Submitted URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8N...
Effective URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-lo...
Submission: On June 28 via api from SG

Summary

This website contacted 30 IPs in 5 countries across 22 domains to perform 226 HTTP transactions. The main IP is 2606:4700:3037::ac43:81eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.reportdoor.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2021. Valid for: a year.
This is the only time www.reportdoor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
24 199.232.137.44 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 213.202.235.8 24961 (MYLOC-AS ...)
1 2 2a00:1450:400... 15169 (GOOGLE)
12 141.226.228.48 200478 (TABOOLA-AS)
2 185.106.33.48 200478 (TABOOLA-AS)
47 151.101.13.44 54113 (FASTLY)
4 13.248.242.197 16509 (AMAZON-02)
5 5 185.94.180.126 35220 (SPOTX-AMS)
4 3.120.52.76 16509 (AMAZON-02)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
3 34.198.78.234 14618 (AMAZON-AES)
4 185.94.180.123 35220 (SPOTX-AMS)
1 69.173.144.138 26667 (RUBICONPR...)
226 30
Apex Domain
Subdomains
Transfer
85 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
il-trc-events.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
1 MB
55 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
335 KB
13 ampproject.org
cdn.ampproject.org
239 KB
13 doubleclick.net
googleads.g.doubleclick.net
117 KB
9 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
8 KB
9 reportdoor.com
www.reportdoor.com
images.reportdoor.com Failed
1012 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
315 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 bidswitch.net
x.bidswitch.net
581 B
4 adsrvr.org
match.adsrvr.org
1 KB
4 google.com
adservice.google.com
www.google.com
1 KB
3 bfmio.com
ioms.bfmio.com
2 KB
3 googletagservices.com
www.googletagservices.com
103 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
2 exactag.com
m.exactag.com
2 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 google.de
adservice.google.de
975 B
2 recordedfuture.com
go.recordedfuture.com
4 KB
1 gravatar.com
secure.gravatar.com
2 KB
1 googleadservices.com
partner.googleadservices.com
660 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
226 22
Domain Requested by
45 tpc.googlesyndication.com googleads.g.doubleclick.net
go.recordedfuture.com
tpc.googlesyndication.com
cdn.ampproject.org
pagead2.googlesyndication.com
39 images.taboola.com www.reportdoor.com
13 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
go.recordedfuture.com
www.googletagservices.com
13 cdn.taboola.com www.reportdoor.com
cdn.taboola.com
10 pagead2.googlesyndication.com www.reportdoor.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 www.reportdoor.com go.recordedfuture.com
www.reportdoor.com
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 trc.taboola.com cdn.taboola.com
www.reportdoor.com
7 fonts.gstatic.com www.reportdoor.com
fonts.googleapis.com
5 sync.search.spotxchange.com 5 redirects
4 search.spotxchange.com vidstat.taboola.com
4 x.bidswitch.net am-match.taboola.com
imprammp.taboola.com
4 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
3 ioms.bfmio.com vidstat.taboola.com
3 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
3 am-vid-events.taboola.com www.reportdoor.com
vidstat.taboola.com
3 am-match.taboola.com vidstat.taboola.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 am-wf.taboola.com vidstat.taboola.com
2 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
2 wf.taboola.com vidstat.taboola.com
2 il-trc-events.taboola.com www.reportdoor.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 m.exactag.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 platform.twitter.com www.reportdoor.com
platform.twitter.com
2 go.recordedfuture.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 imprammp.taboola.com vidstat.taboola.com
1 trc-events.taboola.com www.reportdoor.com
1 15.taboola.com cdn.taboola.com
1 www.gstatic.com googleads.g.doubleclick.net
1 secure.gravatar.com www.reportdoor.com
1 syndication.twitter.com platform.twitter.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.reportdoor.com
0 images.reportdoor.com Failed www.reportdoor.com
226 42
Subject Issuer Validity Valid
go.recordedfuture.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-04-22 -
2022-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-31 -
2021-08-23
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2019-08-28 -
2021-09-13
2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.bfmio.com
Amazon
2021-05-16 -
2022-06-14
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2021-03-10 -
2022-03-29
a year crt.sh

This page contains 21 frames:

Primary Page: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Frame ID: D3C3AD452D269F97F45C6AB4032CF49F
Requests: 122 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html
Frame ID: 29875D78C135764BB131AAA83D035391
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.reportdoor.com
Frame ID: 4C0BAC0173D842FC8515F8524CB08BEF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1624840622&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622185&bpp=3&bdt=219&idt=120&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5391867972087&frm=20&pv=2&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140
Frame ID: A09F84F5E537660520E7A3298C07146A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Frame ID: EA64462250D562FC80325740503E9C89
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Frame ID: D4528CBC13A8AC923204354E03E6F881
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Frame ID: A13D955F5A3A1EAC454DECBA0460E95F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Frame ID: 997D6C61A21D04C6668B20283926FC95
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Frame ID: F90C9C0881DA0B3C2A35957B7BD644F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Frame ID: F8C336C53CBAC1FF93BC4D45C9676627
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Frame ID: E587590A43FB72C0F88172A7478B709F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjwfVrhnZYN_eGtWU9u8P7PKT0AWkt6O4Y7Gojq6LDsvxppj9JRABIO2C-TFglQKgAeiZ0NIDyAEJqAMByANIqgTMAU_QSAXtuuHmupsCwY5Egk6Q8NtOn4l2Rg3PwV3mlBIRKezbAfik0WEWjdAfy-QckbbRY1cWdETNX2ml6m1J4z4zY9y9qqrAV9wrXpAMVUx7ULxexRrCIP-NIQXKt-0N1wCsm4o-PBm_N6V-QUx5CGNstCne2tRDaX4H-zYIZIXV69SxcKA905qd9ZoDLn1bkj-A6AJ51vNVnjZTWbGyeuzddnKYo4LARTZtTjH4420gikpOZ283MA2-7iC-u4CgSZJkmS8z4yxrOEngDMAEzcDts8kDkgUECAQYAZIFBAgFGASgBi6AB4Dmry2oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQyqAc0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=qxJl9Vy4Ups&template_id=419
Frame ID: 45219577D1855C53A999973DDB1CB0DF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E0992C69838C377E06C985BF8CA10669
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Frame ID: A3D2BEE62B472D31AADB808BE8EF757C
Requests: 18 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8811F910EAA64F4802EE8C7FDFFAE011
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 41AED2E7421EC0845878070D0ABA9244
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 76541BA2A7CBCC8DD1591455A917E782
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 20D58C1A64300D39C1712BF1AF9EC5D8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 997C3D9DE7B2ACF52137D1B0CE0EE2AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEC45FA544E4AEDE7BB5AB94EFCDC826
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 2D9562E30C89E12DBE60B57E88950AB3
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9... Page URL
  2. https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV... HTTP 307
    https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsof... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

226
Requests

99 %
HTTPS

52 %
IPv6

22
Domains

42
Subdomains

30
IPs

5
Countries

3773 kB
Transfer

8404 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1 Page URL
  2. https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1?_ud=04779fee-6192-47d2-8e57-8c22d8fde7f4&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 184
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=f5cca090-d7a8-11eb-ae98-10b91cd50106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cca044-d7a8-11eb-ae98-10b91cd50106&orig=video&us_privacy=1---
Request Chain 187
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=f5cce8ea-d7a8-11eb-a604-1a3233820506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cce89a-d7a8-11eb-a604-1a3233820506&orig=video&us_privacy=1---
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 227
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fb7a909c-d7a8-11eb-8e27-169e7f670006&orig=video&us_privacy=1---

226 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3...
go.recordedfuture.com/e2t/tc/
9 KB
3 KB
Document
General
Full URL
https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
go.recordedfuture.com
:scheme
https
:path
/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:36:55 GMT
content-type
text/html;charset=utf-8
cf-ray
6662d7f8ab314dca-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0af1a54f6a00004dca1f2fc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
eac6c312-064d-4125-a8ff-a9c4d86e1400
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BZqV0Bxcpb3I5ntecQErA2SqvGkqAYEJxalFTMF7iIlvr3DuKnCzuZHoLsZVuMVLWxhNYFYBXd%2ByHFDzWI4ByyXVT%2BtHw2bfCrY0UlK%2ByFgp%2BYeZ4CoF3ZwK79PMdZc14d%2BBjC7w6EQ1YV5BXNI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
set-cookie
__cfruid=eb75d56ab465fc19fb08a17f0c32866b4ea3128a-1624840615; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br
Primary Request /
www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/
Redirect Chain
  • https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q...
  • https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h...
58 KB
10 KB
Document
General
Full URL
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Requested by
Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24b1df799ea526a7b7f7e7c65855831ba773d802b504e5ea8758e998d454118

Request headers

:method
GET
:authority
www.reportdoor.com
:scheme
https
:path
/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1

Response headers

date
Mon, 28 Jun 2021 00:37:01 GMT
content-type
text/html; charset=UTF-8
wpo-cache-status
not cached
wpo-cache-message
In the settings, caching is disabled for matches for one of the current request's GET parameters
link
<https://www.reportdoor.com/wp-json/>; rel="https://api.w.org/", <https://www.reportdoor.com/wp-json/wp/v2/posts/393231>; rel="alternate"; type="application/json", <https://www.reportdoor.com/?p=393231>; rel=shortlink
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0af1a55068000006012d1ab000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZOHQrglZTvN4R7Eg62F9SymyF9ui6X1T2u3rLbb2jXAOPSxCXLNt5ICKd9sg1%2FtP80%2B%2BSz8w4AScRg0%2FC0xNnkB6LW%2FWfb4rKU1Pco4gsHQUjVwS3soXjT0RCkExol%2Bu%2By0COXAxTCpSSOS8"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6662d7fa3bca0601-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Mon, 28 Jun 2021 00:36:56 GMT
location
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
cf-ray
6662d7f90ba44dca-FRA
link
<https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0af1a54fa000004dcab7a4d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
ea87084c-cef4-4084-be0e-59443d30488b
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u0flLXE24P%2BrfLvFoO9YkXnt87e78pF5dYGlGCdbx2Xmk0ZhowHiGalh%2FShD8BykPdxy32BWyIGXPf4Kco9gzvAkGRY548L1vJH7C26Ka4BJqdINJDPb2XLmPnnp9oodmzxrgYpayC%2FU2WVjnr0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164811841-1
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2f2549d8026075374e4142efd027243975416bf5a1d936425eb9a0e684ab05f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36365
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Jun 2021 00:37:01 GMT
wpo-minify-header-cfe92710.min.css
www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/
272 KB
41 KB
Stylesheet
General
Full URL
https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-cfe92710.min.css
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1b208f920331804c35ce111ba9ba0a6fbb6fc05b79c5cab88fdaad758a18be

Request headers

:path
/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-cfe92710.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2998
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af1a567a000002b1e7ea2a000000001
last-modified
Fri, 25 Jun 2021 19:52:44 GMT
server
cloudflare
etag
W/"44000-5c59c7baca831-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E1VKlMJ3W633Wd8r7WTyoa99y%2BkJbNoHwyWp12Rl2TITWyfNqanVxNdAMBBsoA%2BROfUJKnvBIJnJYoJv51ahigU%2FRAV399jr2smDZg3ZLAX%2F%2Fye25tn0CTJQ8ZmOe6sPVOBfjFEe3AKPQUJ%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6662d81f6b2e2b1e-FRA
wpo-minify-header-b5121f49.min.js
www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/
108 KB
36 KB
Script
General
Full URL
https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef1ed69f675387b64ca365d659c14c972a3b593199552c020017cc9e6ceacfe

Request headers

:path
/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5341
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af1a567a000002b1e8f1cb000000001
last-modified
Fri, 25 Jun 2021 19:52:44 GMT
server
cloudflare
etag
W/"1b0e4-5c59c7bad1592-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l85Q%2F6Q6L4J3X0acRUy7nbskrwfXpwVKWPhH5yqlQgQh28Vrfjozkm3gaVOSTlluNjtrcsSRRrybedTPnp1gyehwWjtJi8mjPUy%2BupbaUWKL9dD0QdyT9eDKrQdZ1JVaNH5E3mwIZTY%2BzvSF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6662d81f6b2c2b1e-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27ea74dfb4a30a347127033f5d7b36b3ede2dcb0a496d0b34f5043068b944006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49104
x-xss-protection
0
server
cafe
etag
6451195366741806814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Jun 2021 00:37:02 GMT
Microsoft-signed-a-driver-loaded-with-rootkit-malware-2048x1365.jpeg
www.reportdoor.com/wp-content/uploads/2021/06/
444 KB
445 KB
Image
General
Full URL
https://www.reportdoor.com/wp-content/uploads/2021/06/Microsoft-signed-a-driver-loaded-with-rootkit-malware-2048x1365.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc45ed9f7350510b142ce360983d7465d798ff703c6670de148ef33128de2b4d

Request headers

:path
/wp-content/uploads/2021/06/Microsoft-signed-a-driver-loaded-with-rootkit-malware-2048x1365.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
454510
cf-request-id
0af1a567dd00002b1e968df000000001
last-modified
Sun, 27 Jun 2021 16:59:00 GMT
server
cloudflare
etag
"6ef6e-5c5c24a11a2b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LjfOZZjdQiDj9PUziYMVasSvCoB5A3gfw%2Bi8dxiVaFrEXqKuzRRHTdfrg2VpmdVNZtjrUa%2B%2BRsnafBV8lxwAE%2FSkf%2BeQXMGy4ibAj6xdKppUj89rdqaEMLzkRfUBDE13JecpJJgt%2F2clV4sg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6662d81fcb9d2b1e-FRA
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 00:37:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6796)
Age
1246
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
Apple-lists-the-devices-you-should-keep-away-from-your-1536x1023.jpeg
www.reportdoor.com/wp-content/uploads/2021/06/
126 KB
127 KB
Image
General
Full URL
https://www.reportdoor.com/wp-content/uploads/2021/06/Apple-lists-the-devices-you-should-keep-away-from-your-1536x1023.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd7bd1726f4e978bfff408bf5fc4494ba0861c4dc54a484eef637539f9e89b7

Request headers

:path
/wp-content/uploads/2021/06/Apple-lists-the-devices-you-should-keep-away-from-your-1536x1023.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
129125
cf-request-id
0af1a567dd00002b1ebd2be000000001
last-modified
Sun, 27 Jun 2021 21:30:32 GMT
server
cloudflare
etag
"1f865-5c5c61521f699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AeTScovvNPsdAqk39Q0ybC3yLhOjTrTSumH26d7Ldm9G2W6PqYGtnlnmNfBRm90WqImfzGQytu7McxeFdVfY3UGNKATbCdEGQR1WS7CnkeszjSDx0HloyIdvBZ3ZnMTB8sZxE70hIiTCoBQb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6662d81fcb9f2b1e-FRA
Samsungs-Galaxy-Buds-2-might-sport-a-slicker-more-colorful-1536x1024.jpeg
www.reportdoor.com/wp-content/uploads/2021/06/
108 KB
109 KB
Image
General
Full URL
https://www.reportdoor.com/wp-content/uploads/2021/06/Samsungs-Galaxy-Buds-2-might-sport-a-slicker-more-colorful-1536x1024.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753f6ba4548243a04d1aadf37418d15e535a8159ce6a1f6a303e33f8dc940f67

