6b77048e37e1a65139846c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:46:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 85ms
19ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=66662
accept-ranges: bytes
content-length: 4777

GET
H2 200 HWyTnY16.min.js Show response
tag.demandbase.com/ 69 KB
19 KB 67ms
11ms Script
application/javascript 13.224.189.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/HWyTnY16.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-6.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

beda0693dd166d8ff47954bc08951e99f5e5028f5d64f11dbe7b70a192648daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id: VzT4VWNPtW2jSFdw6cuHU4QRN8C29Rae
content-encoding: gzip
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date: Wed, 15 Feb 2023 13:45:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C1
age: 2946
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:52:05 GMT
server: AmazonS3
etag: W/"db79dc7b35a2fd3e1e433a965d6306c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: AI1Vy5MoBTtedmhiLtAJEe_YBpKaYs4OIDgMk4DxB74JR-ER7WRyMQ==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 383ms
111ms Image
image/gif 34.238.109.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1676468807779&e=pv&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&refr=https%3A%2F%2Fgo2.malwarebytes.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=b4515071-5067-487b-8357-f1ff9f7d81fa&dtm=1676468807777&vp=1600x1200&ds=1600x3175&vid=1&sid=1c430211-5b1f-4b76-b48a-21f0ee721934&duid=5398ccf1-95ea-4ce0-80e3-828e8392f498&uid=ef34e1bd-6912-4ff1-9824-f48d6e90bb79&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMmE0MjkzMDgtNThhMS00MGFmLWI3OGYtMjc0ZmYwNGM2NzFmIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.109.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-109-20.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Feb 2023 13:46:48 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.0.9
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 462a8d24-5334-4d2a-bd53-c9ed46f9907d
https://try.malwarebytes.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://try.malwarebytes.com/462a8d24-5334-4d2a-bd53-c9ed46f9907d
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 12 KB
1 KB 58ms
9ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

0ef47dcd520d7b5996ae3b3253808981cf7cf4efdee2b9d9fb9e8637db3c29a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 18122
x-amzn-requestid: 2915fdcd-247b-49ea-a28f-7f5104deefc7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: AX07sEvBoAMFnwA=
content-length: 834
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-63ec9b7d-6fba72b46b4124b653c74b4c
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: _Q3lHSi8i4rhubnJZLCHPIY4joU11IFtxmoLRrNl_PKBE4eBR9qvlg==

GET
H2 200 5aa2a483-mwb-for-business-logo-horz-b.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 9 KB
4 KB 78ms
19ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/5aa2a483-mwb-for-business-logo-horz-b.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:45:33 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: wCl0_Fiegwow2nfborPSXumd2.jvZvcy
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 18075
etag: W/"86720f295785c42af708f960cc7fcd68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: P4yrLh3lE4ycpYZ3k4iY5t4pb3DxRlePHxIK-Zo3bn6CnYN-O7jA7w==

GET
H2 200 a0e423ac-youtube.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 781 B
1 KB 79ms
20ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/a0e423ac-youtube.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:13:59 GMT
x-amz-version-id: Znt86s5dMsmr2XwwfRHqlhdFvwfc1_ef
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124369
etag: "081f067d429b3c6a78729d7deac02168"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 781
x-amz-cf-id: xnb2SnzF7nsjXrjiwvirIdLmQB0UUSZmfvPqoP6Hpa50aQKwSvSCdA==

GET
H2 200 f95669e3-twitter.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 1 KB
1013 B 78ms
19ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/f95669e3-twitter.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:13:59 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: OZmiovV2Mzlrow5ug0_v0W5rZTJos24.
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124369
etag: W/"ddedc6e72875927b487fa5e332377f63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: 0vsPnHdoMfGyCJYo5q_xeh3R5LJGO_mnd8Cj07NaPT9ei7HtHhhlHQ==

GET
H2 200 86f05d8f-linkedin.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 694 B
1 KB 77ms
19ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/86f05d8f-linkedin.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:45:33 GMT
x-amz-version-id: SUYbR_nq_Q.o76o8EvE0HDQR_54JmWc1
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 18075
etag: "b7d762d9bcb616fca18554d94802d3ee"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 694
x-amz-cf-id: oWzqMBIrebiOGRvx0kBQd77me8151zzOyFpANE-_uF02p40b4YyFgw==

GET
H2 200 a41c267f-instagram.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 956 B
1 KB 64ms
21ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/a41c267f-instagram.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:13:59 GMT
x-amz-version-id: EdQ2Gbo21I0IS8ObZcxWrWZZacDu3obh
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124369
etag: "883f596fcb6f545aed6128681beba88a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 956
x-amz-cf-id: Jq_hj1YDCtdUalSLYngM_yb1E55q37NSQm77MhlefuDOlxiJeigLSg==

GET
H2 200 8cd70cf9-facebook.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 276 B
671 B 46ms
20ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/8cd70cf9-facebook.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: PJTdOc1M9bt9EhrH3NIXJofS0yJhpGOo
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: "36e58d5d5809a35372d71afc30c8c32e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 276
x-amz-cf-id: WYG55TESuzAv8rvCgNWQ_HcCP2KGDiIfTTuYyaRjgqPARCWY6Y07kg==

GET
H2 200 906bcc78-corp-mdr-tn-4-reasons-500x500.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 197 KB
150 KB 52ms
48ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/906bcc78-corp-mdr-tn-4-reasons-500x500.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d16135eceb411c02bb5d95d43e29b693e6bdf25f4d7fd3ebb60a5552c85d8e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: GOo62jwnSjJYU8pVZCLcm5Tz4Z.aSzws
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: W/"529f277dea0a27fa3163879e5b100f1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: O_3h4zGFAjYrSPjB8ywFLxmQjBskpP7KHQd04yfTIDpdkMIld1XFTw==

GET
H2 200 5173049a-corp-mdr-tn-your-mdr-buyers-guide-500x500.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 164 KB
125 KB 26ms
22ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/5173049a-corp-mdr-tn-your-mdr-buyers-guide-500x500.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be8dd2948f0dd20a990b74d9d9cdd266bad080412471ccc919b1055cfe439491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: A6qMgpfuY2wiCc6j2yiLkjKDYOEVvtan
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: W/"9400d292a0e05a775c8225835239bcd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: HR8n3RKJ7a5pwyZTwLPQVbkrnJWQlwnn0bW3cUrpgK03oL0jU1N2bg==

GET
H2 200 40689225-rip-and-replace-check-32x24.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 639 B
1 KB 51ms
48ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/40689225-rip-and-replace-check-32x24.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 197b732c579cf749221a6724dcd1839bd5dd5b87773c4bc53fc1ba5f7748963e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: R5prx_qewZG8dsU0uSkie11cXuxTQFv3
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: "2c22a43440f9f35cef8cdf9c25691e65"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 639
x-amz-cf-id: Pq25XPuxDMfesXKKLiCz3YhsSjEyuXPIQCK5Z9W_L2dlZgWBMW124A==

GET
H2 200 e2d24b85-corp-mdr-tn-is-mdr-right-500x500.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 116 KB
89 KB 69ms
66ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/e2d24b85-corp-mdr-tn-is-mdr-right-500x500.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23b222559aee6b53a76b992066474116f61abea1ad439282ed09fe6fbb9e573f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: D3XX.XpJ5eV68ZWAhD8TRZWUrMBhSUBC
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: W/"afa7e3ddd9b66a6bc967f109e7e44917"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: BzEdZi4WXTAdK-yYhtekxMMPbpIMn3kck5NwiUzLAUMny3_YbZogZQ==

GET
H2 200 f0296033-st-anthony-hospital-logo-white-162x38_100000003z012009000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 987 B
1 KB 68ms
64ms Image
image/png 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/f0296033-st-anthony-hospital-logo-white-162x38_100000003z012009000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 421012e81de85338dcd9d87f43ba16a3d3c408fa85df2bd076802439a75d3220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: 7ZpvuV5pCAICw.ERSazp5QDNSHEXivHM
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: "33bc1dd00c03eec968449a89b0ac8374"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 987
x-amz-cf-id: JAYfQboBkvKdCT6B_JRJyiOrSgMYpMZutOFpkAcu18N-88AWDt1_gw==

GET
H2 200 c9621a41-logitech-logo-white-162x38_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 692 B
1 KB 80ms
77ms Image
image/png 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/c9621a41-logitech-logo-white-162x38_1000000000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551d23adf227b02f72a71b93572587f8a45d64578704fe57bb39fd7fa4b082dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: SIabboKLbNyX0nqzfYIXmjTy9F_JrfMx
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124368
etag: "6e29ab9d7a6b06b1d98564a7ca8c7686"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 692
x-amz-cf-id: 8QJvu6bXth-hK2wkx1pLfJw6VurqhsQZnw9gCcHWV96_3u9xBjdOBw==

GET
H2 200 fb6f4d35-cdss-logo-white-162x38_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 1 KB
2 KB 81ms
78ms Image
image/png 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/fb6f4d35-cdss-logo-white-162x38_1000000000000000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dbc00a035c1856af94c2d021ad031bc31f0e03b56b26eec2423f4a856655203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: JtzbNzz8QpwSR4Oa3ovJB7uWl1xpDBWD
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124367
etag: "aa42a6909126b392a42ef2be22ef1846"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1322
x-amz-cf-id: oT4fpU0BGmcyxPlcRCT3FpT4AmaSoxwLds2SzVEhgMrLPxl65B9n_Q==

GET
H2 200 de830aa6-university-of-mississippi-logo-white-162x38_100000004i011000000028.png
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 1 KB
1 KB 81ms
79ms Image
image/png 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/de830aa6-university-of-mississippi-logo-white-162x38_100000004i011000000028.png
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 932ad37066a342e0d43eb6eb71c160aa6c8fca66a149c69ba56c013da617860e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:00 GMT
x-amz-version-id: s.jzVMYv6jFJ_kHZFg6sVQOF5AP3QfPX
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124367
etag: "4e7547cdb56583b9fa51e9d298240e1a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1101
x-amz-cf-id: A7pEoGCcfNwVcBWWqI9AhfaA10Qvg5RY-kF3sD4KlWWCzX90qfzW1Q==

GET
H2 200 7dea883f-increase-investment.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 557 B
953 B 82ms
80ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/7dea883f-increase-investment.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d4240b14eccd03507cacca22aaba32f07b69e8629aca57c56b3b77524a67b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:01 GMT
x-amz-version-id: lsWfB1KYCD0Oak7vsDCC_KP_HFvuLFEG
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124367
etag: "ada34b8d90640bd9eff7f17d6004183e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 557
x-amz-cf-id: sYLvtrTIujgH-qSPV-nNHHlXyr3fZ3CV0mIrO9gN-dlmCeSurX8krg==

GET
H2 200 2fded677-alert.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 1 KB
868 B 82ms
80ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/2fded677-alert.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59af0ae547f15ceaca464ec758f69d5e728584020bb52c08118bd5c34f24fb4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:02 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: GtCzo0Hlyv1rFRvG1Tnidk8yExbKqGts
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124366
etag: W/"5f6e41d2a42975a05860116f6c0aeb24"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: Ws57Ug2JXvuWeaiBYJtpIH8nmMfCmjeSbALbmGMlpzbyL5gdY_o3cA==

