www.reportdoor.com Open in urlscan Pro
2606:4700:3037::ac43:81eb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8N...
Effective URL:
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-lo...
Submission: On August 04 via api (August 4th 2021, 7:36:33 am UTC) from SG

Summary HTTP 232 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 9 countries across 43 domains to perform 232 HTTP transactions. The main IP is 2606:4700:3037::ac43:81eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.reportdoor.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2021. Valid for: a year.

This is the only time www.reportdoor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
6	2606:4700:303... 2606:4700:3037::ac43:81eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
95	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 36	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	() ()
2 17	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6 6	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5 5	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
7 7	3.68.146.68 3.68.146.68	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.166.11 3.127.166.11	16509 (AMAZON-02) (AMAZON-02)
1 7	18.192.92.12 18.192.92.12	16509 (AMAZON-02) (AMAZON-02)
2	52.5.116.95 52.5.116.95	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.205.3.24 34.205.3.24	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	54.36.109.22 54.36.109.22	16276 (OVH) (OVH)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.83.159 3.120.83.159	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.221.240 172.105.221.240	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
2 2	18.156.12.32 18.156.12.32	16509 (AMAZON-02) (AMAZON-02)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
232	38

2 2606:2c40::c73c:6702 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:81eb (United States)

ASN13335 (CLOUDFLARENET, US)

www.reportdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

95 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Bottrop, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.242.197 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.126 (United States) 5 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.68.146.68 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-146-68.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.166.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-166-11.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.192.92.12 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.116.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-116-95.compute-1.amazonaws.com

ioms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.3.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.36.109.22 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.83.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.240 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.235 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.12.32 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-12-32.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com am-vid-events.taboola.com c3.taboola.com wf.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com pips.taboola.com cds.taboola.com	4 MB
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	450 KB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	106 KB
13	ampproject.org cdn.ampproject.org	242 KB
7	360yield.com 1 redirects ad.360yield.com ice.360yield.com	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net	2 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
6	reportdoor.com www.reportdoor.com	82 KB
5	id5-sync.com 4 redirects id5-sync.com	7 KB
5	spotxchange.com 5 redirects sync.search.spotxchange.com	3 KB
4	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	79 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	3lift.com 1 redirects eb2.3lift.com	736 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	openx.net 1 redirects u.openx.net	504 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adform.net 2 redirects c1.adform.net	948 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	1 KB
2	bfmio.com ioms.bfmio.com	1 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	exactag.com m.exactag.com	2 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	4 KB
1	postrelease.com jadserve.postrelease.com	540 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	546 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	546 B
1	adnxs.com ib.adnxs.com	679 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	780 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	625 B
1	googleapis.com fonts.googleapis.com	694 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	661 B
1	googletagmanager.com www.googletagmanager.com	40 KB
0	acuityplatform.com Failed ums.acuityplatform.com Failed
232	43