Request headers

:path
/wp-content/uploads/2021/06/Samsungs-Galaxy-Buds-2-might-sport-a-slicker-more-colorful-1536x1024.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
110487
cf-request-id
0af1a567dd00002b1e5403f000000001
last-modified
Sun, 27 Jun 2021 21:05:46 GMT
server
cloudflare
etag
"1af97-5c5c5bc8c1985"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gpfMOHlBNBWWqK447iyjSmDhPc75OB%2By0VJH1YFt9epJdz6Shs2UwHEHJe05JFTaB2WNl4cDX3XROon%2BVS%2Fb152VE4%2B13%2F9AlZTwQMjxZo6OCoVkWhjR0eJNtK9e7F61cJJisMSDxFHYnSq0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6662d81fcba12b1e-FRA
Venmo-will-let-you-sell-goods-through-your-personal-account-2048x1365.jpeg
www.reportdoor.com/wp-content/uploads/2021/06/
146 KB
146 KB
Image
General
Full URL
https://www.reportdoor.com/wp-content/uploads/2021/06/Venmo-will-let-you-sell-goods-through-your-personal-account-2048x1365.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1744aa42e617eb4af823391ed6ca00f1d2684f74db5f0519116ab4d9fffa6fed

Request headers

:path
/wp-content/uploads/2021/06/Venmo-will-let-you-sell-goods-through-your-personal-account-2048x1365.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
149150
cf-request-id
0af1a567de00002b1e73bd8000000001
last-modified
Sun, 27 Jun 2021 20:08:21 GMT
server
cloudflare
etag
"2469e-5c5c4ef39a53d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2HkWKKzSuvURGniBxSFRjlGejePkXvGmFxkI9uKtnyqIKmtDwGIlr6%2FMdHEAaAGKcaeYNIaYegRHkA2DoJ2gnriF3xM8%2FNbEsrPP9iHLPDN3NcTXCkfU8H3MQW2xDvUpip%2F17Sj7kosWVjvm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6662d81fcba22b1e-FRA
wpo-minify-footer-600d28e6.min.js
www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/
109 KB
33 KB
Script
General
Full URL
https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-footer-600d28e6.min.js
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02dda8e6f5f4912491f3479276a064c48e059843c101b1b75aea03e57fd75fa8

Request headers

:path
/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-footer-600d28e6.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
886
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af1a567c500002b1eb310c000000001
last-modified
Fri, 25 Jun 2021 19:52:52 GMT
server
cloudflare
etag
W/"1b493-5c59c7c2bdaef-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bsBvrRdwkJ7QG9xJxR50GnoUYAJexXaYNYT2zyZeWOibHdoCA3F8ApwzySGeftOVLCk%2Bb%2BYedJqG66NlPEEPNP2iaHxL2nbCjKH4EoBTGEckVH21K7uJgVPqqb2NWaYgM2EMlVAR7%2BmEROSr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6662d81fab6d2b1e-FRA
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164811841-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3414
date
Sun, 27 Jun 2021 23:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Mon, 28 Jun 2021 01:40:08 GMT
loader.js
cdn.taboola.com/libtrc/reportdoor-network/
273 KB
28 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e3ebe8564a8a62361ece8eaf0f6b21fee39df4d2eea24ee965a476bbfe6633f

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pdRC8BWWo6tyb3DXJn9iwcopjIzw1y8I
content-encoding
gzip
etag
"23a34ce08fa6f7ee6d5df4c2d6e2aff6"
age
82
x-cache
HIT
content-length
27781
x-amz-id-2
/ctRRw9/BRlOWFQ/N559xpHAWguJUUKT0po1dDkg+feSkdt03tkRh2YnzDmxXcRiiWbo8a74BsA=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 08:52:04 GMT
server
AmazonS3
x-timer
S1624840622.130651,VS0,VE1
date
Mon, 28 Jun 2021 00:37:02 GMT
vary
Accept-Encoding
x-amz-request-id
B8109YQSEWA2SJSQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
63
x-cache-hits
1
mem8YaGs126MiZpBA-U1UQ.woff
fonts.gstatic.com/s/opensans/v20/
54 KB
54 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-U1UQ.woff
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3adc584fb0bef1fbf9b1c0ecddde5727643b4334c734db78b517ab112d92e1d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:35:01 GMT
x-content-type-options
nosniff
age
410521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55324
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:20 GMT
server
sffe
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 06:35:01 GMT
fontawesome-webfont.woff2
www.reportdoor.com/wp-content/themes/herald/assets/fonts/
65 KB
66 KB
Font
General
Full URL
https://www.reportdoor.com/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-cfe92710.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

:path
/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2
pragma
no-cache
origin
https://www.reportdoor.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.reportdoor.com
referer
https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-cfe92710.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-cfe92710.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7158
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
66624
cf-request-id
0af1a567e200002b1ebfbb9000000001
last-modified
Sun, 14 Jun 2020 04:52:25 GMT
server
cloudflare
etag
"10440-5a8041393324e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n9XF2M2JpaLSvChBaMMmBbqeUkMHf17ZDxDy3YMu1c%2FSwqSkOOSx17tWprsvdD5I3OLgRTpXYaZwmNAD27W%2F26llaPVnBybRYqsWBojUkvzpmOLTSgSNGFwcU0hU%2FusWPm9CRphSbGSJ59Kv"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6662d81fcbaa2b1e-FRA
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4OWaw.woff
fonts.gstatic.com/s/robotoslab/v13/
72 KB
72 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4OWaw.woff
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14eb457f7e0dffb50280fc147d2e1ac2b7cbb5705e42484a792b7960bd4ff61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 13:49:46 GMT
x-content-type-options
nosniff
age
384436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73588
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:35:00 GMT
server
sffe
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 13:49:46 GMT
mem5YaGs126MiZpBA-UNirk-Vg.woff
fonts.gstatic.com/s/opensans/v20/
56 KB
56 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirk-Vg.woff
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9448f7c3bd336008d83d3e4730ac005be651a3a39ade1d36ebb29b5be9201235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 11:36:03 GMT
x-content-type-options
nosniff
age
478859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57744
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:24 GMT
server
sffe
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 11:36:03 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
882 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
230
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Mon, 28 Jun 2021 01:33:12 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISWaw.woff
fonts.gstatic.com/s/robotoslab/v13/
70 KB
70 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISWaw.woff
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a564cbbf3c924e1085480876d59fd2d773a652f3f20eeda8dcf37603003e35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 23:33:00 GMT
x-content-type-options
nosniff
age
435842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71892
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:32:16 GMT
server
sffe
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 23:33:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/
240 KB
89 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91015
x-xss-protection
0
server
cafe
etag
11458787442517343973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Jun 2021 00:37:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/ Frame 2987
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210623/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210623/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 27 Jun 2021 03:56:11 GMT
expires
Sun, 11 Jul 2021 03:56:11 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
74451
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 4C0B
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.reportdoor.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.reportdoor.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
271400
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Jun 2021 00:37:02 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1401565&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&ul=en-us&de=UTF-8&dt=Microsoft%20signed%20a%20driver%20loaded%20with%20rootkit%20malware%20-%20Report%20Door&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=302073354&gjid=208557787&cid=906259880.1624840622&tid=UA-164811841-1&_gid=1487932846.1624840622&_r=1&gtm=2ou6n0&did=dZGIzZG&z=1098574640
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20210627-5-RELEASE.js
cdn.taboola.com/libtrc/
525 KB
118 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
56b72a82f7d6ad45158f432332f75f18b7b5dca700337772ba6c520437dd7d9e

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4NfZwv2L79Hh.B8qtpVzVPlt1xX9fiJ7
content-encoding
br
etag
"1d5a61faa6fafa766d2f0a9aeacee1f5"
age
28523
x-cache
HIT
content-length
119991
x-amz-id-2
2EYzA7MQ85BJJm0D1mOaMlj8oKbU8Bs1idHT03s2Uio9NVILqsVu3b02Hwg3P9TVCWozYeds1Hs=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 08:36:17 GMT
server
AmazonS3-br
x-timer
S1624840622.297686,VS0,VE0
date
Mon, 28 Jun 2021 00:37:02 GMT
vary
Accept-Encoding
x-amz-request-id
A2SYHJ21S7CB76NF
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
24
x-cache-hits
181707
cookie.js
partner.googleadservices.com/gampad/
204 B
660 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.reportdoor.com&callback=_gfp_s_&client=ca-pub-3511443799407499
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
545995b05ab1947e4a3c2cca73c747b7faf2d0c397894d4adf52c13dc9738579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.reportdoor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.reportdoor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A09F
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1624840622&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622185&bpp=3&bdt=219&idt=120&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5391867972087&frm=20&pv=2&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1624840622&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622185&bpp=3&bdt=219&idt=120&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5391867972087&frm=20&pv=2&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 28 Jun 2021 00:37:02 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 00:52:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:02 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Mon, 28 Jun 2021 00:37:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-3511443799407499&c=9&e=2570847921467975139&n=0&t=0&w=517&x=6
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EA64
70 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4b9234f08a05464a2a693ae4ba584825cb35ddbac0a0a91c74c56eee6006f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Jun 2021 00:37:02 GMT
server
cafe
content-length
24134
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 00:52:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D452
199 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7eb2a66ea4e53f8671205abc2ba3efddfdade1826260f1e016b138a600ab3aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Jun 2021 00:37:02 GMT
server
cafe
content-length
24690
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 28-Jun-2021 00:52:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A13D
124 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
300f248a22b396c0024c144d3ba0a975a92fb59789969ce8265bf4de96a06b04
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_t94CLufECFVWK_QcdbPkEWg&gqi=rhnZYMeeGtTc7_UP_pum6Ac&layout=/sadbundle/%24csp%253Der3%24/4330587781611926158/300x250/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_t94CLufECFVWK_QcdbPkEWg&gqi=rhnZYMeeGtTc7_UP_pum6Ac&layout=/sadbundle/%24csp%253Der3%24/4330587781611926158/300x250/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Jun 2021 00:37:03 GMT
server
cafe
content-length
40309
x-xss-protection
0
set-cookie
IDE=AHWqTUlaLLguN-u6bFCzAYEaCobgnnsqS97VGlbG3dzJ6rUN2Dh4sAVGp0q-o6dN96U; expires=Sat, 23-Jul-2022 00:37:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:03 GMT
cache-control
private
settings
syndication.twitter.com/ Frame 4C0B
256 B
258 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=d4f6d44592019a1e7f5da34ba64ee0f93803128b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.reportdoor.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 00:37:02 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
d7dfe1469996758d86c84af9af369a8a5f45f65bf65feff2841a18503949b01c
content-length
176
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.reportdoor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.reportdoor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 997D
200 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be80965f33e3bc21234fd633981cb83847d5671502225af1ef40bc46c1d80f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 28 Jun 2021 00:37:03 GMT
server
cafe
content-length
24793
x-xss-protection
0
set-cookie
IDE=AHWqTUlSzrzXiy4HkDjJaF4LYmnzyZhQyopAuNpkcoxKvhE6UYJ-KdMkBl-mSrx6PiU; expires=Sat, 23-Jul-2022 00:37:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:03 GMT
cache-control
private
10a4afcf0f5723056e52289dd4477b70
secure.gravatar.com/avatar/
2 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/10a4afcf0f5723056e52289dd4477b70?s=112&d=mm&r=g
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6bd7f50eb2089e7d871cd54fb4119c74b71f94c3899a44eeda6afeeee2fac3d4

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 28 Jun 2021 00:37:02 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="10a4afcf0f5723056e52289dd4477b70.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/10a4afcf0f5723056e52289dd4477b70?s=112&d=mm&r=g>; rel="canonical"
content-length
1768
expires
Mon, 28 Jun 2021 00:42:02 GMT
css
fonts.googleapis.com/ Frame EA64
6 KB
669 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Jun 2021 23:48:55 GMT
server
ESF
date
Mon, 28 Jun 2021 00:37:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Jun 2021 00:37:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame EA64
1 KB
989 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:33:17 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame EA64
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:18:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame EA64
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:35:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA64
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Mon, 28 Jun 2021 00:37:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame EA64
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:34:14 GMT
5be26e13f65761684aaaff0594247b1f.js
www.gstatic.com/mysidia/ Frame EA64
25 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 15:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10687
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 02:45:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 25 Sep 2021 15:17:05 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EA64
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZk7prhnZYNbRF-qX9u8P14Wd8AXJ4LCIY5H2sO3uDQoQASDtgvkxYJUCoAHB1MG0AcgBCakCQzZDmXsGtD6oAwHIA8sEqgS9AU_QK4FL50uX1FfaYwvISoz-xQhfro8JL5xGh0i0siW09jWB4vOeorShq8wEERaEgGcFbSb7glTUxCb21OhlKID0I8Vb01nXY5tib9qRan9CcwJLLoOqzXOUCXNKOsGHs8t_-Z2Z0-dMNiAUVY4DQEBPCuGrRJM_duqx3w7epRJaLaDSqdQt45Ah9wHREybKqxzzYuzdQW9CfSu0UOu2AWPR6xKBeai7qPcfP_xFh5nZisvaaxoSgq4SqETk_MAEoIbjrs4DoAYugAenq77LAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCHjQPSCAkIgOGAEBABGB-ACgHICwHYEwOIFAXQFQGYFgGAFwGyFxoKGAgAEhRwdWItMzUxMTQ0Mzc5OTQwNzQ5OQ&sigh=3NB4YDZDHV0&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Jun 2021 00:37:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Jun 2021 00:37:02 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3166368289428907305/ Frame EA64
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3166368289428907305/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5016b08987573a95bf81768da90217fc6d3a0f2c13424c8b542580cd045986b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:04:27 GMT
x-content-type-options
nosniff
age
455555
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
x-xss-protection
0
last-modified
Fri, 07 May 2021 09:21:02 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 18:04:27 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17015523385641535536/ Frame EA64
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17015523385641535536/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0300d29f5d9bc5f1a48446cab7720de0006fa2d52a18c8ac99cc9706bb120e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:38:25 GMT
x-content-type-options
nosniff
age
403117
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1144
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 13:39:29 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:38:25 GMT
truncated
/ Frame EA64
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
json
trc.taboola.com/reportdoor-reportdoor/trc/3/
65 KB
20 KB
XHR
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/trc/3/json?tim=02%3A37%3A02.928&lti=deflated&data=%7B%22id%22%3A741%2C%22ii%22%3A%22%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1624783908350%2C%22vi%22%3A1624840622927%2C%22cv%22%3A%2220210627-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3921%2C%22qs%22%3A%22%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss%22%2C%22nsid%22%3A%22reportdoor-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-MidPage%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22MidPage%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22MidPage%20Article%20Thumbnails%22%2C%22cd%22%3A2142.171875%2C%22mw%22%3A810%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3082.171875%2C%22mw%22%3A810%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-sidebar%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22SIdeBar%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22SIdeBar%20Article%20Thumbnails%22%2C%22cd%22%3A585%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4c5293b6d3910a71056b1b381e3a68cea97df3785943308be17c214ee548fc5