GET
H2 200 6019fe74-privacy.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 822 B
1 KB 84ms
82ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/6019fe74-privacy.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e57491b2f48afb99250a0997cdf9ced6354f6a584c7205c699cea4f18d9dc082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:04 GMT
x-amz-version-id: iaL_7Ek0Z8lCcFtPxBygkrOVfsDJAN48
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124364
etag: "7c3d7c231223814de68ee705b129366c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 822
x-amz-cf-id: wwPNOxpOT4lrysxTNWiK15FkbuFjKAQHtAbGMtjIaPNByDNlINR6eg==

GET
H2 200 869e3f8b-automates-remediation.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 1 KB
907 B 83ms
80ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/869e3f8b-automates-remediation.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b63a0c5c71e2c7923223a06fd7702201b304ff89d0d24aac333a1cf8bebe0dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:06 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: YbwTGTiEaRRJkQC281miRCvjnBpY8R2f
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124362
etag: W/"9eca6223fefba2e9f8a99eb30886343b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: i1EE_Gn9Qt0JruD2dN7pkN6XOV4QVTUZxrqq5rQ-aIqlE0sMRY85gw==

GET
H2 200 6c47c5d5-accurate.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 834 B
1 KB 83ms
81ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/6c47c5d5-accurate.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b1010a56b0400b2cbef652a28efd73e6561ed03d6a06956a105ff8f37bf1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:18 GMT
x-amz-version-id: tM9NGHypAgiUW4F2JVN5zT9nKvVjpJ08
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124350
etag: "f6a8612069d7829617ea7a144db88e9b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 834
x-amz-cf-id: hQs-jL5XPy-2zoIPxIUQSJYlsjfL18RRWBIjEN_3HDTN8M0_LVLnOw==

GET
H2 200 98ae6e43-protection.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 2 KB
1 KB 83ms
81ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/98ae6e43-protection.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5993bfc6f29b7cbe16f2db6fe83e70f3ed47058e64dc55b56d9d0cb185d29f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:18 GMT
content-encoding: gzip
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-version-id: l3ZPzK5ls34wsLJDHY1BpL6T_lXOAiCb
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124350
etag: W/"c116fb8f05ac2fb10f45b45f3002b728"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: Tpmn8FtsccYNHtTrrQoSzOmm6cjm-h6MKx52BGFEuxaKUr7PxZ9j9w==

GET
H2 200 c4f95b5f-plus.svg
d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/ 337 B
731 B 84ms
81ms Image
image/svg+xml 108.156.61.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/try.malwarebytes.com/mdr-consultation/c4f95b5f-plus.svg
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-61.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7d33a0b9a125c1e2bc171336f066a77c96ac9939372ff1a6a88754a854412fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 03:14:18 GMT
x-amz-version-id: 4SQ_jHPALyYUdbKjNVKorcc7SMqGS2wn
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 15:08:29 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 124350
etag: "89dfe5673328111826b63671cdb204a2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 337
x-amz-cf-id: u5XT8n6gG7pIeOSh_g3-z433B75LxLOrWdDGZjAFI8yW8iV2Kp5rDQ==

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
305 B 8ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fgo2.malwarebytes.com%2F&_biz_h=-1906410348&_biz_u=48666f53a5c74803bd23b9b48bb6ebd0&_biz_s=1db814&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&_biz_t=1676468807803&_biz_i=&_biz_n=0&rnd=124690&cdn_o=a&_biz_z=1676468807804
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:47 GMT
last-modified: Wed, 08 Feb 2023 14:12:16 GMT
server: ECS (frb/6760)
age: 603271
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 23ms
9ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=48666f53a5c74803bd23b9b48bb6ebd0&_biz_s=1db814&_biz_l=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&_biz_t=1676468807806&_biz_i=&rnd=785784&cdn_o=a&_biz_z=1676468807806
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:47 GMT
last-modified: Thu, 09 Feb 2023 23:58:42 GMT
server: ECS (frb/67C2)
age: 481686
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 406 KB
163 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 12:29:48 GMT

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 102ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 467 B
959 B 111ms
46ms XHR
application/json 108.156.60.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fgo2.malwarebytes.com%2F&page=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&page_title=
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-114.ams1.r.cloudfront.net
Software: nginx /
Resource Hash: d7ceef922fb65cb474fa558c511bcb9ccbf8cd939e5cb85e94dfc1cbbe02a645

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
request-id: d755511b-ec12-4a39-abaa-8a90a6a63462
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://try.malwarebytes.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f0XITyNQW9YEAbW01-0CaTKHcSDY1bCZThbbZKSyMVW4EtC5kq9tTA==
expires: Tue, 14 Feb 2023 13:46:47 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
526 B 120ms
120ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=48666f53a5c74803bd23b9b48bb6ebd0&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.11.28
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 9a7962c16714ead45e3b90d591f96149f66207503b03fbadd71a5ce3549eebd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: 20E02CB1
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 219

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/ 36 B
376 B 59ms
8ms XHR
application/json 2600:9000:225e:9c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2594100/domain/try.malwarebytes.com/token
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:47:31 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3556
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=32258
x-amz-cf-id: yU023UnaAY5ExM32TKuWvITQjmIo9P9-OjCUfxG1l2U2ai2OGz798g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2594100%26time%3D1676468807831%26url%3Dhttps%253A%252F%252Ftry.malwarebytes.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaig...

0
266 B

226ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&liSync=true&e_ipv6=AQISbcHwiVj_fgAAAYZVU-u-e_TOJblRnT4EZ5t7R3FQHvYTWctmx3J6imxB2RN8UyjbzNJHHETi
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9C98CBF9DF4C40A5A5740A9DFDE2B541 Ref B: FRAEDGE1117 Ref C: 2023-02-15T13:46:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0vU/VG9ZJcpahlNMzqw==

Redirect headers

date: Wed, 15 Feb 2023 13:46:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AAEC7985AB89430F999CF68138BFC84E Ref B: FRAEDGE2009 Ref C: 2023-02-15T13:46:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2594100&time=1676468807831&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&liSync=true&e_ipv6=AQISbcHwiVj_fgAAAYZVU-u-e_TOJblRnT4EZ5t7R3FQHvYTWctmx3J6imxB2RN8UyjbzNJHHETi
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0vU/QpbIL9HyBXF0ymw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 57ms
53ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=592823957&t=pageview&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dp=%2Fmdr-consultation%2Fa%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1254822431&gjid=1604844396&cid=186045027.1676468808&tid=UA-3347303-10&_gid=1657283763.1676468808&_r=1&_slc=1&z=90828554

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 28ms
9ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 05:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15752
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7199940
x-amzn-requestid: aebf9a5c-fb8b-43ee-b74e-279fc54e32e0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cF3MkFcqoAMFzTA=
content-length: 15775
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f0583-3e8d2eca53bf43702eac1eb6
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MbXCp3I0Y1Tg8f9CZ64Y-1zdmzkcS3v4xPupLCxg5lS1apiDGie70Q==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 16 KB
16 KB 36ms
18ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 01:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15920
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7216204
x-amzn-requestid: 2fffae9c-8aa6-4b65-aa2a-1ffdcc1846e3
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cFPfOGXgIAMF4Bw=
content-length: 15943
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637ec5fa-29b1432131f1d07a1f84c026
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: mJln0_YAs6NG4NjiXJybiAaAbgsZQwasPY_2cb_ghPWg0_hlb-chpg==

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 17 KB
18 KB 34ms
15ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 06:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 17508
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7198123
x-amzn-requestid: bc2d6c14-2f21-4c9e-ad60-6f7473680d6d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cF7ohE4IoAMFXcw=
content-length: 17536
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f0c9c-689a17425811ce9d32cbb7a0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pTnyiWgW70OBHWdGEpEhAt-uoVvWxZyTW8Z4UNfrVTwjTszj4gNwYw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 40ms
21ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3578820
x-amzn-requestid: ce8a5b2f-1170-4141-ab51-7dd486fc9794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: eP_0gGClIAMFheA=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63b64683-4c9d083f52fd04742c823b9b
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QHNh9ykRBoFRagLzw2z-vXEAFPfhs-VPQVuFcFjhJGGdGkDQYrxB-Q==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 43ms
24ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3152929
x-amzn-requestid: 50881dda-7c63-4b9f-aaab-0fa81427d81d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: egPl9FS8IAMF1Bw=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63bcc625-5ff7f0c0157854b23c855fb3
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UatrjBfm4QBqdWX-pYySs7PApQ5n6KQXoJ_SpKa_GECO24Ms4OlxYw==

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 17 KB
18 KB 34ms
16ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:900,500,300italic,700,regular,italic
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 05:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 17368
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7200754
x-amzn-requestid: 476aa7ec-8fb7-492b-9ddf-52a32b60c9d8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cF1NUGj8oAMFa0g=
content-length: 17396
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f0255-254754506a5e759356a3bf9d
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: h-TlC9UJtqZzhRewzyXE-wZdnSAA92KdDxyBQW6jIOPAvczuAcFXcQ==

GET
H2 200 modules.799a359d0eb901147abe.js Show response
script.hotjar.com/ 262 KB
67 KB 68ms
12ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.799a359d0eb901147abe.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

8291efd37926f1a74b525fd899300f2a0c6fe15a813da88c249b47e8937f0df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 9891
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68359
last-modified: Wed, 15 Feb 2023 11:01:31 GMT
etag: "65de99e22393cd1c8f2ac2c587048a16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MyRImRA_pLSVRh0l_n006cDM7fpPolU3J-Q2W0eykuapKUc0abYlEg==

GET
H3 200 tag-f417c1be6fec5e70ea6d99fd35055d4c.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 174 KB
49 KB 67ms
48ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-f417c1be6fec5e70ea6d99fd35055d4c.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=622914&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&f=1&vn=1.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: f12a492b447a87cec7e5b0d243bc6f2f81ca2ca381ef0b4040f6ac09e4a69920

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 15 Feb 2023 12:03:18 GMT
server: gams1
etag: "63ecca06-c26a"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49770

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 103ms
103ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=622914&d=try.malwarebytes.com&u=DD7E3A47BE313069846BCD41AB25F4A7C&h=bef0e7cdeb6093fa64b1b17395daa104&t=false&r=0.7554542746281685

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:47 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/d405f6b4/ Frame F87F 395 KB
51 KB 41ms
28ms Stylesheet
text/css 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0a0e8c4b9bd6250bc0829794d056ac353997cfdd0a1a67c838a956748d253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51976
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 82ms
29ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-3347303-10&cid=186045027.1676468808&jid=1254822431&gjid=1604844396&_gid=1657283763.1676468808&_u=IEBAAEAAAAAAACAAI~&z=350575363

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 9820 2 KB
1 KB 48ms
11ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233835.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1039001
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-id: m8f5bqrB682JCRQQzLloUc7OS4MAjCRTjhlnodK3fQx1qwPFI_d_6g==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
31ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=592823957&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=186045027.1676468808&tid=UA-3347303-10&_gid=1657283763.1676468808&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Ulm&cd12=BW&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=1212511811