	Domain	Requested by
39	images.taboola.com	www.reportdoor.com
36	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net go.recordedfuture.com cdn.ampproject.org tpc.googlesyndication.com pagead2.googlesyndication.com
14	cdn.taboola.com	www.reportdoor.com cdn.taboola.com
13	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
13	trc.taboola.com	cdn.taboola.com www.reportdoor.com imprammp.taboola.com am-match.taboola.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net go.recordedfuture.com
11	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
9	pagead2.googlesyndication.com	www.reportdoor.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	x.bidswitch.net	7 redirects
7	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com www.reportdoor.com
6	sync.taboola.com	2 redirects www.reportdoor.com
6	ad.360yield.com	vidstat.taboola.com
6	match.adsrvr.org	6 redirects
6	www.reportdoor.com	go.recordedfuture.com www.reportdoor.com
5	id5-sync.com	4 redirects www.reportdoor.com
5	sync.search.spotxchange.com	5 redirects
5	imprammp.taboola.com	go.recordedfuture.com vidstat.taboola.com
5	15.taboola.com	cdn.taboola.com
4	c3.taboola.com	www.reportdoor.com
3	cm.g.doubleclick.net	2 redirects www.reportdoor.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	eb2.3lift.com	1 redirects www.reportdoor.com
2	ads.betweendigital.com	2 redirects
2	u.openx.net	1 redirects www.reportdoor.com
2	rtb.mfadsrvr.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	ce.lijit.com	1 redirects www.reportdoor.com
2	bh.contextweb.com	1 redirects www.reportdoor.com
2	ioms.bfmio.com	vidstat.taboola.com
2	prod.perf-serving.com	2 redirects
2	wf.taboola.com	vidstat.taboola.com
2	am-vid-events.taboola.com	www.reportdoor.com vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	fonts.gstatic.com	fonts.googleapis.com
2	m.exactag.com	googleads.g.doubleclick.net
2	platform.twitter.com	www.reportdoor.com platform.twitter.com
2	go.recordedfuture.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	jadserve.postrelease.com	www.reportdoor.com
1	match.taboola.com	www.reportdoor.com
1	bttrack.com	www.reportdoor.com
1	s.c.appier.net	1 redirects
1	ice.360yield.com	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	www.reportdoor.com
1	rtb-csync.smartadserver.com	www.reportdoor.com
1	simage2.pubmatic.com	www.reportdoor.com
1	ib.adnxs.com	www.reportdoor.com
1	pixel.rubiconproject.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	www.googletagmanager.com	www.reportdoor.com
0	ums.acuityplatform.com Failed	imprammp.taboola.com
232	64

This site contains no links.