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
559
date
Mon, 28 Jun 2021 00:37:03 GMT
content-encoding
gzip
server
nginx
x-timer
S1624840623.950227,VS0,VE559
x-served-by
cache-hhn11563-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.reportdoor.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
truncated
/ Frame EA64
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcbd348ad69f6ad4b2441babe861fab42c1fe7689241fda05af5dd721da5d6e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame EA64
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 07:58:29 GMT
x-content-type-options
nosniff
age
405514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 07:58:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame EA64
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options
nosniff
age
438313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 22:51:50 GMT
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame F90C
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 09:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
55322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jun 2022 09:15:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106141722000/ Frame F8C3
189 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55217
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:10:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6e85c2cf35b93d5b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame F8C3
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4808
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"20d5993134a00e72"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame F8C3
85 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27288
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0e18b5d4ac760a2b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:32 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame F8C3
71 KB
17 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0c5a0e82c987c58e86dccac7b88237fc8d70ab2e917757e48adaa08a2d6cdf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
428102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16642
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 01:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"89a7878de8cefb20"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 01:42:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame F8C3
3 KB
1 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1299
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"da415af7878c9ead"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame F8C3
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12849
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6ce0de783bcb6f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
truncated
/ Frame F8C3
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
086ee2f424e19a38b1260c62c70f68be7d36ba8df1e0a901d034a260ec86caa8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
txt1.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:57:48 GMT
x-content-type-options
nosniff
age
401955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5586
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:57:48 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 10:52:01 GMT
x-content-type-options
nosniff
age
481502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4464
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 10:52:01 GMT
puls.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
419 B
444 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/puls.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:07:58 GMT
x-content-type-options
nosniff
age
466145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 15:07:58 GMT
preisButt.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/preisButt.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:54:34 GMT
x-content-type-options
nosniff
age
394949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6154
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:54:34 GMT
ll.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
938 B
963 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ll.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 23:34:57 GMT
x-content-type-options
nosniff
age
435726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
938
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 23:34:57 GMT
CTA.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
929 B
954 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/CTA.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:45:44 GMT
x-content-type-options
nosniff
age
395479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
929
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:45:44 GMT
DBx.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame F8C3
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/DBx.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:34:15 GMT
x-content-type-options
nosniff
age
349368
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2708
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 23:34:15 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8C3
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 07:15:41 GMT
x-content-type-options
nosniff
server
cafe
age
62482
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 28 Jun 2021 07:15:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8C3
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 10:45:56 GMT
x-content-type-options
nosniff
server
cafe
age
49867
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 28 Jun 2021 10:45:56 GMT
ai.aspx
m.exactag.com/ Frame F8C3
43 B
1 KB
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586361&cb=1325659732
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 28 Jun 2021 12:37:03 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 28 Jun 2021 00:37:02 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1053
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F8C3
0
17 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHLYLrhnZYOLqGIDM7_UPuMKOkAad-oa-Y5a5qcbsDY6u3YeODhABIO2C-TFglQKgAYuuwOQDyAEJqQJDNkOZewa0PqgDAcgDCKoEuwFP0KaiuLPBvboyFKa_q9Mib2e1TnTpQ_QJDCgPvzpf8XpEii_nGofEUT2vB-abuzBqqYHA7GLWX0WT1z6Dnx8XmgeNl1zQTcl6dGvKzqZ2nkKBTUjkJRC23Op5Mwg6NbLnMpze_BOIw9J6epc8ajqEQ14_yaTFQFb-ykx7chKnO4aq2c7CyuOmVzhgTkQ7vuYsYijUTrUTTJkNK0uTahOh9pvyJGtvr3C104QMVtszkvhCwI3PIFyI9g8_wASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDH0hHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzUxMTQ0Mzc5OTQwNzQ5OQ&sigh=hKktSeYbK2A&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Jun 2021 00:37:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A13D
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 13:10:17 GMT
x-content-type-options
nosniff
server
cafe
age
41206
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 28 Jun 2021 13:10:17 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
176 KB
27 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Requested by
Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c1f51786d4f453461eccaadf1df4f6e7443ff146666a99cc28344202088556
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 22 Jun 2021 13:04:49 GMT
expires
Wed, 22 Jun 2022 13:04:49 GMT
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
27817
age
473534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 4521
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjwfVrhnZYN_eGtWU9u8P7PKT0AWkt6O4Y7Gojq6LDsvxppj9JRABIO2C-TFglQKgAeiZ0NIDyAEJqAMByANIqgTMAU_QSAXtuuHmupsCwY5Egk6Q8NtOn4l2Rg3PwV3mlBIRKezbAfik0WEWjdAfy-QckbbRY1cWdETNX2ml6m1J4z4zY9y9qqrAV9wrXpAMVUx7ULxexRrCIP-NIQXKt-0N1wCsm4o-PBm_N6V-QUx5CGNstCne2tRDaX4H-zYIZIXV69SxcKA905qd9ZoDLn1bkj-A6AJ51vNVnjZTWbGyeuzddnKYo4LARTZtTjH4420gikpOZ283MA2-7iC-u4CgSZJkmS8z4yxrOEngDMAEzcDts8kDkgUECAQYAZIFBAgFGASgBi6AB4Dmry2oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQyqAc0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=qxJl9Vy4Ups&template_id=419
Requested by
Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Jun 2021 00:37:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/ Frame 4521
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:18:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 4521
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:35:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4521
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Mon, 28 Jun 2021 00:37:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/ Frame 4521
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210623/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jul 2021 00:34:14 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E099
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlSzrzXiy4HkDjJaF4LYmnzyZhQyopAuNpkcoxKvhE6UYJ-KdMkBl-mSrx6PiU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 27 Jun 2021 23:57:41 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4521
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09c558569b7060c96d91241c587c44b3189094a82493807d78b5be049a022ddd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4521
0
20 B
Other
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_t94CLufECFVWK_QcdbPkEWg&gqi=rhnZYMeeGtTc7_UP_pum6Ac&layout=/sadbundle/%24csp%253Der3%24/4330587781611926158/300x250/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E587
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 16:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 28 Jun 2021 16:31:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E587
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 20:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 28 Jun 2021 20:19:58 GMT
css
fonts.googleapis.com/ Frame E587
5 KB
615 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 00:20:56 GMT
server
ESF
date
Mon, 28 Jun 2021 00:37:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Jun 2021 00:37:03 GMT
audience_grey.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
462 B
493 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/audience_grey.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e4efc6223c74b0c496ade40c20a3960ed76a64cb0b329968d433837e203e3a0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
481143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
462
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Tue, 22 Jun 2021 10:58:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 10:58:00 GMT
audience_green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
455 B
486 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/audience_green.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beebd35392dbf9b8d88ce3454bc536b3a6a38f71f90628c0f227354e94cbb3a9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
346101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
455
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Thu, 24 Jun 2021 00:28:42 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 00:28:42 GMT
audience_yellow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
460 B
491 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/audience_yellow.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1269314eda896a7c2481e41266266733d48f95f5077d9322e11319da1dfc3ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
444310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
460
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Tue, 22 Jun 2021 21:11:53 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 21:11:53 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012106141722000/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
249e602194d53761ebd09bfee83388909795781a86ba7734dd1ecc341064a6b3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
418289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7361
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 04:25:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b2eeb05c2e2056a6"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 04:25:34 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8C3
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 07:15:41 GMT
x-content-type-options
nosniff
server
cafe
age
62482
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 28 Jun 2021 07:15:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F8C3
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 10:45:56 GMT
x-content-type-options
nosniff
server
cafe
age
49867
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 28 Jun 2021 10:45:56 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106141722000/ Frame A3D2
189 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55217
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:10:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6e85c2cf35b93d5b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:10:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame A3D2
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4808
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"20d5993134a00e72"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame A3D2
85 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27288
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0e18b5d4ac760a2b"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:32 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame A3D2
71 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0c5a0e82c987c58e86dccac7b88237fc8d70ab2e917757e48adaa08a2d6cdf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
428102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16642
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 01:42:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"89a7878de8cefb20"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 01:42:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame A3D2
3 KB
1 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1299
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"da415af7878c9ead"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame A3D2
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12849
x-xss-protection
0
server
sffe
date
Fri, 25 Jun 2021 10:07:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6ce0de783bcb6f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 10:07:31 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D2
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 07:15:41 GMT
x-content-type-options
nosniff
server
cafe
age
62482
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 28 Jun 2021 07:15:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D2
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Jun 2021 10:45:56 GMT
x-content-type-options
nosniff
server
cafe
age
49867
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 28 Jun 2021 10:45:56 GMT
truncated
/ Frame A3D2
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fcc01c0b13c95c1a2e6e7bf789b5ba95e4ef7de3f0b8ef31ae03eb72700bf12

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
txt1.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:57:48 GMT
x-content-type-options
nosniff
age
401955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5586
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:57:48 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 10:52:01 GMT
x-content-type-options
nosniff
age
481502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4464
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 10:52:01 GMT
puls.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
419 B
444 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/puls.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:07:58 GMT
x-content-type-options
nosniff
age
466145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 15:07:58 GMT
preisButt.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/preisButt.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:54:34 GMT
x-content-type-options
nosniff
age
394949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6154
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:54:34 GMT
ll.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
938 B
963 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ll.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 23:34:57 GMT
x-content-type-options
nosniff
age
435726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
938
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 23:34:57 GMT
CTA.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
929 B
954 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/CTA.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:45:44 GMT
x-content-type-options
nosniff
age
395479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
929
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:45:44 GMT
DBx.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame A3D2
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/DBx.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:34:15 GMT
x-content-type-options
nosniff
age
349368
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2708
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 14:33:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 23:34:15 GMT
ai.aspx
m.exactag.com/ Frame A3D2
43 B
910 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586361&cb=1946874559
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 28 Jun 2021 12:37:03 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 28 Jun 2021 00:37:03 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1053
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A3D2
0
17 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKAforhnZYPv9HdnK7_UP7-qG0A-d-oa-Y5a5qcbsDY6u3YeODhABIO2C-TFglQKgAYuuwOQDyAEJqQJDNkOZewa0PqgDAcgDCKoE1gFP0M2fAuBt6UT9DsVjqlK__oMygJjnTXX0GXiytlebQTWERFk3FBTL2mp4y7JjbIusgtQiXjmQ99e8TqW7BAB4xONq5w9ycseU90Wfb4unzeWYHe5mWBwEeBQLzcC-9-0m9G29TFEoyGHuFXy735vGjkpiLBq-qyAe0NiWpw5lJhOye9T_k4b4SbfRqEZFlg2L7wjfOm4DH_zUVZXxEBsG29JmVfKaWbZaIQFbhVgq0wkqx0KTHH1BZ1kJhrZDbLIaUQuedLpnIiUW7n-PhkGcak6eV-VOwASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD-nhHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzUxMTQ0Mzc5OTQwNzQ5OQ&sigh=cZhZrS3sBqY&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Jun 2021 00:37:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
bg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/bg.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
133bd833f5e17406472a3ff91bf00f004dd61a0043a0f1971a349830b8fe6432
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
407834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6296
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Wed, 23 Jun 2021 07:19:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 07:19:49 GMT
audience_shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
727 B
758 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/audience_shadow.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc79659c1fc6025c80092ab2d97ff6b5cf56253645a7076aa8a3e8ed43b821ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
445641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
727
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Tue, 22 Jun 2021 20:49:42 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 20:49:42 GMT
mobile_shadow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
616 B
647 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/mobile_shadow.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33c461af5ae3bf5418718807119a21e4c62f8c5bfbbda518f449161b92b8884c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
400273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Wed, 23 Jun 2021 09:25:50 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:25:50 GMT
mobile.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/mobile.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
750886f5831d04d4acd8d059d5741a41f5d71f5e843a82a8acddd753385dea1e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
394949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1062
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Wed, 23 Jun 2021 10:54:34 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 10:54:34 GMT
app_green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/app_green.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42d512369f48087bfe65d7c1c5c051c1b731e67087a4e9d1ee560cb367d5562e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
346957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2298
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Thu, 24 Jun 2021 00:14:26 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 00:14:26 GMT
app_yellow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/app_yellow.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70c35597c9d6b9c105dd47541b0adef7f38f065e9f815dfe6ba209a16aceb34b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
413024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2512
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Wed, 23 Jun 2021 05:53:19 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 05:53:19 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/ Frame E587
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4330587781611926158/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d88e845212440d76560db95ec0445b7a530069c0ccc56a1a224641897b0efd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
391859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4541
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 14:43:56 GMT
server
sffe
date
Wed, 23 Jun 2021 11:46:04 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 11:46:04 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E587
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:25:33 GMT
x-content-type-options
nosniff
age
403890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:25:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E099
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3310307751&adf=215687957&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=225&idt=227&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=KwRVuUdbuU&p=https%3A//www.reportdoor.com&dtd=230
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlSzrzXiy4HkDjJaF4LYmnzyZhQyopAuNpkcoxKvhE6UYJ-KdMkBl-mSrx6PiU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 28 Jun 2021 00:37:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 28-Jun-2021 01:37:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 28 Jun 2021 00:37:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 28 Jun 2021 00:37:03 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
18 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
27566
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5628
x-amz-id-2
mvV6Obapu1AtkGvrEDNJEFXTiQ35Psp9hLvN+7O6Qau3nou0Qban8NkNzNinIOLGaaqDY53yXF4=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1624840624.586598,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
6F32NCW4Z347WKFJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
24
x-cache-hits
312793
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
2217
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
mx4KoEdupSjNAt+jydlxWIo+jwcLoLfqsfsfzf9xlc2eaDNcUDaHkWHo8F8AVeN4ILOhs1UHeT4=
x-served-by
cache-hhn11563-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1624840624.586589,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
GZH52BA9ZE5HK19K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
24
x-cache-hits
3157
tfa-eid.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed919aae0e6c47f91a64377ebadfa127e0973fc2d2111fc24167621b8b2665e7