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 01:00:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F87F 15 KB
16 KB 129ms
31ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options: nosniff
age: 471087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 02:55:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F87F 15 KB
15 KB 137ms
39ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options: nosniff
age: 385958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:34:10 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/d405f6b4/ Frame 0213 395 KB
51 KB 34ms
33ms Stylesheet
text/css 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0a0e8c4b9bd6250bc0829794d056ac353997cfdd0a1a67c838a956748d253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51976
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/ Frame 0213 345 KB
108 KB 66ms
65ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a752bfb018856bde51066ff3495c20fb473afad1d06a578eb50caebbfe78b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110180
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 0213 2 MB
603 KB 78ms
77ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63f208d7453b4553e06890bdd2e3190b2cdee3b8aad95a141b88a61ba969060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617066
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/ Frame 0213 9 KB
3 KB 76ms
76ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/ Frame F87F 345 KB
108 KB 73ms
71ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a752bfb018856bde51066ff3495c20fb473afad1d06a578eb50caebbfe78b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110180
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame F87F 2 MB
603 KB 79ms
76ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63f208d7453b4553e06890bdd2e3190b2cdee3b8aad95a141b88a61ba969060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617066
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/ Frame F87F 9 KB
3 KB 82ms
80ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:40:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0213 15 KB
15 KB 111ms
76ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options: nosniff
age: 471087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 02:55:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0213 15 KB
15 KB 92ms
66ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options: nosniff
age: 385958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:34:10 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 41ms
39ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-3347303-10&cid=186045027.1676468808&jid=1254822431&_u=IEBAAEAAAAAAACAAI~&z=143630216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 78ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-3347303-10&cid=186045027.1676468808&jid=1254822431&_u=IEBAAEAAAAAAACAAI~&z=143630216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
83 KB 61ms
60ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1a1d73ab4f91a45680e1b05a9e77fc2b1a3e3b71118f1371968978d199c2595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Feb 2023 13:46:48 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 80ms
9ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 65ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Feb 2023 13:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oO5yuGqv+y0aMwmkByJGoDEHVr1bJ9jWPLwKEl8moE4HIRfDuLuNThsqy1Kpr76aSLtoLBMxDDqgnvISuyda/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 30ms
30ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Feb 2023 13:49:48 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 71ms
18ms Script
application/x-javascript 23.7.203.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.203.104 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-203-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 13:46:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 270ms
18ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6378-VIE

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 36ms
17ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11056289
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GF154N5R75A1W6456WZV5P0Q-fra
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 799e7de2cfa6bb9b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 57ms
55ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930356311

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f056b54f463db7aece8a2c50d306d2b2cf87c3fc823781d97d3f6f085c771870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50998
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Feb 2023 13:46:48 GMT

GET tag.js
www.estore.malwarebytes.com/proxydirectory/tags/445691266569/ 0
0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 87ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 15 Feb 2023 13:46:47 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9319492154E1410C8776334ADFCE8B14 Ref B: FRAEDGE1421 Ref C: 2023-02-15T13:46:48Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11563

GET
H2 200 HWyTnY16.min.js Show response
scripts.demandbase.com/ 69 KB
19 KB 64ms
9ms Script
application/javascript 108.138.17.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/HWyTnY16.min.js

Requested by

Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-47.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

beda0693dd166d8ff47954bc08951e99f5e5028f5d64f11dbe7b70a192648daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id: VzT4VWNPtW2jSFdw6cuHU4QRN8C29Rae
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
date: Wed, 15 Feb 2023 12:57:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2947
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:52:05 GMT
server: AmazonS3
etag: W/"db79dc7b35a2fd3e1e433a965d6306c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: Xh0B5Wl0KRNLvNxl40Bno2B2PruesQSq5AD3PT6Kt6VLl25qe9mjig==

GET
H2 200 demandbase-forms.js Show response
www.malwarebytes.com/js/ 3 KB
1 KB 133ms
20ms Script
application/javascript 2600:9000:211a:6c00:16:26c7:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.malwarebytes.com/js/demandbase-forms.js?d=2020-02-04-15-03-08--0800

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKSKW3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:6c00:16:26c7:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:41:20 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: VIE50-C2
age: 328
x-powered-by: ASP.NET
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Tue, 20 Jul 2021 23:12:41 GMT
server: Microsoft-IIS/10.0
etag: W/"83427fbdbc7dd71:0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: KCuUF2QmzonTgIFmcWyJCgACTB79WzYVFvkhKCU2KjAOxoZJNiPRZw==

GET
H3 200 tag-8aed253fd4fd624508263ed385cd0fd5.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 107 KB
27 KB 25ms
24ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-8aed253fd4fd624508263ed385cd0fd5.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-f417c1be6fec5e70ea6d99fd35055d4c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 6e4fed44a6ca62b6d89fd24480aaeb6cc9a6d13b3be36945c388ea7c20f05dd5

Request headers

Referer: https://try.malwarebytes.com/
Origin: https://try.malwarebytes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 15 Feb 2023 12:03:17 GMT
server: gams1
etag: "63ecca05-6c94"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27796

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3F94 43 KB
22 KB 43ms
37ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=wmi262v5pi8d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac011d9616969fe20fc4f240e7ef7a8fe9b4c2452337ac68f862a08fec7fb108

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gqg1be9xtiyKcKxHBOK55w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22894
content-security-policy: script-src 'report-sample' 'nonce-Gqg1be9xtiyKcKxHBOK55w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:46:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 6 KB
2 KB 56ms
56ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=622914&settings_type=1&vn=7.0&exc=1|48|3|4
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-f417c1be6fec5e70ea6d99fd35055d4c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 612efd9bb98a2ad2d3081136b67622633364b565eb9b032fb5df6a4a9fb24549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:47 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1676462611"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3F94 55 KB
24 KB 46ms
14ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=wmi262v5pi8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 13:05:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3F94 406 KB
162 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 12:29:48 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2233835/ 147 B
323 B 125ms
37ms XHR
application/json 52.19.186.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2233835/visit-data?sv=6
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.186.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-186-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cb3041763bc5844a378feef039d9c9ef37bf0f425444362f8b3ea7f82dc73bf2

Request headers

Referer: https://try.malwarebytes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0213
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

23ms
23ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8df551d8ff5e7d1a8a04e008cc7a800dcff5364595211ee15c7a2110b1fd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0213 29 B
495 B 127ms
30ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:34:15 GMT
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 13:49:15 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 62ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je32d0&_p=592823957&_gaz=1&cid=186045027.1676468808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&sid=1676468808&sct=1&seg=0&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dt=&en=page_view&_fv=1&_ss=2&ep.content_group=Consumer
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 21ms
19ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K8KCHE3KSC&cid=186045027.1676468808&gtm=45je32d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K8KCHE3KSC&cid=186045027.1676468808&gtm=45je32d0&aip=1&z=434136663

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F87F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

22ms
21ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12894ce3fff15613901fe16d378011aa6e891fc9a987f28a6b702e9f2c2ad0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 13:46:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F87F 29 B
89 B 57ms
31ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:34:15 GMT
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Feb 2023 13:49:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 144ms
51ms Preflight
text/html 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 13:46:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0213 66 KB
30 KB 58ms
58ms XHR
application/json+protobuf 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d60592f6b28bc6a29e9a5a4a59ef436a65e7bcb8b4656dfdffefc6ad64d83759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30798
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 0213 116 KB
36 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1795b50b8a462e5aead6e3bdf11d1cd7c4c93a14bfd64cc18ddb34613291fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36393
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H3 200 e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js Show response
www.google.com/js/th/ Frame 0213 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be4f42c2eaf7aaeb19dd567c4d6580ecd24d98ccede7839a60c1888b2c2f8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 11:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 11:23:36 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame 0213 26 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd8d860a8b8d8476650dd25db0abbd92a995d5bb577b00a2de930b5acb0147be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Feb 2024 01:13:27 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 180ms
109ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1676468808538&id=t2_4u5qw&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=d6561a38-3b3b-4491-b711-2c71c2d25e98&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
31ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=592823957&t=pageview&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEAjAAAAACAAIg~&cid=186045027.1676468808&uid=4D42EF1A-694A-42AA-800D-5E4E0BBFCA50&tid=UA-3347303-10&_gid=1657283763.1676468808&gtm=45He32d0n71MKSKW3&z=262522195

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 01:00:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 19ms
19ms Script
application/x-javascript 23.7.203.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.203.104 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-203-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 13:46:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Fri, 26 May 2023 13:46:48 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Feb 2023 13:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4NN6kJ4TdpCNJCUpJvTWSSSlowdI/FXlw6s4jc9e6JftkhqmDQTNWGeSoMEt51YsGSslwkazL8tVTzyp6N6tMQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1480959392203028 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 376ms
376ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1480959392203028?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f1b9a9357fed04c7ca6ecf5d577c257a8a43a8c60732a14fa66ead30f991fe9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Feb 2023 13:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FzvgokO+pbN2WkTIS/qpITGPlQs6JZNQIPsK3fJSN+FBSobJawB0hIp9AAap7OYllwRr4Fu+kSsX804p/ka2fg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 25ms
25ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 15 Feb 2023 12:03:16 GMT
server: gams1
etag: "63ecca04-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/ 2 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930356311/?random=1676468808581&cv=11&fst=1676468808581&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&ref=https%3A%2F%2Fgo2.malwarebytes.com%2F&auid=530677140.1676468809&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930356311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a140f660461c361ac53c6ceaa302e58484a5c7745f33e82d474ae6c801c450fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
70ms Preflight
text/html 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 13:46:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F87F 66 KB
30 KB 58ms
57ms XHR
application/json+protobuf 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

319ed0d4c466733d5e4fd03b86ff03c6813a6022a4505866c41dd87b01525899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30796
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame F87F 116 KB
36 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1795b50b8a462e5aead6e3bdf11d1cd7c4c93a14bfd64cc18ddb34613291fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:49:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36393
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Feb 2024 20:49:57 GMT

GET
H3 200 e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js Show response
www.google.com/js/th/ Frame F87F 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be4f42c2eaf7aaeb19dd567c4d6580ecd24d98ccede7839a60c1888b2c2f8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 11:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 11:23:36 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/ Frame F87F 26 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd8d860a8b8d8476650dd25db0abbd92a995d5bb577b00a2de930b5acb0147be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 01:14:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Feb 2024 01:13:27 GMT

GET
DATA 200
OK truncated
/ Frame F87F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7AxmDfwQ-3OIWlHFlGxtPp16ffUY9DP8ilgX93nTviz6Y8DXKCyhmqheWIHZWdD5q5EDOPZ0=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F87F 2 KB
2 KB 111ms
31ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/7AxmDfwQ-3OIWlHFlGxtPp16ffUY9DP8ilgX93nTviz6Y8DXKCyhmqheWIHZWdD5q5EDOPZ0=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2d0365be9ccb0a02f5df66968122b8cb5f924a516b52607df4ed599b9e48dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:06:40 GMT
x-content-type-options: nosniff
age: 13208
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1976
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Feb 2023 01:56:47 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/uGIGyePoK2M/ Frame F87F 22 KB
22 KB 109ms
29ms Image
image/jpeg 2a00:1450:400d:807::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uGIGyePoK2M/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7abf4815f99d5042ade8d83c9ce86f58bc78430aceb46edebc618943f2d9e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 11:58:11 GMT
x-content-type-options: nosniff
age: 6517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22123
x-xss-protection: 0
server: sffe
etag: "1663692329"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Feb 2023 13:58:11 GMT