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-22` - `2022-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.360yield.com Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Frame ID: 8A6F3842B7EF01CD864547246A792555
Requests: 120 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.reportdoor.com
Frame ID: D1700302C6A6B79D1C77D959DCF23798
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html
Frame ID: 6A1BEE8DC7F813D6A317462850EEBE83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1628062573&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573349&bpp=3&bdt=193&idt=274&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7694661818887&frm=20&pv=2&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: 8866CB4C3821FDA905C0182FE9CD1204
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3069572125&adf=2653041513&pi=t.ma~as.2385331166&w=1200&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573352&bpp=4&bdt=197&idt=315&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHUSpG97Jr&p=https%3A//www.reportdoor.com&dtd=320
Frame ID: 69681EAA505C83782C3429376DD22DD0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328
Frame ID: 857975B2A0C05024B2F02988FE43107E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334
Frame ID: C289B4D0FD26A4A4E0BDABAF0614970B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375
Frame ID: 7D1A3796643EE9922EB50F1119C58132
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2542BAB204867835231019512686&cicmp=1337627&cijs=1&dast=V7POgCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHG7IaTSYMCmUwGs52w81qMtktV8vhcjVYTsFgC5_T3d2GDTSdDp_rXq_7_e6Sl-FvOZ38fstd43f75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAfDMUSAOz8vsDwCAhwIQAAABDBIAgcTCEgCHu8UTAACAgzqZp22W_____xiAvPcmGQCKtI0bgx6ABx-AByEAAICLIVL4JftlxOx2ogLLIkYAAAAAW4SI7UeTOqGyqPr___-3ArgCAAjYg7gwc826OSlmDQMAAAAYW6CHxe83O-wav9tl__________9m_2cAaEI-R65pQPLhSGo8I9cKa7-AAABs7wYA8CYAF3MAdgAAAAB3_____3kAAABXe5Rsr9V49ijrfQZb-Jzu7vpN2GK0mkw2y-FsuZgMhqPhaLQ_AVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0RBlaWyXJkG65VE-dkLRqMDGvlardySzyz3cRmMc4cg5Fb9PqYjoPNxrgyWfFgPi7nvnbho0Mu5orNZK7YzOaSzW6VAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Frame ID: 53D922093052BFC05B2EF8EC90AC63B9
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=96C917904F4862019021193592451&cicmp=1337627&cijs=1&dast=V7IdsCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHDnbMBe75WA0Iw1nk8FiOVjslsPVbjFZLqZgsIXP6e5uwwaaTofPda_X_X53ycvwt5xOfr_lrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wB45igQh-dl9gcAwEMBCACAAAYJgEBiYQmAw93iCQAAwEGdzNM2y____38MQN57kwwARdrGjUEPwIMPwIMQAADAxdAYPdgaKAKWJlGBaREjAAAAgC1CxPajSZ1QWVT9____WwFcAQAE7EFcmL1m3ZwUs4YBAAAAjC3Qw-L3mx12jd_tsv________9_s_8zADQhnyPXNCD5cCQ1npFrhbVfQAAAtncDAHgTgIs5ADsAAACAu_____88AACAgT1KttdqPHuU9T6DLXxOd3f9JmwxWk0mm-VwtlxMBsPRcDTanwAuBzgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCAMry2Q5sg3XqolzshYNRoa1crVbuSWe2W5isxhnjsHILXp9TMfBZmNcmax4MB-Xc1-78NEhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGsRsNtntVtx4s2eCWKvVsgYAAADg1o0c!&excid=22&tst=1&docw=0&cs=false
Frame ID: 9203C46E05B58466A9E9DED66413F56E
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=43D8F5CFBF4870830801508635524&cicmp=1337627&cijs=1&dast=V7PnwCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsFsuJsvhZLZaLQZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJIF00MCe_ptZKooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQMQeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Frame ID: DEB67CE4016E0F441DBA0B947C752863
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=43D8F5CFBF487083078277129292&cicmp=1337627&cijs=1&dast=V7IAMCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsNstZoPFZjAajnZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJoor_iD76GXIGooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQNIeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Frame ID: 5559C1E8FA32A311372659F3EB5FD598
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 437F330356EF8C6AFF9746BBBDB99661
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 3A82FEACA8012D404E3832EF339241D9
Requests: 21 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=undefined&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4F93D37AFB35607496125490671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C86FB553D18722D8DCFBB8EADB6542C0
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 9901A14358A65290B07394ECE87DC768
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html
Frame ID: 74F419EF282B9985DE5F176080032667
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSys7bUMKYfbqLYjm3wPXsoCIDqHr5Yhk3PSJqI8Nqb_ChIobEAEg7YL5MWCVAqAB9NrMmQPIAQmpAhb9vDt96rM-qAMByANIqgS9AU_Q9FZ7rWQoQacwT5_h7TIdNz2FLfaAtFkC7U9vxHGNoZt-M-mmovrv32YMbWINHVnlgPObETYkUt3R7EQcE-W2AtPtKwMYiPpkkLjHIk_l97hdplxGpcMN0bKxUNs7h_taQmp0nans-Kan9cSwS-3gufjTz91JEIX7RXor7ZvEVdtGIu3IM4iEqrAdkdygOsNEjb6aoAqRE0izlOZmQJ-hUTXQUmYI3G-KSuhf45DhlVA0TzBJ3rG9e2VkksAE_f6_iIkDkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ_YAO0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=k0zQds8jCHU&template_id=419
Frame ID: F670BD7A62E022671376FDF4827B3F0F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 27B96A23A5473B74DD9C90D490E70828
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 872AA8B704FDDBAB7725F3C02C682D0F
Requests: 4 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRX6F7JW-15-52FG
Frame ID: 35E4F83494D937271D61885816B6C0CB
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3AC1AEBC1856B91A1A23DA235DB9FC2C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 725B662E3A5F2B1BF9959D5403B55B4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV... HTTP 307
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsof... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

232
Requests

99 %
HTTPS

34 %
IPv6

43
Domains

64
Subdomains

38
IPs

9
Countries

5711 kB
Transfer

10889 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1?_ud=15814dd1-133d-4a59-a587-0855d8f8e73d&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E HTTP 301
https://tpc.googlesyndication.com/simgad/12292211746583241485

Request Chain 171

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

Request Chain 172

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=a65990cf-f4f6-11eb-879b-156973b60106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a659908c-f4f6-11eb-879b-156973b60106&orig=video&us_privacy=1---gdpr=0&