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JEzuHkbl4AJUfCP2vggmFLK_ewkTvNna
content-encoding
gzip
etag
"f4b9c1dbb2da6c4ef520bf956da31570"
age
18320
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4861
x-amz-id-2
gPopOjUUlXVTr8uA44VlmNoELMxeapyr/6m967dzM6mvnTk6H3jhZiHjvQkj9qFdYVaCrzMZBAs=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:31:39 GMT
server
AmazonS3
x-timer
S1624840624.588953,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
MW38PHNXXDSETDNB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
117631
sha256.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f1b2725a2a8bb756181e2db3f72c70560ed54473fb0bec4e0f51018b10ebb86

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CXr4B1s04uxGjoU5vYb9KE2MD6.pSr3t
content-encoding
gzip
etag
"c72ad67a8bd5ab4ad711af7aa71134a6"
age
18308
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2590
x-amz-id-2
d0EoqENNnDgEm4juB2MwJZmipKchPD/DcI9on5lyNwAdIQc5W1/GqWottKXaL67zB+UtYqs+iz8=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:31:52 GMT
server
AmazonS3
x-timer
S1624840624.588933,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
EASNYQVJZ0PGMB1G
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
107509
floating-unit.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
7 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50cb2d58c5157144fedbc5fc3f5748d04716e0c2b77e46dd28fa8aeaa7adf011

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
l2tViL8mHttv3Xdz7CWfLm7yP3oV4H7B
content-encoding
gzip
etag
"b68d604906eeb69368ed7a19797f6638"
age
18297
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2286
x-amz-id-2
nw6t7SQQfRs3hh+Kym5K/8GqvhFCVslJ1w+eWm7J/BTkuvNJkgSodoQ4QekeiIVEvO3Xyrzb7g0=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:32:03 GMT
server
AmazonS3
x-timer
S1624840624.591410,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
K2QHTDJZSFWM4MMQ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
5758
tb
15.taboola.com/
37 KB
11 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=reportdoor-reportdoor&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&encoded=1&uid=c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1624840623574&tagid=&cntry=DK&platform=1&sesid=005254a94d894049434f55e7e0e2eba3&itemid=/microsoft-signed-a-driver-loaded-with-rootkit-malware&viewid=1624840622927&geolat=&geoing=&deviceifa=&appid=&sd=v2_005254a94d894049434f55e7e0e2eba3_c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e_1624840622_1624840622_CNawjgYQgdhPGM-msYClLyABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGixr-m1yv33zq0B&ri=26b8c0314bd521966dbcfd0c9bb04a2e&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1305601&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=82&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1305599&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb4796ad532e32f7a18da4e837d0165442783006590a72bec30bbbabfea1599

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
content-encoding
gzip
access-control-allow-origin
https://www.reportdoor.com
machineid
1401
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11563-HHN
pragma
no-cache
server
nginx
x-timer
S1624840624.594683,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca5cec0bdc0787ce020b593c4c5ea124537c76969b5cf17c09c218ccc17fac0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
th4iogzl7zfVLndjSqia0pRt9BluR0BH
content-encoding
gzip
etag
"36dd0824987b37b8c39efcf3ef0f3b9d"
age
18286
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ICbUf5k8k6QKcO//VITQJQY6L7p6EEqKsXnxX6KHOHr42kpm8qu8HGiLwdgoAhfYEg2hSGVd04Q=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:32:13 GMT
server
AmazonS3
x-timer
S1624840624.594678,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
8NC3TW9J947M3Q45
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
78007
userx.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
647ca45d692bd1f1361c49c442dd87c7cfdea9ed5fbcb2a1ae05b7c9d12c09c6

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OO74DRd7qN8bXQzUJA9TudCbaWi0f_2m
content-encoding
gzip
etag
"9875ac0d41141754d322687f6d071791"
age
18323
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7955
x-amz-id-2
vCDqgC/VM9aT6kemTO2Bs+8veVHNJ+sZaU4bxYsQD4x5ZSGHADPS11p7i0/nh5UcLKwXpjL+iTk=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:31:34 GMT
server
AmazonS3
x-timer
S1624840624.606044,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
APAH57Z0KCXYDAM2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
23175
explore-more.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
19 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc3f59ce5edc881b9033460496b43654c6140684b0183ad99d3ed700efbc809d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
m4bfRtGDoXJ8FeSSlx9d7YR0GTDksznV
content-encoding
gzip
etag
"83344cea249a0ed672158e354c32ae4f"
age
18284
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6764
x-amz-id-2
NUFsHCHh1+sqwvdXyFCB09Nysve/+rpxtgv+m0TwIOtMhpYhpJCpsdcsam7aZujDln/A7Os0Ypo=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:32:16 GMT
server
AmazonS3
x-timer
S1624840624.616853,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
HAF2DKC81AY61VWA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
25367
debug
trc-events.taboola.com/reportdoor-reportdoor/log/2/
0
90 B
Image
General
Full URL
https://trc-events.taboola.com/reportdoor-reportdoor/log/2/debug?tim=02%3A37%3A03.569&type=warn&msg=Dynamic%20Translation%20load%20is%20enabled%20but%20response%20is%20missing%20the%20map.%20Using%20embedded%20solution&id=2828&cv=20210627-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14434
supply-feature
trc.taboola.com/reportdoor-reportdoor/log/3/
0
246 B
Image
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=f9accf03d5f91e6646eddffe60b3bca8&sd=v2_005254a94d894049434f55e7e0e2eba3_c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e_1624840622_1624840622_CNawjgYQgdhPGM-msYClLyABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGixr-m1yv33zq0B&ui=c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1624840622927&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=02%3A37%3A03.572&id=6152&llvl=1&cv=20210627-5-RELEASE&
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840624.641975,VS0,VE58
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
il-trc-events.taboola.com/reportdoor-reportdoor/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/reportdoor-reportdoor/log/2/debug?tim=02%3A37%3A03.579&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=9641&cv=20210627-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79339
debug
il-trc-events.taboola.com/reportdoor-reportdoor/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/reportdoor-reportdoor/log/2/debug?tim=02%3A37%3A03.581&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=9744&cv=20210627-5-RELEASE&lt=deflated&pct=1
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
79339
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
23
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
zpqM1x6+Tj6AaVofODjoA7xYqVZjtO4jS9CaDnOJXVJK9rL0RqaT9tOOjFwDu+ulfgnyHlkMZh8=
x-served-by
cache-hhn11563-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1624840624.651978,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
Y5KRPEVNPJCXYEV6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
24
x-cache-hits
8
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame E587
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 09:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
55322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jun 2022 09:15:01 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.7/
96 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99e0a173ac96cd66cb5e6ade9a6a97f53262d4a883d3427e1b52062882582827

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront), 1.1 varnish
age
747263
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28132
x-served-by
cache-fra19123-FRA
last-modified
Sat, 19 Jun 2021 09:01:18 GMT
server
AmazonS3
x-timer
S1624840624.793065,VS0,VE0
etag
"8981cd06ff59fc3e3c16f66fb3d0cfa9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
UvVm37BTQ63gflOUTc-nL1UhfryXreShlZUgJ1cXtHfJHYrZle39Sg==
x-cache-hits
88721
abtests
trc.taboola.com/reportdoor-reportdoor/log/3/
0
84 B
Image
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/abtests?route=AM:IL:V&lti=deflated&ri=f9accf03d5f91e6646eddffe60b3bca8&sd=v2_005254a94d894049434f55e7e0e2eba3_c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e_1624840622_1624840622_CNawjgYQgdhPGM-msYClLyABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGixr-m1yv33zq0B&ui=c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1624840622927&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1624840623712%7D&tim=02%3A37%3A03.712&id=1532&llvl=1&cv=20210627-5-RELEASE&
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
56
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840624.738069,VS0,VE56
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bf3c4b8267859a5e3e38091a709d30e3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_490%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
39 KB
39 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_490%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf3c4b8267859a5e3e38091a709d30e3.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9d488ec59f7c479d016bc6515a84294ccb34e7a031895e6684f1d22b2e0aed8

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1602583
edge-cache-tag
523585328270250434471806922809576795068,393666185412432663102870640261070354013,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
87
expiration
expiry-date="Sun, 13 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_490%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bf3c4b8267859a5e3e38091a709d30e3.jpg
content-length
39604
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Thu, 13 May 2021 12:45:10 GMT
server
nginx
x-timer
S1624840624.826140,VS0,VE1
etag
"e8f089f84d2ff2cbf715f8721f331567"
x-served-by
cache-wdc5576-WDC, cache-dca17736-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
box-of-baking-soda.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2018/12/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2018/12/box-of-baking-soda.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
681c198eade37eaf120ca67437e24c57285f771bf45c6552a56fb2708608de17

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1538438
edge-cache-tag
583855231121092482156626099595690262322,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
65
expiration
expiry-date="Sun, 13 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tips-and-tricks.co/2018/12/box-of-baking-soda.jpg
content-length
10790
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 13 May 2021 15:58:37 GMT
server
nginx
x-timer
S1624840624.826149,VS0,VE1
etag
"60e0d3045698bca969def5d5f3f87ca6"
x-served-by
cache-wdc5575-WDC, cache-dca17763-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
30%2520Rare%2520Pics%2520Of%2520Diana%2520You%2527ve%2520Never%2520Seen%252C_1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.carnovels.comworldwide...
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.carnovels.comworldwideprincess-diana/30%2520Rare%2520Pics%2520Of%2520Diana%2520You%2527ve%2520Never%2520Seen%252C_1.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f02f2887d333d03d1348188319141be7847e8fa0f9780976b9d60343f908a023

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
381384
edge-cache-tag
390678395267928273513907125704852712781,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//smart-system.s3.amazonaws.com/creatives/taboola/httprfvtgb.carnovels.comworldwideprincess-diana/30%2520Rare%2520Pics%2520Of%2520Diana%2520You%2527ve%2520Never%2520Seen%252C_1.jpg
content-length
6788
x-request-id
81b642bb1436d0789fe84434e8f4c1e6
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Wed, 09 Jun 2021 00:05:45 GMT
server
nginx
x-timer
S1624840624.826393,VS0,VE1
etag
"3d36887dbd7b1cf7afe5a8f244a5b9b4"
x-served-by
cache-wdc5529-WDC, cache-dca17759-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1257244416__1NJf7jwy.jpg
images.taboola.com/taboola/image/fetch/h_490,w_980,c_fill,g_xy_center,x_1557,y_652/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
33 KB
34 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_490,w_980,c_fill,g_xy_center,x_1557,y_652/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1257244416__1NJf7jwy.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2ef7807f50d4c45a2a9e435fac2127b8400743a3031ec2a6a36c706705f09c06

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
98
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1582720
edge-cache-tag
573914451734998174767906941817015108351,501081298553461467044876734270482196475,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
92
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/h_490,w_980,c_fill,g_xy_center,x_1557,y_652/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1257244416__1NJf7jwy.jpg
content-length
34180
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 20 May 2021 05:36:10 GMT
server
nginx
x-timer
S1624840624.826382,VS0,VE98
etag
"1cf2c85e818f1610bb2476c623e27b79"
x-served-by
cache-wdc5530-WDC, cache-dca17727-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
f4060c44acdb0c6d2abbee143ba6e93c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4060c44acdb0c6d2abbee143ba6e93c.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dff7fed207e722efb486f633723e09e08b5fcc7892b667641339627b67360f11

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
3321090
edge-cache-tag
398712943136418065342894021576404682548,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
45
expiration
expiry-date="Sun, 23 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f4060c44acdb0c6d2abbee143ba6e93c.jpg
content-length
17762
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 22 Apr 2021 17:20:17 GMT
server
nginx
x-timer
S1624840624.826372,VS0,VE1
etag
"89b1139c8eb97af45e402c000ff935bf"
x-served-by
cache-wdc5540-WDC, cache-dca17773-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
330186af96bbc92706eb269d55768a6b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/330186af96bbc92706eb269d55768a6b.png
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b6d60961d9c8e0ad56dd23efd745f55f8cd3a43d2e05439df285c15d0c5995a6

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
2660076
edge-cache-tag
300508647029141458339499852910601006749,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
43
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/330186af96bbc92706eb269d55768a6b.png
content-length
8124
x-request-id
78aa4846a45e2b66aaa62885028d9914
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 12 May 2021 23:51:18 GMT
server
nginx
x-timer
S1624840624.826436,VS0,VE0
etag
"934311efc296107fd313f7140cc3e2a6"
x-served-by
cache-wdc5566-WDC, cache-dca12922-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 16
bengal_vs_karnataka_ranji_trophy_semi_final_cab_facebook.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn-images.spcafe.in/img/es3-cfill-w480-h240/articles/Cricket_1/
51 KB
52 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn-images.spcafe.in/img/es3-cfill-w480-h240/articles/Cricket_1/bengal_vs_karnataka_ranji_trophy_semi_final_cab_facebook.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03b76ecad56b72ead740100f70e31447ac1cb41df1d755643d12dc95fb6fd973

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
797
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
585069233870261852667487440098654484399,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
692
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn-images.spcafe.in/img/es3-cfill-w480-h240/articles/Cricket_1/bengal_vs_karnataka_ranji_trophy_semi_final_cab_facebook.jpg
content-length
52574
x-request-id
97df915124a561f7f5d899b94d4972e6
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 22 Jun 2021 15:04:09 GMT
server
nginx
x-timer
S1624840624.836570,VS0,VE797
etag
"dabfc753b8568ed91a779b42deb41ac9"
x-served-by
cache-wdc5534-WDC, cache-dca17775-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
close.svg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/
0
0
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/close.svg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sddefault.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/H2WebtENtc0/
66 KB
67 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/H2WebtENtc0/sddefault.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55b7ccc66c65c50f00e31d89611caa1a807a67156941e164410aba6645dabc5b

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
99
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
255317
edge-cache-tag
362629665643450234393606288726272304567,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
994
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/H2WebtENtc0/sddefault.jpg
content-length
67668
x-request-id
cd303c1b57cd49094d334c029e708b43
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Tue, 22 Jun 2021 20:50:54 GMT
server
nginx
x-timer
S1624840624.844610,VS0,VE99
etag
"9c195560396c951d507f3caaa512a835"
x-served-by
cache-wdc5549-WDC, cache-dca17761-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
ben-wallace-getty-ftr-091216_hdkktlsulkbt1nu1nhc282p4x.jpg%3Ft%3D575203783
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/c4/78/
38 KB
38 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/c4/78/ben-wallace-getty-ftr-091216_hdkktlsulkbt1nu1nhc282p4x.jpg%3Ft%3D575203783
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
294068d5ec91e5bbd0b74f177d18eb12b7bcdddbcb85b701eea17ddd551e0a8d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
137
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
200018
edge-cache-tag
537124054261318096232604269314324524721,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
927
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/c4/78/ben-wallace-getty-ftr-091216_hdkktlsulkbt1nu1nhc282p4x.jpg%3Ft%3D575203783
content-length
38656
x-request-id
69b661119b18ab0320b5d33e2725589c
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Wed, 23 Jun 2021 02:26:01 GMT
server
nginx
x-timer
S1624840624.844579,VS0,VE137
etag
"225df6f16235957a4fe7299e3ad55ed8"
x-served-by
cache-wdc5571-WDC, cache-dca17775-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
59137-16245558435595-800.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/editor/2021/06/
0
0
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/editor/2021/06/59137-16245558435595-800.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

im-350504%3Fwidth%3D620%26size%3D1.5
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/
58 KB
59 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/im-350504%3Fwidth%3D620%26size%3D1.5
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a89d9de3ddbc5fd21795f18b54e89da31ea1a6762c3d0962ff682c30c27e5de3