GET
H2 204 4072696.js Show response
bat.bing.com/p/action/ 0
117 B 106ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4072696.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 15 Feb 2023 13:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42850DF778AF4ED1815762E15F4A7AAD Ref B: FRAEDGE1421 Ref C: 2023-02-15T13:46:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4072696&tm=gtm002&Ver=2&mid=3d1517af-e0fe-4940-8e9b-f2dc2a5f55ae&sid=31b06670ad3711eda3741fcfdb9fbfbb&vid=31b06120ad3711edb15f6369bf0e4828&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&r=https%3A%2F%2Fgo2.malwarebytes.com%2F&lt=281&evt=pageLoad&sv=1&rn=456020

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Feb 2023 13:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FAF1441FA034384B8864ED81E77BD81 Ref B: FRAEDGE1421 Ref C: 2023-02-15T13:46:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3F94 2 KB
2 KB 16ms
16ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:26:59 GMT
x-content-type-options: nosniff
age: 569989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 15 Feb 2023 23:26:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F94 15 KB
15 KB 31ms
30ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options: nosniff
age: 471087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 02:55:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3F94 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options: nosniff
age: 385958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:34:10 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 246ms
178ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c921a364-9d73-436e-8689-d0b6595af4f1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=053e462c-908f-4d5e-a64f-d81c56ab74dc&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-response-time: 170
date: Wed, 15 Feb 2023 13:46:48 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 18b13f2d07ba4203
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 04d1057d2b8d743ca0f1733c6de5463596877c328c6e911a0e1b776561021fd1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 384ms
179ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c921a364-9d73-436e-8689-d0b6595af4f1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=053e462c-908f-4d5e-a64f-d81c56ab74dc&tw_document_href=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1m5j&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-response-time: 172
date: Wed, 15 Feb 2023 13:46:48 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c941937b155679d7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 102ce5dcf3a8e2463d8bd8816f635555a85e395b8cb148e9f05bd1cc28561a04
content-length: 43

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0213 90 B
134 B 53ms
52ms XHR
application/json+protobuf 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f72d1d5212f4ef9bab737982776e2b2d5bc4b6213545eb6684d13e7e3cbb218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
52ms Preflight
text/html 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 13:46:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3F94 102 B
133 B 23ms
22ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F&co=aHR0cHM6Ly90cnkubWFsd2FyZWJ5dGVzLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=wmi262v5pi8d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 13:46:48 GMT

POST
H/1.1 200
OK visitWebPage
805-usg-300.mktoresp.com/webevents/ 2 B
318 B 566ms
93ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://805-usg-300.mktoresp.com/webevents/visitWebPage?_mchNc=1676468808790&_mchCn=&_mchId=805-USG-300&_mchTk=_mch-malwarebytes.com-1676468808789-46859&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&_mchHo=try.malwarebytes.com&_mchPo=&_mchRu=%2Fmdr-consultation%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fgo2.malwarebytes.com%2F&_mchQp=utm_source%3Dmarketo__-__utm_medium%3Demail__-__utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582__-__mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 13:46:49 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: a88e93a2-0869-44b9-b1b2-06ada1717aa2

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F87F 90 B
134 B 53ms
53ms XHR
application/json+protobuf 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

627e4d08edd31a0e0efc34a5d6939783aa1a566a5521b6a8eaff675a2d9c646c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 51ms
51ms Preflight
text/html 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 15 Feb 2023 13:46:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/930356311/ 42 B
64 B 31ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930356311/?random=1676468808581&cv=11&fst=1676466000000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&ref=https%3A%2F%2Fgo2.malwarebytes.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=338395340&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/930356311/ 42 B
64 B 37ms
37ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930356311/?random=1676468808581&cv=11&fst=1676466000000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&ref=https%3A%2F%2Fgo2.malwarebytes.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=338395340&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AAB5 7 KB
1 KB 27ms
27ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63b4f6cbb8792597de5795c2ff777d58f382f5931666d84742237c0e9d977cf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P8AYQhBP5G7O20urMmj7pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-P8AYQhBP5G7O20urMmj7pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 13:46:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F87F 4 KB
2 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:46:48 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0213 0
10 B 29ms
28ms Image
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?CDZZ3A
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0213 4 KB
2 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 13:46:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F87F 0
10 B 34ms
33ms Image
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qsHW7A
Requested by: Host: try.malwarebytes.com
URL: https://try.malwarebytes.com/mdr-consultation/?utm_source=marketo&utm_medium=email&utm_campaign=b2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&mkt_tok=ODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame AAB5 55 KB
24 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 13:05:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame AAB5 406 KB
162 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 12:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 12:29:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 64ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=PageView&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&rl=https%3A%2F%2Fgo2.malwarebytes.com%2F&if=false&ts=1676468809133&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1676468809133.1752842589&it=1676468808563&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Feb 2023 13:46:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame F87F 50 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Feb 2023 10:33:04 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame 0213 50 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 10:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 16 Feb 2023 10:33:04 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame AAB5 39 KB
24 KB 57ms
56ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6636eb946cc0adb616227632f7a6f9c1cfe88bd6091a5fa4f7723ad0e3a0389

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 15 Feb 2023 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24282
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 13:46:49 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=592823957&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=vertical&el=25%20percent&_u=aHDAgEAjAAAAACAAIg~&cid=186045027.1676468808&uid=4D42EF1A-694A-42AA-800D-5E4E0BBFCA50&tid=UA-3347303-10&_gid=1657283763.1676468808&gtm=45He32d0n71MKSKW3&z=1140252623

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 01:00:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=592823957&t=timing&_s=3&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1753&pdt=1&dns=136&rrt=0&srt=21&tcp=19&dit=281&clt=281&_gst=263&_gbt=388&_u=aHDAAEAjAAAAACAAIg~&jid=&gjid=&cid=186045027.1676468808&tid=UA-3347303-10&_gid=1657283763.1676468808&cd2=(Non-Company%20Visitor)&cd3=Bot&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=Ulm&cd12=BW&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=DE&cd18=(Non-Company%20Visitor)&cd24=(Non-Company%20Visitor)&z=27922935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 01:00:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame AAB5 600 B
624 B 15ms
14ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:28:42 GMT
x-content-type-options: nosniff
age: 69487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Feb 2023 18:28:42 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame AAB5 530 B
554 B 16ms
14ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:42:15 GMT
x-content-type-options: nosniff
age: 137074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 20 Feb 2023 23:42:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame AAB5 665 B
689 B 17ms
15ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:05:56 GMT
x-content-type-options: nosniff
age: 56453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Feb 2023 22:05:56 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAB5 15 KB
15 KB 31ms
29ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options: nosniff
age: 471088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 02:55:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAB5 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:20:14 GMT
x-content-type-options: nosniff
age: 15995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 09:20:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAB5 15 KB
15 KB 33ms
32ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options: nosniff
age: 385959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 02:34:10 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame AAB5 40 KB
40 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8VKAD5E1-AHwkzNCfGMWTmlA8OIYW0G9uyRhf7MalUYc4I8hSXUJwHGyzknZwuPKk1ycvlIZuzKFRH27GVuiA1MPfPobC4rjji2D4Y-qPzzHlTnjrCyXa4oreJIidObhilsuEYzURgkY1OpXnQLUCbQGtX8EdAN_moF91zKmtApPNVQKedNFrJvo5xMKhlpnKwg_Egi2i9v9QRoVNR2o8xW1nzUlw&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d0ddf5887d73b242b900677417d4295a4346eca6223ca957af1ff27eb1a1643

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&k=6LcSsQwkAAAAAFBu3KZPEj9rW5TWX9yGBjHGbh8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:49 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40916
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 13:46:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 16ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1480959392203028&ev=Microdata&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&rl=https%3A%2F%2Fgo2.malwarebytes.com%2F&if=false&ts=1676468809637&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1676468809133.1752842589&it=1676468808563&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Feb 2023 13:46:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0213 28 B
54 B 58ms
57ms XHR
application/json 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
X-Goog-Request-Time: 1676468810944
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
X-YouTube-Client-Version: 1.20230212.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtHQzQxZlJpS2lGTSjHxLOfBg%3D%3D
X-YouTube-Ad-Signals: dt=1676468808311&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 15 Feb 2023 13:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:46:50 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F87F 28 B
54 B 58ms
55ms XHR
application/json 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d405f6b4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
X-Goog-Request-Time: 1676468810952
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uGIGyePoK2M?wmode=opaque
X-YouTube-Client-Version: 1.20230212.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtUclhDZVNYcS0tbyjHxLOfBg%3D%3D
X-YouTube-Ad-Signals: dt=1676468808302&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C828%2C466&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 15 Feb 2023 13:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Feb 2023 13:46:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K8KCHE3KSC&gtm=45je32d0&_p=592823957&cid=186045027.1676468808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582&sid=1676468808&sct=1&seg=0&dr=https%3A%2F%2Fgo2.malwarebytes.com%2F&dt=&en=scroll&ep.content_group=Consumer&ep.scroll_direction=vertical&epn.percent_scrolled=25&_et=828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K8KCHE3KSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 13:46:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://try.malwarebytes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7ghicgw4nish.js Show response
js.driftt.com/include/1676469000000/ 219 KB
62 KB 200ms
123ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1676469000000/7ghicgw4nish.js

Requested by

Host: go2.malwarebytes.com
URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c3755b8b51ca340a1268cb963d82e4722b7ec4bceebed7736f817b18a7215ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id: 0JA.pLkSaXVDwyCx6Q7ftOy9F780hoGv
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 15 Feb 2023 13:46:58 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 13 Feb 2023 19:12:39 GMT
server: istio-envoy
etag: W/"86acf1c02fc6f9d15464397641b6450c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MlBvwUPApAqtT55yEIMYm1e38TArPtT4gv2VRGa3H8ZPbtZ-CIMfsg==

GET
H2 200 core Show response
js.driftt.com/ Frame 771E 2 KB
1 KB 114ms
113ms Document
text/html 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1676469000000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

fe7d6842c70bef851d7b3db630c41e6c68c6fde0398a613597a294d2559a7a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 13:46:58 GMT
etag: W/"784994ac8fc6e25993901bdc3bdae50f"
last-modified: Mon, 13 Feb 2023 19:12:21 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-id: xtGQaCLRM8MrsGv5juJGWmi9RwIieHST_Ygwh-Gvp7s-6p8l5z6c6w==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: Vcz.SVHNGPQKNW.hPITWG2X6MCJQjlbE
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 05B2 2 KB
1 KB 110ms
110ms Document
text/html 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1676469000000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

fe7d6842c70bef851d7b3db630c41e6c68c6fde0398a613597a294d2559a7a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://try.malwarebytes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 13:46:58 GMT
etag: W/"784994ac8fc6e25993901bdc3bdae50f"
last-modified: Mon, 13 Feb 2023 19:12:21 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-id: 3VOSUJZqtsps0G87Us4GfMo-mHQGjvhPnUZ3CO4d4p78zvGkg5jcqg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: Vcz.SVHNGPQKNW.hPITWG2X6MCJQjlbE
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 12

GET
H2 200 runtime~main.272d31f8.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