Request Chain 173

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://ums.acuityplatform.com/bum?tpid=29&uid=1e339cb9-c67a-460a-a28b-33957033efbf&bidswitch_ssp_id=taboola

Request Chain 177

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

Request Chain 178

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=a65fcabe-f4f6-11eb-b3d6-107c10e90506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&

Request Chain 179

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=040a9c9c-409a-407a-9394-adf23edeb88a&ssp=taboola&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

Request Chain 198

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 208

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

Request Chain 209

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&

Request Chain 210

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=GlLpmCuAT6xJ0YB0Ls_Co1uEiO0&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

Request Chain 212

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRX6F7JW-15-52FG

Request Chain 213

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=baQut2GLnLzq&ev=1&orig=trc&pid=562107

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIeLCm6UOZ8bmmSVh3m88fc&google_cver=1

Request Chain 217

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed

Request Chain 218

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

Request Chain 219

https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 223

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=46865104-5658-43a6-86d7-a7480248d3a1

Request Chain 224

https://id5-sync.com/s/464/9.gif?puid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOzE9DEEVfg-dy91oph7KUcb_FPwnauLOqMsLhCA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=77071126-2126-4620-a0a4-7edbca0dd1d8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=afa3f2a607bf54e84f9cf0a4ea54e1d1&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=db8e8496-3f0f-4aaa-86cc-f6d4f3e53084&gdpr=1&gdpr_consent=

Request Chain 225

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=vVZLkVw2Ar2tHWa-cEMKYQ

Request Chain 227

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=6002850776573017902&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

Request Chain 228

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e&tbid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&query=taboola_hm%3D9f0548ee-2059-4869-aa18-2f80b50f249e&isDirect=0

Request Chain 229

https://u.openx.net/w/1.0/sd?id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=

Request Chain 230

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f3e5f535-fe4d-52d8-8286-5f83e38c1cf3

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=EY100SXYQYigq4Td4rK9Pg&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed%26ui%3DEY100SXYQYigq4Td4rK9Pg HTTP 302
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&ui=EY100SXYQYigq4Td4rK9Pg

Request Chain 233

https://eb2.3lift.com/xuid?mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

232 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3... Show response
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 99ms
83ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7128d719b3a2f9e8af3322732d746d02f3f892ee4adc56ed1729a1b20d1c544

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:12 GMT
content-type: text/html;charset=utf-8
cf-ray: 67961d066b43061c-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 11e89ad5-3f26-44cb-8463-e375c0c51759
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUvQmn%2FI3HL%2Fk8leioj5lRX8byhrHnIV3GCHJeEuihnrtN9Z%2BFw1qgFhB4HNs9q4VCdNVGkakBHErnAciQYmt4vYwXl%2BkWTKZYlIOehWVjdepwlgzTNmvXOoKxG%2FK%2FWFVA750%2FV4mKESUqUVKysuPIlICg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=8e997da4a0f792a52bd39ba712519f5473242c2c-1628062572; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q...
https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8b...

143 KB
29 KB

359ms
332ms

Document
text/html

2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc45c831851a43a0c4c5c21796c5ca8f1bfeedc4212abebfe8cd4eeffd1912b

Request headers

:method: GET
:authority: www.reportdoor.com
:scheme: https
:path: /microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
wpo-cache-status: not cached
wpo-cache-message: In the settings, caching is disabled for matches for one of the current request's GET parameters
link: <https://www.reportdoor.com/wp-json/>; rel="https://api.w.org/", <https://www.reportdoor.com/wp-json/wp/v2/posts/393231>; rel="alternate"; type="application/json", <https://www.reportdoor.com/?p=393231>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbP2ZcotAHrTLyPnrH4pH0VSLaSUHIbphzkfXFEuk3ln%2FZ3CRWKnL6owN7ViCYOixFrZRpBV88paXlQai8c3Wb20OGurDtcpU9NzYI%2FxUo8I7gP64WnVVPKkKzBuWsLS1QkgK4z%2FXPUdU8uIy8X7jGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67961d081d4e175a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Wed, 04 Aug 2021 07:36:12 GMT
location: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
cf-ray: 67961d06fc4a061c-FRA
link: <https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 65c67439-ee93-4137-bb52-27a5af2be92b
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwl9nxeJMaDkz1AOAd%2B4IfYGuVfdiNlRehOSStxQPktR7X1DGg7xNOfm406SndTGWUobXTX3xUQJlq%2BUIi4xJ%2FELySjCdgKi%2BIZRHFDZZiNWTzIx7XiyAsNfRkoIQXFef%2BHHbvyiHcZWHk5gLKZ%2FzED9bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164811841-1