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
99
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
438679
edge-cache-tag
375608117297237996124714967892262963044,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
578
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/im-350504%3Fwidth%3D620%26size%3D1.5
content-length
59552
x-request-id
6caac72f8b468932b2481fbcd21c9cb3
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Tue, 22 Jun 2021 13:00:04 GMT
server
nginx
x-timer
S1624840624.844551,VS0,VE99
etag
"bfd42b39078d571e0b9b28448670ad24"
x-served-by
cache-wdc5559-WDC, cache-dca17783-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
im-357178%3Fwidth%3D620%26size%3D1.5
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/
42 KB
43 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/im-357178%3Fwidth%3D620%26size%3D1.5
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef23bc9af65285512125db6ec7866dd22b88eb76160b765b05c2fdc80e2ea2a8

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
98
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
512325
edge-cache-tag
347304794744963954928574768849796929971,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
426
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.barrons.com/im-357178%3Fwidth%3D620%26size%3D1.5
content-length
43062
x-request-id
f65da1bd45f3cf1ca4d35a39a9096056
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 21 Jun 2021 23:35:01 GMT
server
nginx
x-timer
S1624840624.844537,VS0,VE98
etag
"53544c231fb6b85228266016740e134e"
x-served-by
cache-wdc5547-WDC, cache-dca17763-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
047b6b6888db4e16e167bf933c0c9b78
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/jWef9BjoaFZWbpHFMJGiBA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNT...
45 KB
46 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/jWef9BjoaFZWbpHFMJGiBA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTM5Ni41NjI1/https%3A//s.yimg.com/uu/api/res/1.2/FGhBkSAdTsRDp2NzdTcLOw--~B/aD01NDk7dz05NzY7YXBwaWQ9eXRhY2h5b24-/https%3A//media.zenfs.com/en/bbc_us_articles_995/047b6b6888db4e16e167bf933c0c9b78
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3742b0c9042bd5c823160c3fce69eb156b8e3f63be55dd7ab9e33a8660a18b0f

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
171
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
559529
edge-cache-tag
583986642326343653259912844109446948985,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
720
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/jWef9BjoaFZWbpHFMJGiBA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTM5Ni41NjI1/https%3A//s.yimg.com/uu/api/res/1.2/FGhBkSAdTsRDp2NzdTcLOw--~B/aD01NDk7dz05NzY7YXBwaWQ9eXRhY2h5b24-/https%3A//media.zenfs.com/en/bbc_us_articles_995/047b6b6888db4e16e167bf933c0c9b78
content-length
45960
x-request-id
96603c2ea70eb4c0190bf5dfe2969294
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 21 Jun 2021 12:09:41 GMT
server
nginx
x-timer
S1624840624.844518,VS0,VE171
etag
"41125b95563175d89cee15d99373d5c8"
x-served-by
cache-wdc5559-WDC, cache-dca17766-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
5c10025ee45a9d9939bbdac0210db98d_1000x600_1c9ba4ab4eb1002c42b12e0ec8f72aa2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/
45 KB
45 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/5c10025ee45a9d9939bbdac0210db98d_1000x600_1c9ba4ab4eb1002c42b12e0ec8f72aa2.png
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d9a8f892fbc84d6225b1233e98eedb3bca1f874cbdb28ef732f1c20b51011fa7

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1535502
edge-cache-tag
501088070181749202834824248235861884070,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
86
expiration
expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/5c10025ee45a9d9939bbdac0210db98d_1000x600_1c9ba4ab4eb1002c42b12e0ec8f72aa2.png
content-length
46018
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Fri, 28 May 2021 07:18:39 GMT
server
nginx
x-timer
S1624840624.846249,VS0,VE1
etag
"d9940353a0b2c687db905fd606eb1ede"
x-served-by
cache-wdc5522-WDC, cache-dca17750-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
4ba61abba588224bb6b3fc2e896b55db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ba61abba588224bb6b3fc2e896b55db.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4438fb57a9210392c94d36ff96cbe2510eb53c2af9d62d7f980bf5088c14688

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1534879
edge-cache-tag
444779579460461744335261395609846798406,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
77
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ba61abba588224bb6b3fc2e896b55db.jpg
content-length
14570
x-request-id
75e970ba6d192d84cb5550ecfb77a377
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 07 Jun 2021 06:11:54 GMT
server
nginx
x-timer
S1624840624.846237,VS0,VE2
etag
"61b94250f61e8f3bc96e853cfd98833a"
x-served-by
cache-wdc5547-WDC, cache-dca17782-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
mat-barzal-islanders-062121-getty-ftrjpeg_18qndkybkvo8611mhot0vz3ueb.jpg%3Ft%3D844710298
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/e2/e9/
13 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/e2/e9/mat-barzal-islanders-062121-getty-ftrjpeg_18qndkybkvo8611mhot0vz3ueb.jpg%3Ft%3D844710298
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c59eab430881aa1a70b824e19e8b913f4e2e1206b107fdbc75703587a90f6cf

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
639
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
488216362567679058270485292754119680473,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
533
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//images.daznservices.com/di/library/sporting_news/e2/e9/mat-barzal-islanders-062121-getty-ftrjpeg_18qndkybkvo8611mhot0vz3ueb.jpg%3Ft%3D844710298
content-length
13112
x-request-id
fb9828c8541713536388df45e4f3237f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 22 Jun 2021 07:08:41 GMT
server
nginx
x-timer
S1624840624.846221,VS0,VE639
etag
"69727e80570312d135a14eb59d958cc6"
x-served-by
cache-wdc5538-WDC, cache-dca17772-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
sddefault.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/GGVPyC7C7U0/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/GGVPyC7C7U0/sddefault.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b0be9efbe443d060022e33c9432a504923ccf16d2e834248ebf824913e220b9

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
563
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
484771106852115076764894555678345019169,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
444
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.youtube.com/vi/GGVPyC7C7U0/sddefault.jpg
content-length
13788
x-request-id
64f7fca8abef2697a117ea6eed41da9c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 27 Jun 2021 07:26:11 GMT
server
nginx
x-timer
S1624840624.846205,VS0,VE563
etag
"eeea98fc422c111c84ac65c911fa65ed"
x-served-by
cache-wdc5583-WDC, cache-dca17779-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
19410278be0a4dcfb48d75ba5dc08163.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
16 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19410278be0a4dcfb48d75ba5dc08163.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f0671afc074a69219c31a43b75690d16ccef151aff84fdbd8f404e7136670321

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1530600
edge-cache-tag
455565595666334868714783799894532816029,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19410278be0a4dcfb48d75ba5dc08163.jpg
content-length
16803
x-served-by
cache-dca17767-DCA, cache-dca17763-DCA, cache-fra19182-FRA
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Fri, 28 May 2021 06:54:30 GMT
server
cloudinary
x-timer
S1624840624.846197,VS0,VE1
etag
"95e2991460c23e2fb8bc4ccd61ef71a4"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
bb2ff75762014b899cdb5582dfad52f0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/bb/2f/
16 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/bb/2f/bb2ff75762014b899cdb5582dfad52f0.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6287b8c51fffc3aad351010997bb0a69e52173df88b7d61971b104658d6dfc3d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1507951
edge-cache-tag
482613503905707056059541416150159281478,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
146
expiration
expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.workandmoney.com/bb/2f/bb2ff75762014b899cdb5582dfad52f0.jpeg
content-length
16778
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 28 May 2021 06:49:36 GMT
server
nginx
x-timer
S1624840624.846184,VS0,VE1
etag
"e3875bcbf8fadf750f3322afc831aee3"
x-served-by
cache-wdc5547-WDC, cache-dca17744-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/
0
0
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

c5777bc0-ce11-11eb-bbff-ef3e0a6f7068
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/4GHiHs23x2NmYjxd38PTkA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MD...
49 KB
50 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/4GHiHs23x2NmYjxd38PTkA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTU0MA--/https%3A//s.yimg.com/os/creatr-uploaded-images/2021-06/c5777bc0-ce11-11eb-bbff-ef3e0a6f7068
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01db466a6f01e93bdecee5b15eb5d6cb650ebc03a0109d4c2feece4cbdc1b745

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
769
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
576156838437054818859233061887517887093,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
668
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/4GHiHs23x2NmYjxd38PTkA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTU0MA--/https%3A//s.yimg.com/os/creatr-uploaded-images/2021-06/c5777bc0-ce11-11eb-bbff-ef3e0a6f7068
content-length
50262
x-request-id
e1eb73d8a7a26e40e33f1d353a953373
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Tue, 22 Jun 2021 11:32:16 GMT
server
nginx
x-timer
S1624840624.846156,VS0,VE769
etag
"7b706dc177c74009688df23a1dec1286"
x-served-by
cache-wdc5583-WDC, cache-dca17724-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
02beacdc2b6b29bd0e81db08af93a834.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02beacdc2b6b29bd0e81db08af93a834.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad03ae4c99808477308cea2f49c653489bda6a1c354559d7df4b3dfe512a407

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1089297
edge-cache-tag
496108243084567347399365108835628762073,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
29
expiration
expiry-date="Sat, 10 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02beacdc2b6b29bd0e81db08af93a834.jpg
content-length
7830
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Wed, 09 Jun 2021 08:20:04 GMT
server
nginx
x-timer
S1624840624.846145,VS0,VE93
etag
"8685d6646d2aef31ef5da35141bdc90f"
x-served-by
cache-wdc5570-WDC, cache-dca17783-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
cb0ea9c5a99032f2b9fa3282a4bbc6fe.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb0ea9c5a99032f2b9fa3282a4bbc6fe.png
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ede392f58143e254f9b4c60c6226c553d378332d3f2076d80e0b7cb295c1b82

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1686921
x-cache
HIT, HIT
x-ratelimit-remaining
100
x-envoy-upstream-service-time
247
expiration
expiry-date="Thu, 10 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb0ea9c5a99032f2b9fa3282a4bbc6fe.png
content-length
10002
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Mon, 10 May 2021 06:25:38 GMT
server
nginx
x-timer
S1624840624.846130,VS0,VE1
etag
"b5d6a387e98891a45448a781c74738f6"
x-served-by
cache-dca17771-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
1586245334889aec58c8f3a76368328d092e922eef06d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/
13 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1586245334889aec58c8f3a76368328d092e922eef06d.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffb4bad80228d02f74cd9a36e1298e9346831800ae59c168371d4ed5ef087615

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1594435
edge-cache-tag
318784936357710401190584530198686424018,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
25
expiration
expiry-date="Sun, 13 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1586245334889aec58c8f3a76368328d092e922eef06d.jpg
content-length
12990
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 13 May 2021 13:50:56 GMT
server
nginx
x-timer
S1624840624.846120,VS0,VE1
etag
"0e030bbf8dc853ed7a504da22f615ff8"
x-served-by
cache-wdc5577-WDC, cache-dca17779-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1617177826938a14141d3bca4cb41620f72354f58c4ff.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1617177826938a14141d3bca4cb41620f72354f58c4ff.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7848f54620ef0569b6e3a0769e23ce0462496073e0bad06be8ebd9ed1d19815f

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
4263822
edge-cache-tag
406382820122033804965516428113552605837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1617177826938a14141d3bca4cb41620f72354f58c4ff.jpg
content-length
16340
x-request-id
fc78ed3e9297f729add635e7c35b3f74
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 01 May 2021 23:37:44 GMT
server
nginx
x-timer
S1624840624.846104,VS0,VE0
etag
"cfb81d1c25d5df13d4eb7419bb7d685a"
x-served-by
cache-wdc5564-WDC, cache-dca12928-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
6327fc833cee6fefaab640592e62733e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6327fc833cee6fefaab640592e62733e.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8475c7fe1f246af800a01160b65007c6e1d3be8443750d12620769b95f93cafd

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1624426
edge-cache-tag
378793886282804067441738928725402798551,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
24
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6327fc833cee6fefaab640592e62733e.jpg
content-length
14514
x-request-id
27fde3164406ddddc20ffcc12a9b40eb
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Tue, 11 May 2021 22:52:25 GMT
server
nginx
x-timer
S1624840624.846091,VS0,VE2
etag
"f2b02542ae767cee38d244de60b593b0"
x-served-by
cache-wdc5568-WDC, cache-dca17738-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
186278979__bVsgo6bX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/186278979__bVsgo6bX.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ab7998fc117e222538bd1b982bc8bb4f3fcdd777874669f9d846f675e98bc0e

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1506921
edge-cache-tag
452541439048918191344062956147944155167,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
57
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/186278979__bVsgo6bX.jpg
content-length
8578
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 20 May 2021 09:16:28 GMT
server
nginx
x-timer
S1624840624.846078,VS0,VE96
etag
"166f1c38afde0cf39c1c0bd4378632b4"
x-served-by
cache-wdc5520-WDC, cache-dca17741-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
36b4bafb7ba52815435b1eebc5d9f11c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36b4bafb7ba52815435b1eebc5d9f11c.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ddb904dd34fad2b04d556eb4e0d993e6c4866a627b16ccafcb9b2df0742bf5fc

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1573740
edge-cache-tag
492831347513445394849443642188083908490,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
46
expiration
expiry-date="Sun, 13 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36b4bafb7ba52815435b1eebc5d9f11c.jpg
content-length
4114
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 13 May 2021 06:44:00 GMT
server
nginx
x-timer
S1624840624.846547,VS0,VE1
etag
"902fe430cab368d8e6fbecb6756b9222"
x-served-by
cache-wdc5583-WDC, cache-dca17738-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
c010d327bc2ded537069688382b8dedf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c010d327bc2ded537069688382b8dedf.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa2955d5dd4ce4ef2924082a05a9a5e3651f57847c291d0b39106be6c72ff911

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
3976116
edge-cache-tag
489493689438044085796774639205101185344,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
33
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c010d327bc2ded537069688382b8dedf.jpg
content-length
9128
x-request-id
72152a1bbd097d2ce73416bba98884b6
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Sat, 08 May 2021 15:43:36 GMT
server
nginx
x-timer
S1624840624.846530,VS0,VE1
etag
"6272426fcb033b0eec54775b624bcf9e"
x-served-by
cache-wdc5526-WDC, cache-dca17767-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
6f55ab7913b49d76d3572a8168767957.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f55ab7913b49d76d3572a8168767957.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62e20cbfd29f2ccf2ebeecbcd5d8a7121e92e63b60d5dcd09de41780aba5b38a