1e0edb8355511f244e9c682e0d13e46f5cb081bac7bac85603a1402146edcf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: ik_Ng4Ovz2ch3cASzWzZLnI2UtjU1u85
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Mon, 13 Feb 2023 18:59:40 GMT
server: istio-envoy
etag: W/"ef842678c2d6a33e31435406596a5932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A5THNz9kZTo3ZyY355_AiNwkKMIXxgLljxF6h3AHAmHPN1B7nCNDig==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 35 KB
13 KB 9ms
8ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FbFhp_yRS8pUJbCAE3r3Q2BmnK7QcW8IgnCLwESRJZrE0_FVCB51_A==

GET
H2 200 main~493df0b3.bfaa8bf7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 7 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.bfaa8bf7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

93f03d420b0d30047cbe6183aa29f0975177995357f422e233e70841a5ba221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: tVIOQ5knB_pnUIzARn2A1QNlFnrQ08ww
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"f380dbfcbb0e3e9e079d70231be1cff3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xKjjztnNRoDY7A249mpAB4dib8WnEj6YvO6u6jY3Rf6m7sc3nNIFNQ==

GET
H2 200 runtime~main.272d31f8.js Show response
js.driftt.com/core/assets/js/ Frame 771E 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

1e0edb8355511f244e9c682e0d13e46f5cb081bac7bac85603a1402146edcf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: ik_Ng4Ovz2ch3cASzWzZLnI2UtjU1u85
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Mon, 13 Feb 2023 18:59:40 GMT
server: istio-envoy
etag: W/"ef842678c2d6a33e31435406596a5932"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D-r6IkvXENwOJOmv1hFtYib8peAFjdfZsYTY-tvImfkyffJu1TAcTA==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 35 KB
13 KB 9ms
8ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: adRb65nsHuuWrkh9LcvDTXOlHKjlJecPy2PBPw46upvGmH-9sr8VUQ==

GET
H2 200 main~493df0b3.bfaa8bf7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 7 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.bfaa8bf7.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

93f03d420b0d30047cbe6183aa29f0975177995357f422e233e70841a5ba221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: tVIOQ5knB_pnUIzARn2A1QNlFnrQ08ww
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"f380dbfcbb0e3e9e079d70231be1cff3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G8ihdIpTNcI7U30uiPfz5Xnd9EhW_ESgbntQjsP_2W02DGyFWLa9Xg==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 23 KB
8 KB 10ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cfnICyV_pN7yg1wIRy1EbFBgUTPvgRA-34jRkKwCe1lxwmsHfpOWgw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 36 KB
10 KB 11ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wrz02z0lv1RdozZgsG2gsZhf9UlTsR0WNvrVQCToWIyEy0ZzMnddkQ==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 32 KB
11 KB 12ms
11ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 3Dq5XEj76miHFBtzwx_L1gh4_UbdDQYk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jrQHocWTPJUPcqL43P_s0O4xssXtPsKVWytV-puiNSK0qli-cRhvkA==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 17 KB
6 KB 13ms
11ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0SugBlgEmjJQkYYyRnVbgLIj67jB8z7-g_Mc1AQMAwhpjWYjmaD-Cw==

GET
H2 200 43.7ac85d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 25 KB
8 KB 15ms
13ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: nlt9wYKKCayMlGWQHqpz8g8qDzXbqs5K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"48be1563378f7c36bdadc0f2eb616856"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AoaMphKNGbPhF-r61tkhjQ-CUCVgi9cqMrhohOW6hpUF8QTBIH4xlw==

GET
H2 200 22.7161d1f7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 74 KB
23 KB 19ms
17ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.7161d1f7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

0525fa75941bbfc7387fbb49257d925d67da3505235331b5aa27c6be8a72c1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 5ZSPqOH.m7nwO1FPZhNLZC8oV8HN.hri
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"52c4ba62e758f95005aa326a7c67a335"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y6jpenngQNlGOvlYHfsHahiLRaxOmwJRZxvgzvHrQc88x7D_t_PRLw==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 66 KB
20 KB 20ms
18ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: f9z9LEB0ilQvZ8BK9pmChNn2N.eea8wE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 13 Feb 2023 18:59:38 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PHRl4itlCARyu4ElWarm20bFKbTyS71SZERsKjjsKSQ8TZvPZBUN1w==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 91 KB
28 KB 21ms
19ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: jUF4GGgcG34JdLv0MHXRHyWvmwH3OQeO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4YgxHICQPrhORsitpqzMkqxee7TahMtBNrI7XKqvflOXmfiN1ALATg==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 23 KB
7 KB 24ms
23ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: KyS4g55V4uBz7fjaZ0R1pHyOHsEBkZV6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LkcCmGPr_QgWt1l8g2G4jLneEA6h6AQq6elgFXUSrDQzP2PrEDFJxA==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 62 KB
20 KB 26ms
25ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:02:34 GMT
x-amz-version-id: bwRea7wDCbR4ncTw_WLwO3izZD3MoPy9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 207864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Fri, 10 Feb 2023 18:18:27 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h-QvvmyqBEUJq715w3hck8SetAKbNWcJE9l06JXhwOrii-RUaq8R3w==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 105 KB
34 KB 26ms
25ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a_QFOisML_FzDDA3mAj4oeqjULntBwv6cs3tHxrTcjtG75ydIfeETA==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 12 KB
4 KB 27ms
27ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: X151O2if9SUzZhsBRIHlOqKUakbFDRo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 249qA3tXBgn9fTgQyBFzZppxLVwgBX12ecUgYuCC8qhE8bVCf-5AYA==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 13 KB
6 KB 28ms
28ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: px-RXQbZPuovJaoSMsLNc5sI8NMC0p8lCerU4XfpGT_Khbo0dxHCUw==

GET
H2 200 23.80529f14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 17 KB
7 KB 29ms
28ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.80529f14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c2e916865e5811dc30c297c5d94b30565b68fb05acce5c92851c0c38f3eb2415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: f7GnPSzVZVNA1fDLl2EjAyXSbixH0oiD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"97c3ca9aaa6fb76a1426ad11ca2061f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: esWyDSjZny1Mm6FYCK1Pyvv7Zw9owqwkQ2F-zM1xqiHFdlZBjHKDFw==

GET
H2 200 10.18bfca70.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 14 KB
3 KB 29ms
27ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/10.18bfca70.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: W.Ed7skdAN0dSG59eVgsVvIsNBx.BMsL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4ppZvj0wbDMfxvTJLolJL841tZmiJGk0_DDPQI9JUzqsadF-89o_FQ==

GET
H2 200 10.33fd2576.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 79 KB
25 KB 29ms
28ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.33fd2576.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

a03b22d4dd0f2a973d8519c65559999605db5ef425efa335f1854d6f2e67c029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:00:18 GMT
x-amz-version-id: IVJsPh8FSYTZvAmmR6w9_4RI7KWYSk3e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 586000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Wed, 08 Feb 2023 18:35:25 GMT
server: istio-envoy
etag: W/"8c4bb27fba945df0bdfe8d25049c6d28"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 26rYXFGWRbT30QwCpK0N6sq4ghZN4An0sIVvlrdk_ZIjmBFZBwEoBQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 24 B
695 B 29ms
28ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:13:51 GMT
x-amz-version-id: eR0JFDWwyA3gsnd_XajqmmtDUbC85CBL
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 1704787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
content-length: 24
last-modified: Tue, 11 Oct 2022 19:09:27 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MWejEwaxv6KKbJ16-nckAYhXz-PDb4PuOEpxzYKhh61tFyhNqtYGpw==

GET
H2 200 17.938ddc32.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 84 KB
22 KB 31ms
30ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.938ddc32.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

4bb9b0409141512cf653acfe169165f2e0d6f3a67798a61f74e95749c67abd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 19:52:13 GMT
x-amz-version-id: DcqAdrJmepmz_M9pKA9h2j5OvJGa2cKf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 669285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Tue, 07 Feb 2023 18:24:51 GMT
server: istio-envoy
etag: W/"6e1f76499cde58fd41e91c5a37d51f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cqidFJWavKbMAQnInlrMjsjzjli18HJNpj-DcLoR6JhBSHMmflK7iQ==

GET
H2 200 26.48ec8a3a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 49 KB
13 KB 32ms
31ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.48ec8a3a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

09a498e1b570018ab4109d99a62b4fe8474c0e6c2609daa5dd6a5f36da7c07ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: .dsQodY6dM4P6H1IlawfrjW_vh.52Nad
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 13 Feb 2023 18:59:38 GMT
server: istio-envoy
etag: W/"3bd1c4a09782153fbe5d029f4c0fb020"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YH-7iQRrbF4cP5-7Qyxa3B6l4keFmwQQMUc14m-6DkWb5eMMtalChQ==

GET
H2 200 18.7844c68b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 39 KB
13 KB 33ms
32ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.7844c68b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ef03132fb40254ec13e2f00189f76c0d985fde112402790b9b698e6e3c97579d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: 0Wn7XWxuQw4qrWuVTw8O4cUDXxbZIBZC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Mon, 13 Feb 2023 18:59:37 GMT
server: istio-envoy
etag: W/"f4d64f85b5be43689d5326bf9c5fd3cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u6S2OV4NQciUnosLMqYH2f-cAb5cECWjs-QQWXHTRYlUl_ciqQiJNQ==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 23 KB
8 KB 27ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WFv3si4_1FdGrZG6pbc6CBJD80z-OPr6rI0kgC3oBNH9FeSyXM61bw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 36 KB
10 KB 28ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Jwgmer8LBRGXFCxWob_Mrrxej2_crhQz7lgP3Lru7WLNKnXBp_eM0A==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 32 KB
11 KB 25ms
7ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 3Dq5XEj76miHFBtzwx_L1gh4_UbdDQYk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Odf9zIoFNe5kPMUm93DN2CTxafPQ9YKjBDNS7wA9QjWkZdWswsMTUg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 17 KB
6 KB 25ms
8ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -yD9NDcFU3SvK7xEmrt-7g1W7tX_8I3Cm3RkQSiotlww7SL8KoLWNw==

GET
H2 200 43.7ac85d58.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 25 KB
8 KB 26ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: nlt9wYKKCayMlGWQHqpz8g8qDzXbqs5K
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"48be1563378f7c36bdadc0f2eb616856"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4aFaeIUKDMhmyiiVXk5-3xmNxNJWEKJ0gGz11xHV6p4szpx5TSxQ5Q==

GET
H2 200 22.7161d1f7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 74 KB
23 KB 26ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.7161d1f7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