Requested by

Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95cea824273b78af76b89580323d9f00dda48a7bd8a42a91f73cb1b98609cda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40775
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Aug 2021 07:36:13 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3-29 200 wpo-minify-header-b5121f49.min.js Show response
www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/ 108 KB
38 KB 31ms
20ms Script
application/javascript 2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef1ed69f675387b64ca365d659c14c972a3b593199552c020017cc9e6ceacfe

Request headers

:path: /wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.reportdoor.com
referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 06:30:31 GMT
server: cloudflare
age: 1476
etag: W/"1b0e4-5c8a1d28d2fbe-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aKXwUUHe2Oe2r7HB%2BoZ2WosZVXiG75vVr3jKMtoiX8fU0EaF%2BTM%2FyHncx3beMA2%2BrfCeP0c44b%2FgBWtdOn8vM3QlDy05QHaKF0aG8R6UG67PUVv26MC0XI5qbZhBNltcO01V%2FGo%2BsMMQbzTLGjJ4qI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67961d0a6b5ed6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e2604c6dd17e24abb1fb6cc89b3ca24d6acc9a4ea33587198839686692aa4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49279
x-xss-protection: 0
server: cafe
etag: 5728508375345498794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Aug 2021 07:36:13 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 07:36:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6713)
Age: 522
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H3-29 200 wpo-minify-footer-97be1685.min.js Show response
www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/ 20 KB
9 KB 18ms
17ms Script
application/javascript 2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-footer-97be1685.min.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184e961f51954d246c0e6e607fda285fe428720a49045b52549918b983c916f2

Request headers

:path: /wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-footer-97be1685.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.reportdoor.com
referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 06:30:35 GMT
server: cloudflare
age: 1475
etag: W/"4e3c-5c8a1d2c7f681-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADKRigyR7mVTE7SVbwimWy0x9fWhmcabfKFoWJrxdsGFldgKv%2F7lPXhaEUKrNy8RwKnzGqkhmC8m2KAecpQSP%2FRPTauXqFlO9CBzecCSKZDePqOk0OhCKvKeOTzvsD74%2Blyg2%2FCukaCb5HPUJ%2Br2tjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67961d0a7b6ad6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 wpo-minify-footer-5b03082f.min.js Show response
www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/ 9 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-footer-5b03082f.min.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec202090e02ce87cf6606102b3a412c7efc69393b38af8ce2dddb0b026ede47

Request headers

:path: /wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-footer-5b03082f.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.reportdoor.com
referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 06:30:35 GMT
server: cloudflare
age: 1475
etag: W/"222c-5c8a1d2c7f681-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oji5nRYHMg%2BlTBv91dTQUG%2FqcXen07B3i11MpKiQ0cVAgnfVgdbGwNiabCG%2BhNr%2ByGkI7t3az6fiSuvY%2FJl829YmNuSFEH5rRuDyfmMKR%2Bg6D4iy6QtHr%2B%2FVF6Q6xOS%2FKhPxgCGtbwhdKkaayV6nc1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67961d0aaba3d6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 lazyload.min.js Show response
www.reportdoor.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 21ms
20ms Script
application/javascript 2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reportdoor.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