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
234415
edge-cache-tag
363093356998562154820721497868521257427,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
104
expiration
expiry-date="Fri, 09 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f55ab7913b49d76d3572a8168767957.jpg
content-length
21828
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Tue, 08 Jun 2021 09:41:26 GMT
server
nginx
x-timer
S1624840624.846521,VS0,VE92
etag
"2cdfd02074bdd700ceba270556a78a87"
x-served-by
cache-wdc5555-WDC, cache-dca17743-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
abtests
trc.taboola.com/reportdoor-reportdoor/log/3/
0
63 B
Image
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/abtests?route=AM:IL:V&lti=deflated&ri=f9accf03d5f91e6646eddffe60b3bca8&sd=v2_005254a94d894049434f55e7e0e2eba3_c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e_1624840622_1624840622_CNawjgYQgdhPGM-msYClLyABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGixr-m1yv33zq0B&ui=c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1624840622927&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1624840623756%7D&tim=02%3A37%3A03.757&id=1835&llvl=1&cv=20210627-5-RELEASE&
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
57
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840624.831418,VS0,VE57
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
5ffec4092601f959f3c0a38824120021.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ffec4092601f959f3c0a38824120021.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef8c5caef430107e5e8c11836f244e6eed112a40452684727b0759ae10cb66fe

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1624118
edge-cache-tag
409756542051007476421227728169281916845,349069093747406351833686533697612050307,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
73
expiration
expiry-date="Thu, 17 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ffec4092601f959f3c0a38824120021.jpg
content-length
20010
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Mon, 17 May 2021 06:54:51 GMT
server
nginx
x-timer
S1624840624.846512,VS0,VE1
etag
"877ac52221b5acea6f3bcbc83459c6f6"
x-served-by
cache-wdc5577-WDC, cache-dca17735-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
2a363cff6672ab7ac3333b039ce80ae6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
66 KB
66 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a363cff6672ab7ac3333b039ce80ae6.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
658e2863570da76a06509e48a6f6465d4038d3d344283ed6f80a2dbb55026e96

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
95
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
586797
edge-cache-tag
543688235252542574304186355776877182059,349069093747406351833686533697612050307,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
123
expiration
expiry-date="Thu, 24 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a363cff6672ab7ac3333b039ce80ae6.jpg
content-length
67348
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 24 May 2021 16:48:06 GMT
server
nginx
x-timer
S1624840624.846496,VS0,VE95
etag
"4f5c546e72243da9d4a0fc0bf1cddd63"
x-served-by
cache-wdc5560-WDC, cache-dca17779-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
sex.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//buzzdestination.com/wp-content/uploads/2021/04/
33 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//buzzdestination.com/wp-content/uploads/2021/04/sex.jpeg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01a3e95cb9a4970783a229ca81f11858b17e10dc3331b5bcb1c7d60811b82df8

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1515965
edge-cache-tag
500050963276738115884016640740911842539,349069093747406351833686533697612050307,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
197
expiration
expiry-date="Mon, 14 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//buzzdestination.com/wp-content/uploads/2021/04/sex.jpeg
content-length
33354
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Fri, 14 May 2021 04:11:15 GMT
server
nginx
x-timer
S1624840624.846480,VS0,VE1
etag
"891c0c70152d4fd76162841dec83b1c6"
x-served-by
cache-wdc5559-WDC, cache-dca17757-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
e014f5af679a325b538624c3ca158160.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
40 KB
40 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e014f5af679a325b538624c3ca158160.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0688c1695f53db5945da223ae206cc8c7c1810c432492876c69fcd150212b41

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1530729
edge-cache-tag
412121695352483815730425332908529671073,349069093747406351833686533697612050307,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
105
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_545%2Cw_980%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e014f5af679a325b538624c3ca158160.jpg
content-length
40544
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Thu, 20 May 2021 16:35:53 GMT
server
nginx
x-timer
S1624840624.846463,VS0,VE93
etag
"6c5cf1007cda903df9d7bcf62405dfd2"
x-served-by
cache-wdc5551-WDC, cache-dca17723-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
ab0fbee6a082fac284afe4dbb512c66e.jpg
images.taboola.com/taboola/image/fetch/h_545,w_980,c_fill,g_xy_center,x_1290,y_1082/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_545,w_980,c_fill,g_xy_center,x_1290,y_1082/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab0fbee6a082fac284afe4dbb512c66e.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39e61cbb0dfe7a9968b88026e29d8a44949167934a0074498ad5dc18529bbe76

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
285
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish, 1.1 varnish
age
323838
edge-cache-tag
303830741549662904794229870219781838933,479826023471491545924014611364723704429,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
121
expiration
expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/h_545,w_980,c_fill,g_xy_center,x_1290,y_1082/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab0fbee6a082fac284afe4dbb512c66e.jpg
content-length
22088
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 10 Jun 2021 07:30:16 GMT
server
nginx
x-timer
S1624840624.846451,VS0,VE285
etag
"6afc55b641fc17405353ca1d1230ca77"
x-served-by
cache-wdc5578-WDC, cache-dca17727-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
next-up-widget.20210627-5-RELEASE.es6.js
cdn.taboola.com/libtrc/
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20210627-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f603faf967f72584b8facd94d742aca30712b21f7ef57ec3b867e3b8302361b

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jJ1mhdfq95tQy2yj_7JGWvtd8588wx7D
content-encoding
gzip
etag
"b17db44261910587d60b5e22437a28ba"
age
18299
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4419
x-amz-id-2
qHMBfNE1U9JlixxdaOhnAG1zNOP+q0qffcchkPOQPOi3Axs8crkb5jeE6SUKIUQxmHEBOHK7SUk=
x-served-by
cache-hhn11563-HHN
last-modified
Sun, 27 Jun 2021 19:32:00 GMT
server
AmazonS3
x-timer
S1624840624.806515,VS0,VE0
date
Mon, 28 Jun 2021 00:37:03 GMT
vary
Accept-Encoding
x-amz-request-id
YT8M7FT9DDKEDH36
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
24
x-cache-hits
5467
99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/
0
0
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

1606145034646ef4be4236722bcfa372696c2dd0790d7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1606145034646ef4be4236722bcfa372696c2dd0790d7.jpg
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94b79cad4e07f66d8ea6c328e5f877f7619a1e64417bb63a6e98031fad40ebf3

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
1619564
edge-cache-tag
390041286483076045029295878356100687686,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
82
expiration
expiry-date="Mon, 14 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1606145034646ef4be4236722bcfa372696c2dd0790d7.jpg
content-length
4104
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 14 May 2021 08:30:24 GMT
server
nginx
x-timer
S1624840624.957523,VS0,VE1
etag
"686b2f89dfc29b5884992170eaf22a54"
x-served-by
cache-wdc5575-WDC, cache-dca12922-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
509aec62cc707de45bbe0d733bca8e4a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/509aec62cc707de45bbe0d733bca8e4a.png
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8dd97efc387502e004e4b57aef50efed41f06e3ab1b11026367c2043406aebbb

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 28 Jun 2021 00:37:03 GMT
via
1.1 varnish, 1.1 varnish
age
2129266
edge-cache-tag
611593712896976824034525124939221346344,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
14
expiration
expiry-date="Thu, 03 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/509aec62cc707de45bbe0d733bca8e4a.png
content-length
3418
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Mon, 03 May 2021 00:31:54 GMT
server
nginx
x-timer
S1624840624.957518,VS0,VE0
etag
"cc36208991a8e0e9fda8d5c033b140fc"
x-served-by
cache-wdc5528-WDC, cache-dca12921-DCA, cache-fra19182-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
adview
googleads.g.doubleclick.net/pagead/ Frame EA64
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-l1erhnZYNbRF-qX9u8P14Wd8AXJ4LCIY5H2sO3uDQoQASDtgvkxYJUCoAHB1MG0AcgBCakCQzZDmXsGtD6oAwGqBL0BT9ArgUvnS5fUV9pjC8hKjP7FCF-ujwkvnEaHSLSyJbT2NYHi856itKGrzAQRFoSAZwVtJvuCVNTEJvbU6GUogPQjxVvTWddjm2Jv2pFqf0JzAksug6rNc5QJc0o6wYezy3_5nZnT50w2IBRVjgNAQE8K4atEkz926rHfDt6lElotoNKp1C3jkCH3AdETJsqrHPNi7N1Bb0J9K7RQ67YBY9HrEoF5qLuo9x8__EWHmdmKy9prGhKCrhKoROT8wASghuOuzgOgBi6AB6ervssCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIeNA9IICQiA4YAQEAEYH4AKAcgLAdgTA4gUBdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0zNTExNDQzNzk5NDA3NDk5&sigh=h55gT8Dv8RY&vt=1&template_id=484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=2241232556&adf=3132389021&pi=t.ma~as.2385331166&w=970&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622188&bpp=2&bdt=222&idt=166&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=enIPsurCuu&p=https%3A//www.reportdoor.com&dtd=182
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 28 Jun 2021 00:37:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EA64
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG86W08mX3Z7132B7tAaWF9HhadoToOmmIU6ilN9Xi9-XxJWxQWqrjcDHL7yYRqI3u0fopgCFeh7eRN0Kze3rz6b3EFLxcifpc4tyF6KX8mDeWoBheZcpBejBUPg&sai=AMfl-YREhQTRQ16mEEySlXr5PPkiACePSdFh3sn_4y-6zc7wPkbxeY4pjZ7O_xG7Sz18Ab7PvZeAjG3Xb5JL&sig=Cg0ArKJSzAODb08oeQTbEAE&id=lidar2&mcvt=1000&p=230,315,510,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2241232556&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624840622373&dlt=512&rpt=87&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprammp.taboola.com/ Frame 8811
540 B
453 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9deed26ee0dfda69edfc3ad20c367e086cec39853b5a13e6312279be70757da3

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish
x-served-by
cache-hhn11563-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624840624.193669,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 41AE
540 B
634 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9deed26ee0dfda69edfc3ad20c367e086cec39853b5a13e6312279be70757da3

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

server
nginx
date
Mon, 28 Jun 2021 00:37:04 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3403
VideoBidRequestHandlerServlet
wf.taboola.com/
7 KB
5 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1624840624177&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1241&pt=-1954979196&tz=120&viewable=true&ddast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b030b56b5b07381ddd0bf9930da8789c111785afa70fc3cebff0f2705548502a

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
content-encoding
gzip
access-control-allow-origin
https://www.reportdoor.com
machineid
1433
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11563-HHN
pragma
no-cache
server
nginx
x-timer
S1624840624.198314,VS0,VE57
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=31589837&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1624840615838.3!ts:1624840624171&mntl=1
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 41AE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 41AE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cca044-d7a8-11eb-ae98-10b91cd50106&orig=video&us_privacy=1---
0
255 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cca044-d7a8-11eb-ae98-10b91cd50106&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Mon, 28 Jun 2021 00:37:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14390

Redirect headers

Date
Mon, 28 Jun 2021 00:37:04 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cca044-d7a8-11eb-ae98-10b91cd50106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 41AE
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8811
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 8811
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cce89a-d7a8-11eb-a604-1a3233820506&orig=video&us_privacy=1---
0
255 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cce89a-d7a8-11eb-a604-1a3233820506&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Mon, 28 Jun 2021 00:37:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14390

Redirect headers

Date
Mon, 28 Jun 2021 00:37:04 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=f5cce89a-d7a8-11eb-a604-1a3233820506&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 8811
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&cmcv=&pix=undefined&cb=1624840624171&uv=2991&tms=1624840624171&abt=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6FDC3DCE423564382704032210&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/29_9_1/infra/
723 KB
120 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
26c5d858bb753718f28cbf31527c7af12cc9a290e0943a6a4ce58d02507c3711

Request headers

Origin
https://www.reportdoor.com
Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:05 GMT
via
1.1 varnish
age
55811
x-amz-meta-mtime
1624784714
x-cache
HIT
x-amz-meta-ctime
1624784714
x-amz-meta-mode
33188
content-encoding
br
content-length
122312
x-amz-id-2
8NKKus2ceNPFQwuLC3S0KMo9MzU5i6IUysUaxekBBnZ9iJ+w1m9X/1OUL9unjSKTMr6mrCppJy4=
x-served-by
cache-fra19152-FRA
accept-ranges
bytes
last-modified
Sun, 27 Jun 2021 09:05:15 GMT
server
AmazonS3-br
x-timer
S1624840625.333321,VS0,VE0
etag
"6d54c234c8201001b8b87b806d4ad682"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
5GS6ZA6GB42E143X
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
8709
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_9_1/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/29_9_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish
age
55810
x-amz-meta-mtime
1624784732
x-cache
HIT
x-amz-meta-ctime
1624784733
x-amz-meta-mode
33188
content-encoding
br
content-length
7948
x-amz-id-2
hbF2Li6yAhGRb9CWgdCciRF//uJ9nhh4OAFvaCYFUNQm3CNj/ngiQ/t2FEaYzoum43lVjLhtbX0=
x-served-by
cache-fra19123-FRA
accept-ranges
bytes
last-modified
Sun, 27 Jun 2021 09:05:34 GMT
server
AmazonS3-br
x-timer
S1624840624.307635,VS0,VE0
etag
"ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
5GS9TGWCBDYKFBQK
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
12103
99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg
images.reportdoor.com/image/99/5by4/2018/11/02/
0
0

PMS.js
vidstat.taboola.com/PMS/3.2.2/
59 KB
18 KB
Script
General
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age
1643884
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-fra19123-FRA
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1624840625.522706,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits
1173243
content14_10_18m.js
vidstat.taboola.com/
37 KB
8 KB
Script
General
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront), 1.1 varnish
age
4250888
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19123-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1624840625.612908,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
-TROi2rJAwAJZGjvQ1UUl45pz7OKYS6cCd8hK2LTON4-GEHuquvUjw==
x-cache-hits
2505337
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/
15 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront), 1.1 varnish
age
1552894
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-fra19123-FRA
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1624840625.616923,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dn5T0GNP1aO-b_P8C7pna3QaAbZXC_OUv0ztGQCxzCA8nHgZMgo10Q==
x-cache-hits
1206230
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/
8 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 varnish
age
1644099
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19123-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1624840625.616929,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Yo6KR3_XnOUi3NWD_VhTvYGGRyYggaAaoexq4W1dbbw3whiXkm5P2g==
x-cache-hits
1118474
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/
549 KB
113 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
93c3caa42ac8ebcf19a38b8865d1d0eb33a782f9e952b15368b2f0f584d068e3