0525fa75941bbfc7387fbb49257d925d67da3505235331b5aa27c6be8a72c1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 5ZSPqOH.m7nwO1FPZhNLZC8oV8HN.hri
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"52c4ba62e758f95005aa326a7c67a335"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pM3JWOAGws2QgNQJMoO8GVT3C5p_G4B8dx2quIA2QuZL2914hmH3Ow==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 66 KB
20 KB 27ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: f9z9LEB0ilQvZ8BK9pmChNn2N.eea8wE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 13 Feb 2023 18:59:38 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GQajnLGLwkbjhk3OOZibY09SgX6EQCVB7uVLyvPYCx7bc2z20UU0ow==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 91 KB
28 KB 27ms
11ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: jUF4GGgcG34JdLv0MHXRHyWvmwH3OQeO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D3AMqNc8lRLPuBuZ43mThmC5dtrycLbfABSoPjIzXwfSvx4As2m8fw==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 23 KB
7 KB 28ms
12ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: KyS4g55V4uBz7fjaZ0R1pHyOHsEBkZV6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fnbIJqLbnZG4e3bpesi2gN1IvzcCPuxeDURYiVRzVv7HdJgWkI6RDA==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 62 KB
20 KB 29ms
13ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 04:02:34 GMT
x-amz-version-id: bwRea7wDCbR4ncTw_WLwO3izZD3MoPy9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 207864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Fri, 10 Feb 2023 18:18:27 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ha-oRe3v3A_HzT5K37rshl8PanjRBHdtkmPAoW1dIvrbAusSFpIKAA==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 105 KB
34 KB 30ms
13ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CqycvF67h-9ut0QlpJUX1QThi3D6_PuK50cj40oS7o-EGOgrpdFcBw==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 12 KB
4 KB 30ms
14ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: X151O2if9SUzZhsBRIHlOqKUakbFDRo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hnR1wbH_tmO_M_2K_iQ3UlENCgbPCQPN6oEI3FXYUy3YkJ8dpZVWOw==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 13 KB
6 KB 30ms
15ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mTQA6pji22OfkiziBRU6ndBvPBusPcoRybF3kcbKHUyKwKJmvK7q3g==

GET
H2 200 23.80529f14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 17 KB
7 KB 31ms
15ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.80529f14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

c2e916865e5811dc30c297c5d94b30565b68fb05acce5c92851c0c38f3eb2415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: f7GnPSzVZVNA1fDLl2EjAyXSbixH0oiD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"97c3ca9aaa6fb76a1426ad11ca2061f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gPQbyzMRwk_qjcCashlZJqTRyfhDkBf8q48Wib6EBy2zngAX2uuBMw==

GET
H2 200 10.18bfca70.chunk.css
js.driftt.com/core/assets/css/ Frame 771E 14 KB
3 KB 21ms
6ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/10.18bfca70.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: W.Ed7skdAN0dSG59eVgsVvIsNBx.BMsL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VcgPmW7NdNTb5fYfM60ckeMlQz8fQdCe95VQpGIux3lUvPg7wioMHA==

GET
H2 200 10.33fd2576.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 79 KB
25 KB 31ms
16ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.33fd2576.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

a03b22d4dd0f2a973d8519c65559999605db5ef425efa335f1854d6f2e67c029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:00:18 GMT
x-amz-version-id: IVJsPh8FSYTZvAmmR6w9_4RI7KWYSk3e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 586000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Wed, 08 Feb 2023 18:35:25 GMT
server: istio-envoy
etag: W/"8c4bb27fba945df0bdfe8d25049c6d28"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I-DzPVG8yYkPW-N86LengpgMeO3YXNahsadv5jhWuYXFNHJdQ0P67Q==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 771E 24 B
695 B 22ms
7ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:13:51 GMT
x-amz-version-id: eR0JFDWwyA3gsnd_XajqmmtDUbC85CBL
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 1704787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
content-length: 24
last-modified: Tue, 11 Oct 2022 19:09:27 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTrwYk7_xz_SueswlKk-mmhH54iKX-wbI_vev9F5wCv-XNlrxCLE1g==

GET
H2 200 17.938ddc32.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 84 KB
22 KB 31ms
16ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.938ddc32.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

4bb9b0409141512cf653acfe169165f2e0d6f3a67798a61f74e95749c67abd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 19:52:13 GMT
x-amz-version-id: DcqAdrJmepmz_M9pKA9h2j5OvJGa2cKf
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 669285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Tue, 07 Feb 2023 18:24:51 GMT
server: istio-envoy
etag: W/"6e1f76499cde58fd41e91c5a37d51f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nj3Kmz97blD5VFMKhpa2Q2mH0aLL1wmn70Xtw2G1eWrFsCmEtQuCXg==

GET
H2 200 26.48ec8a3a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 49 KB
13 KB 32ms
17ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.48ec8a3a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

09a498e1b570018ab4109d99a62b4fe8474c0e6c2609daa5dd6a5f36da7c07ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: .dsQodY6dM4P6H1IlawfrjW_vh.52Nad
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 13 Feb 2023 18:59:38 GMT
server: istio-envoy
etag: W/"3bd1c4a09782153fbe5d029f4c0fb020"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K1Mo-0yb-rUnUZfQwcv6C2WkXfZ5767m-AouaCDMXxj_utM3AlGdYA==

GET
H2 200 18.7844c68b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 39 KB
13 KB 33ms
18ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.7844c68b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ef03132fb40254ec13e2f00189f76c0d985fde112402790b9b698e6e3c97579d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:12:20 GMT
x-amz-version-id: 0Wn7XWxuQw4qrWuVTw8O4cUDXxbZIBZC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 153277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Mon, 13 Feb 2023 18:59:37 GMT
server: istio-envoy
etag: W/"f4d64f85b5be43689d5326bf9c5fd3cc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 52Bip8enofik9Yy-5t0fzQuADKUHVJM8gJg4briy5di4JBEkb12rlQ==

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 3 KB
1 KB 8ms
8ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: hzHYKpyiaZmITNnBC_LqpsxusmNF7FFl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8fMMb92L49jtAJROBUCqhI5a0Uey-NYcuB7sdaLoE9PD2DOR5QM1FQ==

GET
H2 200 38.627f88e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 3 KB
2 KB 8ms
8ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.627f88e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

43580e037fc59487c315cc0a33e1167f17c8430dd41aa375e21f4d6d325e8f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: VrL4qVVdcSDrKVxDzMDZ1ibCwb1LgkQ.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"d03d4e13d59e06f8ec44e39d9d85fa54"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nZC1fNEXEy1oPucyZS-I1gx1hDOGlqeveBG3Xh8OYB87C5b9BKNUUw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 9 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:20:43 GMT
x-amz-version-id: bxbBo6tiShmSVkJPl3yRp.s0jVilttxU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1592775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 27 Jan 2023 17:00:19 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zltx29WJj8-DLkNpd98p4UgNCFmVt6gr3UKJgEDKIZWFIxoAeTbpHg==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 35 KB
10 KB 9ms
8ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: oCx9yWccW.dlty4hHqWiey7h_DwTeEBh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BLMDaXv8HTT6XlOj66UrPU3WtGb5pmYcyGxvHTBDvOwMyDGfm9_XkA==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 771E 8 KB
2 KB 8ms
8ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: qzro7282BXz7SnLdWr3hLeI1pZAqJ2A1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v4mEnNG7ZdjJ_kgaSpbk-InCetuM3rCD78vim4Ay90waErcVv4QAJw==

GET
H2 200 29.43f0ec90.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 14 KB
6 KB 10ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.43f0ec90.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

8ca0c189d4911ebe4c2a57e80bf61583cbd9af58bb33de61a739ddf49d2d39ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: YttOPnMbgeCzGpP2GWR5vyLPUID5po5b
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"bbca5d42d17f354ba709da59e093f2e7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vYm-ym2T3nbY_g1h3J37BB-XsJbVvBhJKxip_UZWTreuOqwkc1WN7A==

GET
H2 200 21.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 771E 365 B
1 KB 10ms
9ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/21.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: ObwTjzJ4TT60JlQVwXz0_ax56DSZu27m
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
content-length: 365
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a9peZ79YExIQFtarrjwQmpRrWxrtNUK-8VSabAiGnVjflV7Xu7t59g==

GET
H2 200 21.e2134c41.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 771E 92 KB
26 KB 10ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.e2134c41.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

753ccafc5f79ba3f5de2df2265bc4f0b3eeb5c208884069f90f81c49c4cdc9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=7ghicgw4nish&eId=7ghicgw4nish&region=US&forceShow=false&skipCampaigns=false&sessionId=08c5b522-8372-41e7-a9a0-47e18b0d331a&sessionStarted=1676468818.337&campaignRefreshToken=f26893dc-5190-4d2a-a335-e07917121673&hideController=false&pageLoadStartTime=1676468807639&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:34:36 GMT
x-amz-version-id: zF1KcakyefHmwYL31gCTFn16o3EWOKAR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 414742
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 10 Feb 2023 18:18:28 GMT
server: istio-envoy
etag: W/"a6355e6a3f5047d6e9ae0f199d1a5cf5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QJ6J2eLDPm5hh3R6fZtGzB7AfkjzF6NfmREgpX8M9k7QCLslctAimA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 9 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 03:20:43 GMT
x-amz-version-id: bxbBo6tiShmSVkJPl3yRp.s0jVilttxU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1592775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 27 Jan 2023 17:00:19 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mcdwc9PYtzkgyMuhQjlwSNUPRuuXE84C06bEaFW4WzkliAgzIPpIdA==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 7 KB
2 KB 10ms
9ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:12:45 GMT
x-amz-version-id: gVdN1RDJQn3fgJjMXCjyl2aSPTHaRcFJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 462853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Wed, 08 Feb 2023 18:35:23 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ATEDm1D1wxFGMMdePtUPbgALLU46UPAtQrzPmwZ3otK3HYF8pjid8w==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 54 KB
15 KB 11ms
10ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:22:28 GMT
x-amz-version-id: XjyDJs7tJQ_66vN6EdQbFkXQ4j4BABRH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2719470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pCN3pVMVjMf2d6Mwa0mFs9WvOGtjkI5WZGYqngFpp_sm-n3FXw7Ntg==

GET
H2 200 1.5b69d480.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 44 KB
7 KB 10ms
9ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.5b69d480.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

504ff3efe64294cb4fd8b982dadb288136e511a05d4b068356c371dc6057865f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 15:28:31 GMT
x-amz-version-id: yFEFrbt3Vox_ceR8jg0L9VJqKO7sanHh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1117107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 02 Feb 2023 14:58:15 GMT
server: istio-envoy
etag: W/"3237f71ac06bcb0447f60fe4b1d5948e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FaCeoyN_BxzUFMPbfbi3J2zztPsIf7W0fi_YXueVtQe5blKvQ3EiiQ==

GET
H2 200 1.502906a3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 54 KB
17 KB 12ms
11ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.502906a3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

80e70b2680d91c7cf3bbe3e3202d16dc3a64409262133334551241b86a9eecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 19:00:19 GMT
x-amz-version-id: PL5XzY3ro33dGy_JaFgmckrMuv3awd.l
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 585999
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 08 Feb 2023 18:35:25 GMT
server: istio-envoy
etag: W/"de18fcd9afa920d48db7b5e32d4f0207"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FyT-85LngysOtPABZeQsMprDafsMavZoNs1BCfSgWRReEUqtpPSunQ==

GET
H2 200 4.aabe6f97.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 23 KB
10 KB 12ms
12ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.aabe6f97.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

07aa00aa3aa0d7f661d70680b81bb38d1af1160d7b8d391b1812a51070620535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: Fche0x0i51jw_419Uc2.RDHKx4no9Px_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"9e6f90256eeae9f2d8530b147e4694e7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IMm2sVEmI02bYc24aI4FEc9xY9zypkZtwZgyQU95XSh-10BXalE6lw==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 05B2 14 KB
3 KB 11ms
11ms Stylesheet
text/css 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: zduXhdkhoojuHNWfrJL3OG7UtCFvJe6h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RslLnO8aPuaXsc8X6lcQQtFtwkI_2dBMcGXnNFGdH4AcZrNN-6kaJg==