:path: /wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.reportdoor.com
referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Aug 2021 20:24:15 GMT
server: cloudflare
age: 1475
etag: W/"1ed2-5c8995a5ccdab-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnPOXA1mSGY4R2GDq9MLru5OYQJoCjRC9Rcyl00cZ6GlWBEU%2F0%2FhEzNAO%2BZxfmkTeb0YxPunhXORRUr3BU8n4glmYqtqwFXc%2BcRWO6pkUgE%2BcoW4ZxIw%2FUQzyGBZuxlJknb1nD5ELO7zjz82QwPrarE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 67961d0abbdbd6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164811841-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7179
date: Wed, 04 Aug 2021 05:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 04 Aug 2021 07:36:34 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/reportdoor-network/ 273 KB
28 KB 169ms
124ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a7a0fbeb9c70574bb39981f4b9c7ca26fd3491ae914fd0e8af4f246bf386a5d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6mrNBzHv8_muFqGBdY4Y4K8iGXljijil
content-encoding: gzip
etag: "c719e23351e6fd6cc28146ae06238cb0"
age: 0
x-cache: HIT
content-length: 27858
x-amz-id-2: ZEhY/9obupTv1hlT5dzBSIhmMYDtL96OkTYKNaGFj76geSlBRI87ZTrocD7QmzTxnv8hK064e/c=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:39:42 GMT
server: AmazonS3
x-timer: S1628062573.282631,VS0,VE105
date: Wed, 04 Aug 2021 07:36:13 GMT
vary: Accept-Encoding
x-amz-request-id: CWJEJ059RFTDSWV6
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 04 Aug 2021 08:07:36 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame D170 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.reportdoor.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.reportdoor.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5253
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Aug 2021 07:36:13 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3-29 404 Microsoft-signed-a-driver-loaded-with-rootkit-malware-scaled.jpeg
www.reportdoor.com/wp-content/uploads/2021/06/ 894 B
894 B 630ms
630ms Image
text/html 2606:4700:3037::ac43:81eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.reportdoor.com/wp-content/uploads/2021/06/Microsoft-signed-a-driver-loaded-with-rootkit-malware-scaled.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:81eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8cdd751acce1bad23949fa34c00877424de0ac0615754ae3b70d8a7b92d980

Request headers

:path: /wp-content/uploads/2021/06/Microsoft-signed-a-driver-loaded-with-rootkit-malware-scaled.jpeg
pragma: no-cache
cookie: _ga=GA1.2.2117701773.1628062573; _gid=GA1.2.1652377516.1628062573
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.reportdoor.com
referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
link: <https://www.reportdoor.com/wp-json/>; rel="https://api.w.org/"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biyFDjfz0aI63PsSz9hr5JqxtT3uE%2BxEcNyqja98vVldWUA1aBAeyzALV8%2BT5YxiAzQdUQw%2BvgxLhh0jrmH5y1e81L5Yau4PfuCWkqbDs9ALbJ6lKrmjF2Ypx7aLKhxZ%2BHGwVd%2Bqt6%2BZsh2cYJuRP0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
x-ua-compatible: IE=edge
cf-ray: 67961d0b5d69d6e1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108030101/ 250 KB
93 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09dae33c582394eed951c555509767c9a6dd115bf0fa4c59904eab718508e360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95229
x-xss-protection: 0
server: cafe
etag: 17815857422069322066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 04 Aug 2021 07:36:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/ Frame 6A1B 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210729/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210729/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 04 Aug 2021 01:15:27 GMT
expires: Wed, 18 Aug 2021 01:15:27 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 22846
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=369319700&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&ul=en-us&de=UTF-8&dt=Microsoft%20signed%20a%20driver%20loaded%20with%20rootkit%20malware%20-%20REPORT%20DOOR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1601845337&gjid=2018687866&cid=2117701773.1628062573&tid=UA-164811841-1&_gid=1652377516.1628062573&_r=1&gtm=2ou820&did=dZGIzZG&z=1465852991

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reportdoor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20210803-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b2afd92347cfa3b2e08f77e6204975c5edee29fec7a12a8c7eea0aa40ad8383b