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish
age
55979
x-amz-meta-mtime
1624784553
x-cache
HIT
x-amz-meta-ctime
1624784567
x-amz-meta-mode
33188
content-encoding
br
content-length
114879
x-amz-id-2
4G2ZoT9AHFeh29ZvneABMOL6h0iw3G52oUtu1vNFnV+rTES0YWcdgftdqnxlXGal2reU8oX0auw=
x-served-by
cache-fra19123-FRA
accept-ranges
bytes
last-modified
Sun, 27 Jun 2021 09:02:48 GMT
server
AmazonS3-br
x-timer
S1624840625.629199,VS0,VE0
etag
"5a16314dfe21c320516fb6b700796f04"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
3M6VR20WQ1GNXJR0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
12187
sync
am-match.taboola.com/ Frame 7654
547 B
632 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f6bae4ca156e482e18674459dea607744f46e2dece6a47d3b3672f1814596ff7

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=be2b6fcf-73bf-47fa-bec2-ea51c85020b6-tuct7d29f30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

server
nginx
date
Mon, 28 Jun 2021 00:37:04 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
eb088e72-c0e3-4ed8-a9bd-9657eb5abb2a
https://www.reportdoor.com/
1 KB
0
Media
General
Full URL
blob:https://www.reportdoor.com/eb088e72-c0e3-4ed8-a9bd-9657eb5abb2a
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
bed6b030-05ea-4bae-b885-66e0cc5091f6
https://www.reportdoor.com/
1 KB
0
Media
General
Full URL
blob:https://www.reportdoor.com/bed6b030-05ea-4bae-b885-66e0cc5091f6
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
generic
match.adsrvr.org/track/cmf/ Frame 7654
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 7654
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 20D5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Jun 2021 00:37:04 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Mon, 28 Jun 2021 00:37:04 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
getmu
ioms.bfmio.com/
49 B
628 B
XHR
General
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.reportdoor.com&i_type=out&stream=out&playback=2&cb=R0.1624840624733&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.78.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-78-234.compute-1.amazonaws.com
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.reportdoor.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
212394
search.spotxchange.com/vast/2.00/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.00/212394?VPAID=js&content_page_url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&player_width=700&player_height=393&cb=R0.1624840624735&content_id=main&playtime=60&custom[content][]=IAB1&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1305601,1,-1401699314&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 28 Jun 2021 00:37:04 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000335
X-SpotX-Timing-SpotMarket
0.011187
X-SpotX-Timing-Page-Mux
0.000212
X-SpotX-Timing-Page-Require
0.000344
X-fe
108
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
Content-Length
77
X-SpotX-Timing-Page
0.018044
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003214
Last-Modified
Mon, 28 Jun 2021 00:37:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011187
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.reportdoor.com
X-SpotX-Timing-Page-Misc
0.002721
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bulk
trc.taboola.com/reportdoor-reportdoor/log/3/
0
74 B
XHR
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=14
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
100
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840625.800237,VS0,VE100
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/reportdoor-reportdoor/log/3/
0
220 B
XHR
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
60
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840625.822136,VS0,VE60
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
741 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ&utm_source=rss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
38
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Olb+YyDQBKGh7cwueQ5LeIGsXnGNg1fxi90sFl9BDpDVxzFbv82yCyTcgo7/5nBaVt7MgHnSa+E=
x-served-by
cache-hhn11563-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1624840625.822114,VS0,VE0
date
Mon, 28 Jun 2021 00:37:04 GMT
x-amz-request-id
5QBDV5MFESKPZMG3
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
59
x-cache-hits
19
usync.js
eus.rubiconproject.com/ Frame 20D5
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3f60136ad6dc07aee0847a93e1f3697243c8ff5492b43b31696a7744d3666269

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 00:37:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44171
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9274
Expires
Mon, 28 Jun 2021 12:53:15 GMT
khaos.jpg
token.rubiconproject.com/ Frame 20D5
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210623&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
579e8134ab0848b50abdfea59f756a2593e82c62f047e959f0adf89447f3bfd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Jun 2021 00:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8403
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210623/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 28 Jun 2021 00:37:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 997C
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 27 Jun 2021 22:01:06 GMT
expires
Mon, 27 Jun 2022 22:01:06 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9359
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CEC4
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c61183850271506a3cdac7a0d710f763deaefeeb07f5f777d8526ecbd0c6f11d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nct9fPKawu9QdrVzzKVQYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

expires
Mon, 28 Jun 2021 00:37:05 GMT
date
Mon, 28 Jun 2021 00:37:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nct9fPKawu9QdrVzzKVQYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame 997C
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 09:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
55324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Jun 2022 09:15:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210623&jk=2295971237957141&bg=!2dql2p7NAAYo4NJEKOA7ACkAdvg8WmcbSXjWKLctMT0EsB2g-xxGVUiwJOXRMm-iz1LKvFmwkQlCPQIAAABvUgAAAA1oAQeZAnaPc3-gInVnH3ANklcGrGa12SMk0gB-gcAuidIQBHwnrBtySA0GDdF1sgkVNub1b9tTJ7XngAU3ej6tOmuG-9k8sMFLUDMQxBDJXfxRzFZwwM3vh_RcG6AsrYyxnoIw82j_CFXoH6WoAA-QBAQ64btiRjKG6RMqDS02as71OW1GqruBwo7LX6zOsljyV3FzU1BK4cnQvnB7RaUfBKjENhJ3TlfzkQ1txaImnfZaJz1ooAqM9nuhNvQgdF33HcOp1rT6CfBsfDX2GTcTrCjdL3WwQwHxd7niME5_7WaOJ6tGfZmvhnqJBtgQktaomRrj4P3XBGLeDboqKVtNX7fs5Rq2HmyWrncCHhwPxdv6R3G4EO0fHT1qlttW1Mer_V2XRCOWG4UUOWUPM6MHHluTycAO5QifxpUCy0SoSDeyUQe-TpIgQs_nQjsY6esLYwX_KYNw64pe35FPwwCcj-OZB0D0H-JrW1tcmZ7ruYPXWMuSC5PncrGaFX7x6_s_ouHIJ6lNkNmGkPOFpj-FfHX6CJH3BpGih8f_UxwpzxdYYd2flg5C0J0b-aSZ1ltzx9rxIztVfidAmJLcy5w3L4-cDN7_EkQ8NBKH8LXKSFacXiDE3mjQr4efHn8bD4r1iZ9XB0aQFHe_gnyXCer5_a7aDLwye45YeiNT9Q1k2wC6kjnMY8LE2jihX52mVhhdo-lZHTMyzweRoMDhQJRrVYLLE6-mGfQhZyDNFydltrLOczzNUKpH44qNrkH4QBRk9FVYv6zY38fMEaZiZT-4QRWhXSSLkIy2wul33J21Uqy6MIhzW3fzsWrCe0sedWMxoIw3qtIpLrz1m68
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/
7 KB
5 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1624840626918&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1241&pt=309343038&tz=120&viewable=true&ddast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vG&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53615efdd0cc2ae037ffa752ead3ee52d43ef45101dca0ccfaf0cca138ac847d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 28 Jun 2021 00:37:07 GMT
content-encoding
gzip
access-control-allow-origin
https://www.reportdoor.com
machineid
1455
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11563-HHN
pragma
no-cache
server
nginx
x-timer
S1624840627.938760,VS0,VE155
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
getmu
ioms.bfmio.com/
49 B
647 B
XHR
General
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.reportdoor.com&i_type=out&stream=out&playback=2&cb=R0.1624840627124&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.78.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-78-234.compute-1.amazonaws.com
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.reportdoor.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
transfer-encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
212394
search.spotxchange.com/vast/2.00/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.00/212394?VPAID=js&content_page_url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&player_width=700&player_height=393&cb=R0.1624840627125&content_id=main&playtime=60&custom[content][]=IAB1&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1305601,1,-1401699283&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 28 Jun 2021 00:37:07 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000274
X-SpotX-Timing-SpotMarket
0.009541
X-SpotX-Timing-Page-Mux
0.000246
X-SpotX-Timing-Page-Require
0.000330
X-fe
041
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
Content-Length
77
X-SpotX-Timing-Page
0.016963
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003712
Last-Modified
Mon, 28 Jun 2021 00:37:07 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009541
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.reportdoor.com
X-SpotX-Timing-Page-Misc
0.002824
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/
1 B
123 B
XHR
General
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.reportdoor.com
date
Mon, 28 Jun 2021 00:37:09 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
visible
trc.taboola.com/reportdoor-reportdoor/log/3/
0
84 B
XHR
General
Full URL
https://trc.taboola.com/reportdoor-reportdoor/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
65
pragma
no-cache
date
Mon, 28 Jun 2021 00:37:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1624840631.585541,VS0,VE65
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/
7 KB
5 KB
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1624840633716&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1241&pt=309343038&tz=120&viewable=true&ddast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vG&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b204c120b7d9bd9c9f017724a6f40f44fb3b54af120cfc66d77cb66c6295904a

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:13 GMT
content-encoding
gzip
server
nginx
machineid
1469
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://ioms.bfmio.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
getmu
ioms.bfmio.com/
49 B
652 B
XHR
General
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.reportdoor.com&i_type=out&stream=out&playback=2&cb=R0.1624840633826&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.78.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-78-234.compute-1.amazonaws.com
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.reportdoor.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
transfer-encoding
chunked
Expires
Thu, 01 Jan 1970 00:00:00 GMT
212394
search.spotxchange.com/vast/2.00/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.00/212394?VPAID=js&content_page_url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&player_width=700&player_height=393&cb=R0.1624840633826&content_id=main&playtime=60&custom[content][]=IAB1&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1305601,1,-1401699252&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 28 Jun 2021 00:37:13 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000259
X-SpotX-Timing-SpotMarket
0.011162
X-SpotX-Timing-Page-Mux
0.000275
X-SpotX-Timing-Page-Require
0.000360
X-fe
038
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
Content-Length
77
X-SpotX-Timing-Page
0.018837
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003964
Last-Modified
Mon, 28 Jun 2021 00:37:13 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011162
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.reportdoor.com
X-SpotX-Timing-Page-Misc
0.002778
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/
1 B
122 B
XHR
General
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.reportdoor.com
date
Mon, 28 Jun 2021 00:37:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
sync
am-match.taboola.com/ Frame 2D95
540 B
625 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9deed26ee0dfda69edfc3ad20c367e086cec39853b5a13e6312279be70757da3

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reportdoor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reportdoor.com/

Response headers

server
nginx
date
Mon, 28 Jun 2021 00:37:24 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
generic
match.adsrvr.org/track/cmf/ Frame 2D95
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2D95
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fb7a909c-d7a8-11eb-8e27-169e7f670006&orig=video&us_privacy=1---
0
255 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fb7a909c-d7a8-11eb-8e27-169e7f670006&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Mon, 28 Jun 2021 00:37:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14409

Redirect headers

Date
Mon, 28 Jun 2021 00:37:24 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=fb7a909c-d7a8-11eb-8e27-169e7f670006&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
142
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 2D95
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-52-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 00:37:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
VideoBidRequestHandlerServlet
am-wf.taboola.com/
4 KB
3 KB
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1624840644930&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1241&pt=309343038&tz=120&viewable=true&ddast=V7x7sCFgNlUvkYp03YOwRlUvkYp03YOwUAAAAGBvQHGjYjcTgjDos02axmo81wshuMBpvJZDEYgobNSBzOiMMiTTar2WgzXIxGy-VgMBwOpvBhLJfJoBZIWGa_76CgnJ4es8sgKrreFrvDafa8IQpNp8Pnutfrfr-75GX4W04nv99y1_jdfrXTY_l7_jbTW_P02V0mt8ItsjxtL8tb7HeYXCa37mk6uiV_v-nrNL3VDrPvYXn55QAAAADwALCVOA7xAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGQwHmtAaDDcYB-y-dl9_wDAOChAAQAQACDBMBAOawEgCS7_QQAAAAAAAAAgOX___8_ZqB-elBmAF94swfgwQfggaggr4gRAAAAgJQZxfrRpE6oLKoAAAjSrQCuAAAC9KAYquDDAAAAAsYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-a0BccaVpQh_Cj2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBgsJqsRgvnaGRcjgaj5WgzmrlWK9_KsLKsLA7P9vjEKzmV6W6K-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PAJcDnIjBcjmZLCa71Wg12gx3o9lggQIxmOCEDEebyWq0W-0my-FkNJptJhukaNVqNtoMhqvZZLbbrYaD4XI0QorWLGaTyWI2Wu42g-VkNBhOhkOEGd_IsXJNVmvJZGVbizaOhVvhHM3cGptxMBsuRiPbxLMWvT6m38iynFlWXhQMUNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22RcGq8lqtHCORsblaDBajjajmWu18q0MK8vK4vDsO76RY-WarNaSycq2Fm0cC7fCOZq5NTbjYDZcjEa2iWcten1Mv5FlObOs_I3ZZDQcDWaTyb4xm4yGo8FsMtl36Azf1eds9ExGQ4_NVnueHbKZ-aBwGSzen2p1jX5HB93Zd3TKtIdlQWe07lw3r0HhOXhM4-Wtdixvn830cZhQxBLB6SKdiF7G00UskTwt0olkNjFuDJvFaGJyTRbL2Wxk8dhMho1zYjGMFpaVRSxRmi7SiV7t9Fj-nr_N9NY8fXaXya1wiyxP28vyFvsdJpfJrXuajm7J32_6Ok1vtcPse1heFvUfG3AyVwwmc8lgLtmsVgkAAAAAAAAAYAlz5k0AAAAATgMarQaT1XIBJtgDdIFBAAAAAAAAihs_rpCX4W85nfx-y1vyMvwtp5Pfb7kywMT6P_NmzwSxVqtlDQAAIIANAAAQwK2btwBORg4!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!lotc_vA!mprdctdt6_vA!nrlc_vA!smbs!ufm_vG&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1bec84f19bc8af34d67b4c681ec91477a31de850b956cc6a27fc28e1d581bdfb