GET
H2 200 35.2db13da8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 05B2 12 KB
5 KB 13ms
13ms Script
application/javascript 18.66.112.39

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.2db13da8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.272d31f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

7e05c4fabf6d02fa4c14937ca467cc7d4ebbb02f295e3cff6ba999e6369fc663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1676468807639
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: cZsJMbphr0g_Rs503LmupKJPT7bBS_rp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1628521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b335cb429753b2c3dabe45686f46aee9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TVow26wPUZ9nEsVxtrbaF2tNog9HoZAZnugTJdMpfR0crUwAMIe7Lw==

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 771E 185 B
282 B 110ms
109ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f1302918e7f3e75829fd6c56ffe101c3dd3298de96217f5118a830ec108d7eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 13:46:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 40812250de32b58c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 185

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 668ms
109ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 15 Feb 2023 13:46:59 GMT
requestid: drifta64470e4742a6b7d56b077ee431
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
514 B 66ms
38ms Fetch
text/plain 108.156.60.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?key=https://web.demandbase.com/o/ad/acc/3/g/&page=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&page_title=&referrer=https%3A%2F%2Fgo2.malwarebytes.com%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1676469000000/7ghicgw4nish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-114.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.malwarebytes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 13:46:59 GMT
via: 1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-P2
x-cache: Error from cloudfront
request-id: b9c3b660-429a-448a-bb7b-fc8bbb7bb33e
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://try.malwarebytes.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: WTGptXmsCQhG9Zos_v4eGULy3ytLUY07bkgnPevueZW6DSVYjTdSwg==

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 159ms
107ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 15 Feb 2023 13:47:01 GMT
requestid: drift78db7364e10b68b06ad249a5ff1
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 771E 25 B
88 B 120ms
119ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 13:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 5f6f7d90da8edbd7
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.estore.malwarebytes.com
URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
try.malwarebytes.com/mdr-consultation/	1970-01-20 14:06:06	Name: ubpv Value: a%2C2a429308-58a1-40af-b78f-274ff04c671f
.malwarebytes.com/mdr-consultation	1970-01-20 18:26:44	Name: gaUserID Value: 4D42EF1A-694A-42AA-800D-5E4E0BBFCA50
www.google.com/recaptcha	1970-01-20 14:00:20	Name: _GRECAPTCHA Value: 09AA9PpHLeoV5cEMYlCfy9b1D1vdWTS9EkvF2pGWtQyWiCabym5M4v4wRPvEMsmqC_lA11t9D_LWwP6JfpFV6Uw9o
.go2.malwarebytes.com/	1970-01-20 09:41:10	Name: __cf_bm Value: F5Wl7cJW5xCOlTUaZPKiP9Xo9Ya_nDYRuVV1vchTU5w-1676468807-0-ASfFRZbAtaiJ+Jpi6OXpGXP5qn7h6JkIoVD9Ymun3jguC7E5zZ/LzwYQ5h4wktE17atKPd99JUWyA+8BBzaWDCg=
try.malwarebytes.com/	1970-01-20 14:00:20	Name: ubvs Value: ef34e1bd-6912-4ff1-9824-f48d6e90bb79
.malwarebytes.com/	1970-01-20 09:45:28	Name: ubvt Value: v2%7Cef34e1bd-6912-4ff1-9824-f48d6e90bb79%7C2a429308-58a1-40af-b78f-274ff04c671f%3Aa%3Asingle
.malwarebytes.com/	1970-01-20 18:26:44	Name: _biz_uid Value: 48666f53a5c74803bd23b9b48bb6ebd0
.malwarebytes.com/	1970-01-20 09:41:10	Name: _biz_sid Value: 1db814
.malwarebytes.com/	1970-01-20 18:26:44	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 18:26:44	Name: _BUID Value: 48666f53a5c74803bd23b9b48bb6ebd0
.malwarebytes.com/	1970-01-20 18:26:44	Name: _biz_pendingA Value: %5B%5D
.malwarebytes.com/	1970-01-20 09:42:35	Name: _gid Value: GA1.2.1657283763.1676468808
.malwarebytes.com/	1970-01-20 09:41:08	Name: _gat Value: 1
.bizibly.com/	1970-01-20 18:26:44	Name: _BUID Value: d95b5aedeaeecee30b7f4147f7821ddd
.try.malwarebytes.com/	1970-01-20 18:28:11	Name: _vwo_uuid_v2 Value: DD7E3A47BE313069846BCD41AB25F4A7C\|bef0e7cdeb6093fa64b1b17395daa104
try.malwarebytes.com/	1970-01-20 09:42:35	Name: ln_or Value: eyIyNTk0MTAwIjoiZCJ9
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ejHuygMOlfo
.youtube.com/	1970-01-20 14:00:20	Name: DEVICE_INFO Value: ChxOekl3TURNM09EY3dNREV3TWpBeU5UZzVOQT09EMfEs58GGMfEs58G
.youtube.com/	1970-01-20 14:00:20	Name: VISITOR_INFO1_LIVE Value: GC41fRiKiFM
.linkedin.com/	1970-01-20 10:24:20	Name: UserMatchHistory Value: AQI2P_2TlHH_UwAAAYZVU-k0ZJfHPWZnBRuWz7pnSiQ6Kxvfy3JzEjjGnyy3iLo_Y8vdOXtjU6MKQg
.linkedin.com/	1970-01-20 10:24:20	Name: AnalyticsSyncHistory Value: AQLh9xL8G0VAwQAAAYZVU-k0Z0buE7fueC_cpr0PnhwzvbCMw7hA95M0g0gft25c-TypnHwi7qyXBmqOvQx_MA
.linkedin.com/	1970-01-20 18:26:44	Name: bcookie Value: "v=2&c6505bb5-2d85-4729-8c26-5e1a2ae30fcf"
.linkedin.com/	1970-01-20 09:42:35	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2576:u=1:x=1:i=1676468807:t=1676555207:v=2:sig=AQG9me2Uj7kvybKlRbVyMhGEwh6I7ntz"
.malwarebytes.com/	1969-12-31 23:59:59	Name: __gtm_campaign_url Value: https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea
.malwarebytes.com/	1969-12-31 23:59:59	Name: __gtm_referrer Value: https%3A%2F%2Fgo2.malwarebytes.com%2F
.malwarebytes.com/	1970-01-20 18:26:44	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.malwarebytes.com/	1970-01-20 12:05:08	Name: _vis_opt_s Value: 1%7C
.malwarebytes.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.malwarebytes.com/	1970-01-20 19:17:08	Name: _vwo_uuid Value: DD7E3A47BE313069846BCD41AB25F4A7C
.malwarebytes.com/	1970-01-20 09:41:10	Name: _vwo_sn Value: 0%3A1
.malwarebytes.com/	1970-01-20 18:26:44	Name: _hjSessionUser_2233835 Value: eyJpZCI6IjJmMjJhMGVmLWQ5M2ItNWFjNS05NjZmLWM0NmQ0OTQ2ODg5NiIsImNyZWF0ZWQiOjE2NzY0Njg4MDgyMDQsImV4aXN0aW5nIjpmYWxzZX0=
.malwarebytes.com/	1970-01-20 09:41:10	Name: _hjFirstSeen Value: 1
.malwarebytes.com/	1970-01-20 09:41:08	Name: _hjIncludedInSessionSample_2233835 Value: 0
.malwarebytes.com/	1970-01-20 09:41:10	Name: _hjSession_2233835 Value: eyJpZCI6IjkzYWExN2ViLTRkODQtNDVlOS1hZTcxLThiNmU0M2JlNGVhYiIsImNyZWF0ZWQiOjE2NzY0Njg4MDgzMjAsImluU2FtcGxlIjpmYWxzZX0=
try.malwarebytes.com/	1970-01-20 09:41:08	Name: _hjIncludedInPageviewSample Value: 1
.malwarebytes.com/	1970-01-20 09:41:10	Name: _hjAbsoluteSessionInProgress Value: 0
.www.linkedin.com/	1970-01-20 18:26:44	Name: bscookie Value: "v=1&20230215134648cdb4338b-2e9c-490a-894d-98b94e58fb07AQHYFlqK6AnmdxhNW2utMH2Fn_6nnFb3"
.linkedin.com/	1970-01-20 14:00:20	Name: li_gc Value: MTswOzE2NzY0Njg4MDg7MjswMjG5ZuPq5J3MAW/D3vlwqY3pN+/XKCxRAB0NPyWeXaJe4g==
.malwarebytes.com/	1970-01-20 11:50:44	Name: _rdt_uuid Value: 1676468808538.d6561a38-3b3b-4491-b711-2c71c2d25e98
.malwarebytes.com/	1970-01-20 11:50:44	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241676468807%3A34.879016%3A%3A1_0%3A4_0%2C3_0%3A0
.malwarebytes.com/	1970-01-20 11:50:44	Name: _gcl_au Value: 1.1.530677140.1676468809
.doubleclick.net/	1970-01-20 09:41:09	Name: test_cookie Value: CheckForPermission
.malwarebytes.com/	1970-01-20 09:42:35	Name: _uetsid Value: 31b06670ad3711eda3741fcfdb9fbfbb
.malwarebytes.com/	1970-01-20 19:02:44	Name: _uetvid Value: 31b06120ad3711edb15f6369bf0e4828
.bing.com/	1970-01-20 19:02:44	Name: MUID Value: 22DC581F9B02642318CC4AA69A696538
.malwarebytes.com/	1970-01-20 19:17:08	Name: _mkto_trk Value: id:805-USG-300&token:_mch-malwarebytes.com-1676468808789-46859
.t.co/	1970-01-20 19:17:08	Name: muc_ads Value: 374ac70f-9496-43d7-9c3d-560f938a37ca
.twitter.com/	1970-01-20 19:17:08	Name: personalization_id Value: "v1_kQlr066ipJkPo6nFutoucQ=="
.malwarebytes.com/	1970-01-20 11:50:44	Name: _fbp Value: fb.1.1676468809133.1752842589
.malwarebytes.com/	1970-01-20 19:17:08	Name: _ga Value: GA1.2.186045027.1676468808
.malwarebytes.com/	1970-01-20 19:17:08	Name: _ga_K8KCHE3KSC Value: GS1.1.1676468808.1.0.1676468809.59.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://go2.malwarebytes.com/ODA1LVVTRy0zMDAAAAGJ8yv7L9srPNUQnO4UxNztF8CE2WMnFSPYEdzbJ9MzxQhCw_oxKxccOhXjeOSTd6gaOKLAgjQ= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.estore.malwarebytes.com/proxydirectory/tags/445691266569/tag.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://api.company-target.com/api/v2/ip.json?key=https://web.demandbase.com/o/ad/acc/3/g/&page=https%3A%2F%2Ftry.malwarebytes.com%2Fmdr-consultation%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3Db2b_cm_emea_cognism_hof_em1_mdr_quote_request_167594144582%26mkt_tok%3DODA1LVVTRy0zMDAAAAGJ8yv7L-KXy_untoUinUaQK8QGLEq6LAxalX03Uu1m_kxsPtUBE0ruYN2yB6uUswH1qsxxGb37CmSYCGmsHfWaWSuSetpE9tvjWXYbAIsJEVVRq5Ea&page_title=&referrer=https%3A%2F%2Fgo2.malwarebytes.com%2F Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-VS8Q/hn9YvMa6rz75uTeKV8ER0QkMffbpSDvnbM7s5A=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