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TqEwz4hk5x1Nlf9xSlZQYbd.vuBTKIn6
content-encoding: br
etag: "5c7e0519c3c0e201e8e2d10ba28ce962"
age: 25041
x-cache: HIT
content-length: 120521
x-amz-id-2: fekpYVz8xA3C0fNv5q2Lcc/wRxCziBLGlWAzCKiFMy2WGjUnbJrVclz/dtH95GQumAJCA+Rv2uc=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 08:32:58 GMT
server: AmazonS3-br
x-timer: S1628062573.442183,VS0,VE0
date: Wed, 04 Aug 2021 07:36:13 GMT
vary: Accept-Encoding
x-amz-request-id: HAX6QJJ8WW928SKA
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 11
x-cache-hits: 50643

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D170 232 B
432 B 157ms
121ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=119a74d53acc76d39ce7fb200314b82d0c82aa1d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.reportdoor.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:12 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 07:36:13 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6df144a6e0d2a93d23fb54bcd739385b60d1feae84ecf4fd73fcb7218ffed477
content-length: 166

GET
H2 200 json Show response
trc.taboola.com/reportdoor-reportdoor/trc/3/ 73 KB
20 KB 395ms
393ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/reportdoor-reportdoor/trc/3/json?tim=09%3A36%3A13.616&lti=deflated&data=%7B%22id%22%3A476%2C%22ii%22%3A%22%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1627987178670%2C%22vi%22%3A1628062573613%2C%22cv%22%3A%2220210803-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3071%2C%22qs%22%3A%22%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss%22%2C%22nsid%22%3A%22reportdoor-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-MidPage%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22MidPage%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22MidPage%20Article%20Thumbnails%22%2C%22cd%22%3A1921.046875%2C%22mw%22%3A740%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2883.046875%2C%22mw%22%3A740%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A9%2C%22uim%22%3A%22thumbnails-sidebar%3Apub%3Dreportdoor-network%3Aabp%3D0%22%2C%22uip%22%3A%22SIdeBar%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22SIdeBar%20Article%20Thumbnails%22%2C%22cd%22%3A685%2C%22mw%22%3A280%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 753c4e05884969ca23009416092cc44c0b87c98f57c07f59cc433f06b5eb3f50

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 375
date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
server: nginx
x-timer: S1628062574.625842,VS0,VE375
x-served-by: cache-fra19133-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.reportdoor.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
661 B 82ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.reportdoor.com&callback=_gfp_s_&client=ca-pub-3511443799407499

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3511443799407499&plah=www.reportdoor.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1030c106ca0d76cb60b95088556dcb63a23a429a81c7d6036be1f15e18afa3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.reportdoor.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.reportdoor.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8866 0
19 B 72ms
72ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1628062573&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573349&bpp=3&bdt=193&idt=274&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7694661818887&frm=20&pv=2&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3511443799407499&output=html&adk=1812271804&adf=3025194257&lmt=1628062573&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573349&bpp=3&bdt=193&idt=274&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7694661818887&frm=20&pv=2&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 04 Aug 2021 07:36:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Aug-2021 07:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:13 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Wed, 04 Aug 2021 07:36:13 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6968 68 KB
16 KB 535ms
533ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3069572125&adf=2653041513&pi=t.ma~as.2385331166&w=1200&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573352&bpp=4&bdt=197&idt=315&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHUSpG97Jr&p=https%3A//www.reportdoor.com&dtd=320

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d68e8430c568e3f199c836930323b9e6a08348740eac27fb58079b7e327b90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3069572125&adf=2653041513&pi=t.ma~as.2385331166&w=1200&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573352&bpp=4&bdt=197&idt=315&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHUSpG97Jr&p=https%3A//www.reportdoor.com&dtd=320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Aug 2021 07:36:14 GMT
server: cafe
content-length: 16761
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Aug-2021 07:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:14 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8579 189 KB
20 KB 589ms
589ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56babb93f023829eec7a98b8446e92791279a5dc7242ae225487d74735c99ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Aug 2021 07:36:14 GMT
server: cafe
content-length: 20213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Aug-2021 07:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:14 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C289 200 KB
25 KB 517ms
516ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b8a32d181748d31121e45093ebd4fba95dd814e50e28a42756559dbc0a3951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Aug 2021 07:36:14 GMT
server: cafe
content-length: 25076
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Aug-2021 07:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:14 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D1A 122 KB
39 KB 767ms
767ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