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 00:37:24 GMT
content-encoding
gzip
server
nginx
machineid
1480
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.reportdoor.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://search.spotxchange.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
212394
search.spotxchange.com/vast/2.00/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.00/212394?VPAID=js&content_page_url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&player_width=700&player_height=393&cb=R0.1624840645011&content_id=main&playtime=60&custom[content][]=IAB1&custom[pub_lang]=en&schain[schainobject]=1.0,1!taboola.com,1305601,1,-1401699221&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.1/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.reportdoor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 28 Jun 2021 00:37:25 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000294
X-SpotX-Timing-SpotMarket
0.007210
X-SpotX-Timing-Page-Mux
0.000213
X-SpotX-Timing-Page-Require
0.000359
X-fe
082
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
Content-Length
77
X-SpotX-Timing-Page
0.013671
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003115
Last-Modified
Mon, 28 Jun 2021 00:37:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007210
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.reportdoor.com
X-SpotX-Timing-Page-Misc
0.002448
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.reportdoor.com
URL
https://images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject undefined| $ function| jQuery object| _taboola object| adsbygoogle object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc boolean| jQueryScriptOutputted function| initJQuery object| adsforwp_obj object| adsforwp_browser_obj object| herald_js_settings object| e function| checkOrResult function| checkAndResult object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| lazySizes object| addComment function| EventEmitter object| eventie function| imagesLoaded object| wp string| google_user_agent_client_hint object| TRC object| _tblConsole undefined| msg function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| taboola_view_id object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP string| nam object| placementData object| _tfa object| cmTag object| _cm_wfCounters string| lastWfUrl function| startCMTagMain string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist function| webpackHotUpdate string| vpaidId function| OvaMediaPlayer object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
.taboola.com/ Name: t_gid
Value: be2b6fcf-73bf-47fa-bec2-ea51c85020b6-tuct7d29f30
.doubleclick.net/ Name: IDE
Value: AHWqTUlSzrzXiy4HkDjJaF4LYmnzyZhQyopAuNpkcoxKvhE6UYJ-KdMkBl-mSrx6PiU
.reportdoor.com/ Name: _gat_gtag_UA_164811841_1
Value: 1
.reportdoor.com/ Name: __gads
Value: ID=1fe5c9f4679fd437-227f69fd6cc8001a:T=1624840622:RT=1624840622:S=ALNI_MZTGGP7i0ZvLG_YY9KEFJFO16Phxw
.reportdoor.com/ Name: _gid
Value: GA1.2.1487932846.1624840622
www.reportdoor.com/ Name: trc_cookie_storage
Value: reportdoor-reportdoor%253Asession-data%3Dv2_005254a94d894049434f55e7e0e2eba3_c7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e_1624840622_1624840622_CNawjgYQgdhPGM-msYClLyABKAEwOjj5twhAnYoQSLva2ANQuNkMWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522reportdoor-reportdoor%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Dc7d1e525-22e6-4c1a-a94f-cf806814d6b3-tuct7d29f2e
.doubleclick.net/ Name: DSID
Value: NO_DATA
.reportdoor.com/ Name: _ga
Value: GA1.2.906259880.1624840622

12 Console Messages

Source Level URL
Text
console-api debug URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1(Line 13)
Message:
toS
console-api log URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js(Line 51)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api warning URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js(Line 48)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-footer-600d28e6.min.js:1:6000) at e (https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js:48:30005) at t (https://www.reportdoor.com/wp-content/cache/wpo-minify/1624650763/assets/wpo-minify-header-b5121f49.min.js:48:30307) undefined
console-api info URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2106141722000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3693039101&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622191&bpp=1&bdt=226&idt=189&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=OFXIePGboS&p=https%3A//www.reportdoor.com&dtd=199
console-api info URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2106141722000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1560419018&adf=3062132285&pi=t.ma~as.2385331166&w=810&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=810x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624840622192&bpp=1&bdt=226&idt=279&shv=r20210623&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C810x280%2C810x280&nras=1&correlator=5391867972087&frm=20&pv=1&ga_vid=906259880.1624840622&ga_sid=1624840622&ga_hid=1401565&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2772&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2295971237957141&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-_h96L5jK60dnTvlGQ5hkxNjvfZGxS_vncGmDk-FWwTcFzNSxFOKhvSiV6MIoAEKcgDqED0NHaFSelc7RGKeyF5cLgBtQ%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5mtL2pqyhx&p=https%3A//www.reportdoor.com&dtd=282
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Dynamic Translation load is enabled but response is missing the map. Using embedded solution
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg for item=-3111115507775707914, loading https://images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg thumbnail instead
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/editor/2021/06/59137-16245558435595-800.jpg for item=-6653143710865009642, loading https://staticg.reportdoor.com/editor/2021/06/59137-16245558435595-800.jpg thumbnail instead
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//staticg.reportdoor.com/close.svg for item=4409964196092034292, loading https://staticg.reportdoor.com/close.svg thumbnail instead
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210627-5-RELEASE.js(Line 3)
Message:
Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg for item=-3111115507775707914, loading https://images.reportdoor.com/image/99/5by4/2018/11/02/99c7f9ac6c2c5d3aa6f0e868c1c42b16_xs.jpg thumbnail instead

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
cdn.ampproject.org
cdn.taboola.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
il-trc-events.taboola.com
images.reportdoor.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
m.exactag.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.gravatar.com
sync-t1.taboola.com
sync.search.spotxchange.com
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reportdoor.com
x.bidswitch.net
images.reportdoor.com
104.109.78.125
104.244.42.136
13.248.242.197
141.226.228.48
142.250.185.98
151.101.13.44
185.106.33.48
185.94.180.123
185.94.180.126
199.232.137.44
2.19.35.65
213.202.235.8
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67fe
2606:4700:3037::ac43:81eb
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a04:fa87:fffe::c000:4902
3.120.52.76
34.198.78.234
69.173.144.138
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
01a3e95cb9a4970783a229ca81f11858b17e10dc3331b5bcb1c7d60811b82df8
01db466a6f01e93bdecee5b15eb5d6cb650ebc03a0109d4c2feece4cbdc1b745
02dda8e6f5f4912491f3479276a064c48e059843c101b1b75aea03e57fd75fa8
03b76ecad56b72ead740100f70e31447ac1cb41df1d755643d12dc95fb6fd973
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
086ee2f424e19a38b1260c62c70f68be7d36ba8df1e0a901d034a260ec86caa8
09c558569b7060c96d91241c587c44b3189094a82493807d78b5be049a022ddd
0d0c5a0e82c987c58e86dccac7b88237fc8d70ab2e917757e48adaa08a2d6cdf
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fcc01c0b13c95c1a2e6e7bf789b5ba95e4ef7de3f0b8ef31ae03eb72700bf12
11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8
133bd833f5e17406472a3ff91bf00f004dd61a0043a0f1971a349830b8fe6432
14eb457f7e0dffb50280fc147d2e1ac2b7cbb5705e42484a792b7960bd4ff61e
173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f
1744aa42e617eb4af823391ed6ca00f1d2684f74db5f0519116ab4d9fffa6fed
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b0be9efbe443d060022e33c9432a504923ccf16d2e834248ebf824913e220b9
1bec84f19bc8af34d67b4c681ec91477a31de850b956cc6a27fc28e1d581bdfb
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d1b208f920331804c35ce111ba9ba0a6fbb6fc05b79c5cab88fdaad758a18be
1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
249e602194d53761ebd09bfee83388909795781a86ba7734dd1ecc341064a6b3
24c1f51786d4f453461eccaadf1df4f6e7443ff146666a99cc28344202088556
26c5d858bb753718f28cbf31527c7af12cc9a290e0943a6a4ce58d02507c3711
27ea74dfb4a30a347127033f5d7b36b3ede2dcb0a496d0b34f5043068b944006
294068d5ec91e5bbd0b74f177d18eb12b7bcdddbcb85b701eea17ddd551e0a8d
2b4b9234f08a05464a2a693ae4ba584825cb35ddbac0a0a91c74c56eee6006f3
2ef7807f50d4c45a2a9e435fac2127b8400743a3031ec2a6a36c706705f09c06
2fd7bd1726f4e978bfff408bf5fc4494ba0861c4dc54a484eef637539f9e89b7
300f248a22b396c0024c144d3ba0a975a92fb59789969ce8265bf4de96a06b04
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33c461af5ae3bf5418718807119a21e4c62f8c5bfbbda518f449161b92b8884c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36d88e845212440d76560db95ec0445b7a530069c0ccc56a1a224641897b0efd
3742b0c9042bd5c823160c3fce69eb156b8e3f63be55dd7ab9e33a8660a18b0f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39e61cbb0dfe7a9968b88026e29d8a44949167934a0074498ad5dc18529bbe76
3a564cbbf3c924e1085480876d59fd2d773a652f3f20eeda8dcf37603003e35c
3ad03ae4c99808477308cea2f49c653489bda6a1c354559d7df4b3dfe512a407
3adc584fb0bef1fbf9b1c0ecddde5727643b4334c734db78b517ab112d92e1d8
3bb4796ad532e32f7a18da4e837d0165442783006590a72bec30bbbabfea1599
3ede392f58143e254f9b4c60c6226c553d378332d3f2076d80e0b7cb295c1b82
3f60136ad6dc07aee0847a93e1f3697243c8ff5492b43b31696a7744d3666269
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42d512369f48087bfe65d7c1c5c051c1b731e67087a4e9d1ee560cb367d5562e
45438ac938e6613185f4cec0aac33ce6946e88ece9ffd9f916859e08d6509454
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c59eab430881aa1a70b824e19e8b913f4e2e1206b107fdbc75703587a90f6cf
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50cb2d58c5157144fedbc5fc3f5748d04716e0c2b77e46dd28fa8aeaa7adf011
53615efdd0cc2ae037ffa752ead3ee52d43ef45101dca0ccfaf0cca138ac847d
545995b05ab1947e4a3c2cca73c747b7faf2d0c397894d4adf52c13dc9738579
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff
55b7ccc66c65c50f00e31d89611caa1a807a67156941e164410aba6645dabc5b
56b72a82f7d6ad45158f432332f75f18b7b5dca700337772ba6c520437dd7d9e
579e8134ab0848b50abdfea59f756a2593e82c62f047e959f0adf89447f3bfd1
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
5e3ebe8564a8a62361ece8eaf0f6b21fee39df4d2eea24ee965a476bbfe6633f
5e4efc6223c74b0c496ade40c20a3960ed76a64cb0b329968d433837e203e3a0
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6287b8c51fffc3aad351010997bb0a69e52173df88b7d61971b104658d6dfc3d
62e20cbfd29f2ccf2ebeecbcd5d8a7121e92e63b60d5dcd09de41780aba5b38a
63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a
647ca45d692bd1f1361c49c442dd87c7cfdea9ed5fbcb2a1ae05b7c9d12c09c6
658e2863570da76a06509e48a6f6465d4038d3d344283ed6f80a2dbb55026e96
681c198eade37eaf120ca67437e24c57285f771bf45c6552a56fb2708608de17
6ab7998fc117e222538bd1b982bc8bb4f3fcdd777874669f9d846f675e98bc0e
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd7f50eb2089e7d871cd54fb4119c74b71f94c3899a44eeda6afeeee2fac3d4
6f1b2725a2a8bb756181e2db3f72c70560ed54473fb0bec4e0f51018b10ebb86
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70c35597c9d6b9c105dd47541b0adef7f38f065e9f815dfe6ba209a16aceb34b
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
750886f5831d04d4acd8d059d5741a41f5d71f5e843a82a8acddd753385dea1e
753f6ba4548243a04d1aadf37418d15e535a8159ce6a1f6a303e33f8dc940f67
7848f54620ef0569b6e3a0769e23ce0462496073e0bad06be8ebd9ed1d19815f
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
8475c7fe1f246af800a01160b65007c6e1d3be8443750d12620769b95f93cafd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd97efc387502e004e4b57aef50efed41f06e3ab1b11026367c2043406aebbb
8ef1ed69f675387b64ca365d659c14c972a3b593199552c020017cc9e6ceacfe
8f603faf967f72584b8facd94d742aca30712b21f7ef57ec3b867e3b8302361b
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93c3caa42ac8ebcf19a38b8865d1d0eb33a782f9e952b15368b2f0f584d068e3
9448f7c3bd336008d83d3e4730ac005be651a3a39ade1d36ebb29b5be9201235
94b79cad4e07f66d8ea6c328e5f877f7619a1e64417bb63a6e98031fad40ebf3
99e0a173ac96cd66cb5e6ade9a6a97f53262d4a883d3427e1b52062882582827
9deed26ee0dfda69edfc3ad20c367e086cec39853b5a13e6312279be70757da3
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
a1269314eda896a7c2481e41266266733d48f95f5077d9322e11319da1dfc3ae
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a2f2549d8026075374e4142efd027243975416bf5a1d936425eb9a0e684ab05f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c5293b6d3910a71056b1b381e3a68cea97df3785943308be17c214ee548fc5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7eb2a66ea4e53f8671205abc2ba3efddfdade1826260f1e016b138a600ab3aa
a89d9de3ddbc5fd21795f18b54e89da31ea1a6762c3d0962ff682c30c27e5de3
aa2955d5dd4ce4ef2924082a05a9a5e3651f57847c291d0b39106be6c72ff911
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b030b56b5b07381ddd0bf9930da8789c111785afa70fc3cebff0f2705548502a
b204c120b7d9bd9c9f017724a6f40f44fb3b54af120cfc66d77cb66c6295904a
b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
b6d60961d9c8e0ad56dd23efd745f55f8cd3a43d2e05439df285c15d0c5995a6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbd348ad69f6ad4b2441babe861fab42c1fe7689241fda05af5dd721da5d6e2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be80965f33e3bc21234fd633981cb83847d5671502225af1ef40bc46c1d80f02
beebd35392dbf9b8d88ce3454bc536b3a6a38f71f90628c0f227354e94cbb3a9
c61183850271506a3cdac7a0d710f763deaefeeb07f5f777d8526ecbd0c6f11d
c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d24b1df799ea526a7b7f7e7c65855831ba773d802b504e5ea8758e998d454118
d4438fb57a9210392c94d36ff96cbe2510eb53c2af9d62d7f980bf5088c14688
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9a8f892fbc84d6225b1233e98eedb3bca1f874cbdb28ef732f1c20b51011fa7
dc3f59ce5edc881b9033460496b43654c6140684b0183ad99d3ed700efbc809d
dc45ed9f7350510b142ce360983d7465d798ff703c6670de148ef33128de2b4d
ddb904dd34fad2b04d556eb4e0d993e6c4866a627b16ccafcb9b2df0742bf5fc
dff7fed207e722efb486f633723e09e08b5fcc7892b667641339627b67360f11
e0688c1695f53db5945da223ae206cc8c7c1810c432492876c69fcd150212b41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5016b08987573a95bf81768da90217fc6d3a0f2c13424c8b542580cd045986b
e9d488ec59f7c479d016bc6515a84294ccb34e7a031895e6684f1d22b2e0aed8
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ed919aae0e6c47f91a64377ebadfa127e0973fc2d2111fc24167621b8b2665e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef23bc9af65285512125db6ec7866dd22b88eb76160b765b05c2fdc80e2ea2a8
ef8c5caef430107e5e8c11836f244e6eed112a40452684727b0759ae10cb66fe
f02f2887d333d03d1348188319141be7847e8fa0f9780976b9d60343f908a023
f0300d29f5d9bc5f1a48446cab7720de0006fa2d52a18c8ac99cc9706bb120e8
f0671afc074a69219c31a43b75690d16ccef151aff84fdbd8f404e7136670321
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6bae4ca156e482e18674459dea607744f46e2dece6a47d3b3672f1814596ff7
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc79659c1fc6025c80092ab2d97ff6b5cf56253645a7076aa8a3e8ed43b821ab
fca5cec0bdc0787ce020b593c4c5ea124537c76969b5cf17c09c218ccc17fac0
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffb4bad80228d02f74cd9a36e1298e9346831800ae59c168371d4ed5ef087615