805-usg-300.mktoresp.com
alb.reddit.com
analytics.twitter.com
api.company-target.com
bat.bing.com
bootstrap.api.drift.com
builder-assets.unbounce.com
cdn.bizible.com
cdn.bizibly.com
cdn.linkedin.oribi.io
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
events.ub-analytics.com
fonts.gstatic.com
fonts.ub-assets.com
go2.malwarebytes.com
googleads.g.doubleclick.net
i.ytimg.com
id.rlcdn.com
in.hotjar.com
jnn-pa.googleapis.com
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
scripts.demandbase.com
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
try.malwarebytes.com
unpkg.com
vars.hotjar.com
www.estore.malwarebytes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.malwarebytes.com
www.redditstatic.com
www.youtube.com
yt3.ggpht.com
www.estore.malwarebytes.com
104.17.70.206
104.244.42.3
104.244.42.69
108.138.17.47
108.156.60.114
108.156.61.61
13.107.42.14
13.224.189.6
13.32.27.16
13.32.99.8
151.101.193.140
152.195.15.58
18.65.39.33
18.66.112.39
18.66.147.62
192.28.144.124
199.232.16.157
2001:4860:4802:32::36
23.7.203.104
2600:9000:211a:6c00:16:26c7:ff80:93a1
2600:9000:211e:c200:1d:11cf:5800:93a1
2600:9000:225e:9c00:2:53b2:240:93a1
2606:4700::6810:7caf
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c09::9d
2a00:1450:400d:804::2001
2a00:1450:400d:804::200a
2a00:1450:400d:806::2008
2a00:1450:400d:807::2016
2a00:1450:400d:808::2003
2a00:1450:400d:80c::200e
2a00:1450:400d:80e::2006
2a00:1450:400d:80e::200e
2a02:26f0:11a::217:9a4a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::396
3.69.136.55
34.238.109.20
34.96.102.137
35.244.174.68
50.16.7.188
52.19.186.201
52.222.236.63
02b1010a56b0400b2cbef652a28efd73e6561ed03d6a06956a105ff8f37bf1f2
041f99d9ca60c57e94f977320c090c62ec09828ba45f8dee938717c114f19d3c
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
0525fa75941bbfc7387fbb49257d925d67da3505235331b5aa27c6be8a72c1b8
07a752bfb018856bde51066ff3495c20fb473afad1d06a578eb50caebbfe78b6
07aa00aa3aa0d7f661d70680b81bb38d1af1160d7b8d391b1812a51070620535
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
09a498e1b570018ab4109d99a62b4fe8474c0e6c2609daa5dd6a5f36da7c07ea
0ef47dcd520d7b5996ae3b3253808981cf7cf4efdee2b9d9fb9e8637db3c29a6
0f1b9a9357fed04c7ca6ecf5d577c257a8a43a8c60732a14fa66ead30f991fe9
197b732c579cf749221a6724dcd1839bd5dd5b87773c4bc53fc1ba5f7748963e
1ae740ebbe1a0c68cdf60b2d5df40126d47e6c69d19bf794b8a99ad5ceb81992
1b1795b50b8a462e5aead6e3bdf11d1cd7c4c93a14bfd64cc18ddb34613291fb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d4240b14eccd03507cacca22aaba32f07b69e8629aca57c56b3b77524a67b2b
1e0edb8355511f244e9c682e0d13e46f5cb081bac7bac85603a1402146edcf9b
1f72d1d5212f4ef9bab737982776e2b2d5bc4b6213545eb6684d13e7e3cbb218
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
23b222559aee6b53a76b992066474116f61abea1ad439282ed09fe6fbb9e573f
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
319ed0d4c466733d5e4fd03b86ff03c6813a6022a4505866c41dd87b01525899
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
421012e81de85338dcd9d87f43ba16a3d3c408fa85df2bd076802439a75d3220
43580e037fc59487c315cc0a33e1167f17c8430dd41aa375e21f4d6d325e8f28
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bb9b0409141512cf653acfe169165f2e0d6f3a67798a61f74e95749c67abd9a
4d16135eceb411c02bb5d95d43e29b693e6bdf25f4d7fd3ebb60a5552c85d8e1
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
504ff3efe64294cb4fd8b982dadb288136e511a05d4b068356c371dc6057865f
551d23adf227b02f72a71b93572587f8a45d64578704fe57bb39fd7fa4b082dd
5576e25dd8a4d45e90da43e0f127c4efb4d16eebcb7a1bc55fbb66e7cf504f9d
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5993bfc6f29b7cbe16f2db6fe83e70f3ed47058e64dc55b56d9d0cb185d29f5f
59af0ae547f15ceaca464ec758f69d5e728584020bb52c08118bd5c34f24fb4c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c
5e5955aef26f7585a0e94ded14f5d3b4261e463ca87fa95cac47feeb6d3d1666
612efd9bb98a2ad2d3081136b67622633364b565eb9b032fb5df6a4a9fb24549
618a8a369547c912ff17b6d55c967f78ecafa6fb94ef42c746870a0cbc596434
627e4d08edd31a0e0efc34a5d6939783aa1a566a5521b6a8eaff675a2d9c646c
63b4f6cbb8792597de5795c2ff777d58f382f5931666d84742237c0e9d977cf2
63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe
652ea14837255f2d9db977a32c93fcb92879825bfe1b265311f534e61959e7b4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e4fed44a6ca62b6d89fd24480aaeb6cc9a6d13b3be36945c388ea7c20f05dd5
753ccafc5f79ba3f5de2df2265bc4f0b3eeb5c208884069f90f81c49c4cdc9de
7abf4815f99d5042ade8d83c9ce86f58bc78430aceb46edebc618943f2d9e791
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7be4f42c2eaf7aaeb19dd567c4d6580ecd24d98ccede7839a60c1888b2c2f8d1
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7dbc00a035c1856af94c2d021ad031bc31f0e03b56b26eec2423f4a856655203
7e05c4fabf6d02fa4c14937ca467cc7d4ebbb02f295e3cff6ba999e6369fc663
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f8df551d8ff5e7d1a8a04e008cc7a800dcff5364595211ee15c7a2110b1fd0f
80e70b2680d91c7cf3bbe3e3202d16dc3a64409262133334551241b86a9eecf7
8291efd37926f1a74b525fd899300f2a0c6fe15a813da88c249b47e8937f0df8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851495cc18784cae757c6cf8d5bd6042f6325647ecb6d4aaa7fd3b603b20801f
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421
8ca0c189d4911ebe4c2a57e80bf61583cbd9af58bb33de61a739ddf49d2d39ad
8d0ddf5887d73b242b900677417d4295a4346eca6223ca957af1ff27eb1a1643
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932ad37066a342e0d43eb6eb71c160aa6c8fca66a149c69ba56c013da617860e
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
93f03d420b0d30047cbe6183aa29f0975177995357f422e233e70841a5ba221d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9a7962c16714ead45e3b90d591f96149f66207503b03fbadd71a5ce3549eebd7
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a03b22d4dd0f2a973d8519c65559999605db5ef425efa335f1854d6f2e67c029
a140f660461c361ac53c6ceaa302e58484a5c7745f33e82d474ae6c801c450fe
a555f0b0410f738128c29d0459c46af844358f117513b23b22e5839a6b53d8ce
a8ce59cb75660f270e9aab9c076c2c305849a7cf0eddfad2632b2835b93f79cc
aac0a0e8c4b9bd6250bc0829794d056ac353997cfdd0a1a67c838a956748d253
ac011d9616969fe20fc4f240e7ef7a8fe9b4c2452337ac68f862a08fec7fb108
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2d0365be9ccb0a02f5df66968122b8cb5f924a516b52607df4ed599b9e48dcb
b63a0c5c71e2c7923223a06fd7702201b304ff89d0d24aac333a1cf8bebe0dae
b63f208d7453b4553e06890bdd2e3190b2cdee3b8aad95a141b88a61ba969060
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
bb3bf52d2956b654034a61ed94356647ab5853604e5fbe0431095be39b2f4442
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
be8dd2948f0dd20a990b74d9d9cdd266bad080412471ccc919b1055cfe439491
beda0693dd166d8ff47954bc08951e99f5e5028f5d64f11dbe7b70a192648daa
c007fe440b9bc335b21e039feac8deaf5f14f3de16ea41ffa81a3f610096cd69
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c2e916865e5811dc30c297c5d94b30565b68fb05acce5c92851c0c38f3eb2415
c3755b8b51ca340a1268cb963d82e4722b7ec4bceebed7736f817b18a7215ee9
c6517ce622f7543c43012579eebb219cd6f160eb3d5c66afdbe1117634d2c988
c79bb31f7a226c40095cb588ec5f910160c548d7e4912fbc24b79714d4929489
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb3041763bc5844a378feef039d9c9ef37bf0f425444362f8b3ea7f82dc73bf2
cd8d860a8b8d8476650dd25db0abbd92a995d5bb577b00a2de930b5acb0147be
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d1a1d73ab4f91a45680e1b05a9e77fc2b1a3e3b71118f1371968978d199c2595
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d60592f6b28bc6a29e9a5a4a59ef436a65e7bcb8b4656dfdffefc6ad64d83759
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
d7ceef922fb65cb474fa558c511bcb9ccbf8cd939e5cb85e94dfc1cbbe02a645
d7d33a0b9a125c1e2bc171336f066a77c96ac9939372ff1a6a88754a854412fc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e57491b2f48afb99250a0997cdf9ced6354f6a584c7205c699cea4f18d9dc082
e6636eb946cc0adb616227632f7a6f9c1cfe88bd6091a5fa4f7723ad0e3a0389
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef03132fb40254ec13e2f00189f76c0d985fde112402790b9b698e6e3c97579d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa12b5f715e973d01d92cf3fb5492a27b0d8e6702527a5a3c9da9b16f3e3053
f056b54f463db7aece8a2c50d306d2b2cf87c3fc823781d97d3f6f085c771870
f12894ce3fff15613901fe16d378011aa6e891fc9a987f28a6b702e9f2c2ad0f
f12a492b447a87cec7e5b0d243bc6f2f81ca2ca381ef0b4040f6ac09e4a69920
f1302918e7f3e75829fd6c56ffe101c3dd3298de96217f5118a830ec108d7eac
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
f95c75c564010d1dfbec8bec4d7a1f933970e00f6b77048e37e1a65139846c61
fe7d6842c70bef851d7b3db630c41e6c68c6fde0398a613597a294d2559a7a15
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

try.malwarebytes.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

98 %HTTPS

49 %IPv6

38 Domains

53 Subdomains

49 IPs

6 Countries

4626 kBTransfer

13895 kBSize

51 Cookies

0 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

try.malwarebytes.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

98 %
HTTPS

49 %
IPv6

38
Domains

53
Subdomains

49
IPs

6
Countries

4626 kB
Transfer

13895 kB
Size

51
Cookies

228 HTTP transactions
2 data transactions