832c9a073f07d51902b8950869b2075b28381e8bac00770b5985802049d0b573

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbVhdvtlvICFQjzdwodVxkA4Q&gqi=bUMKYbucLceWgQeQ8o_IDg&layout=/sadbundle/%24csp%253Der3%24/16472413395395139628/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbVhdvtlvICFQjzdwodVxkA4Q&gqi=bUMKYbucLceWgQeQ8o_IDg&layout=/sadbundle/%24csp%253Der3%24/16472413395395139628/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Aug 2021 07:36:14 GMT
server: cafe
content-length: 40386
x-xss-protection: 0
set-cookie: IDE=AHWqTUmAuUg758JhNiAz-rbkHlRUW5prfH1PnXEEi61bJIwAlT_HCyy0w5reEKQ0nUA; expires=Mon, 29-Aug-2022 07:36:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:14 GMT
cache-control: private

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 5595
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1628062574.055018,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 88
x-cache-hits: 32655

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
971 B 20ms
20ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 26456
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1628062574.055096,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 88
x-cache-hits: 159057

GET
H2 200 tfa-eid.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 19ms
18ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2855c78c7e00bb2ecdf746ccdfea8c6b86f156ff83b49605b3a5b5fb44469def

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BoPtRgVccc2oyHUPtP36GxjK_sOXjo3j
content-encoding: gzip
etag: "7dfd521df2b1ad205e5ad4343ef8e9da"
age: 34
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: 35ua8iGzbGRvVIicBctHE6oHvENHfWDfALHzWagaP6q6gc86L/5Pbrjy5lS68twDa4P/6Wwi7Gs=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:36:33 GMT
server: AmazonS3
x-timer: S1628062574.057425,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: M70SD26RKW469G2V
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 167

GET
H2 200 sha256.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 052e445a28a4a628f123a12cfdd035a3c80661acd551e7b6f3b3681075cc6886

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1tdLDtMLBxSxsGm9LYQxLm5G3v1zvK7f
content-encoding: gzip
etag: "865d7ff54981b8e85fe61dbc9a2a04b9"
age: 22
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: ZX7TYVLWmO2iIC5YjO6wG6SXDnu4bIrVexeIqkOVy/ymOTPoDX/nra2HTc+trdCSRNzY7jNhGcg=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:36:46 GMT
server: AmazonS3
x-timer: S1628062574.057598,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: W4STGACR2MHW2X10
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 96

GET
H2 200 floating-unit.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
2 KB 19ms
18ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd8e30a73d6b002eccc6c1cc72950b0a0e6cabb8a9d6134abbdcfa2f82c685b6

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: X01lq6dLLnlvxx1i69SDCdX8HyRW4yiv
content-encoding: gzip
etag: "e51a196bb4a17454e57a225921761c48"
age: 110
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2286
x-amz-id-2: kbfGGbbcwZhHGPJFHtkI+FaaJkXla5GdDtjsQLxhcOLDCuXvHOqe4KMDIqdgU74xQVJI8x5hTbA=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:36:56 GMT
server: AmazonS3
x-timer: S1628062574.060328,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: XWXYS1RYE8TS767Y
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 33

GET
H2 200 tb Show response
15.taboola.com/ 37 KB
11 KB 241ms
239ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=reportdoor-reportdoor&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F&encoded=1&uid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1628062574055&tagid=&cntry=CH&platform=1&sesid=69a5ad37414c6b2d5c4abe3d22c7ff41&itemid=/microsoft-signed-a-driver-loaded-with-rootkit-malware&viewid=1628062573613&geolat=&geoing=&deviceifa=&appid=&sd=v2_69a5ad37414c6b2d5c4abe3d22c7ff41_0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed_1628062573_1628062573_CNawjgYQgdhPGK3I3YCxLyABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAB&ri=6a5f66539c9b49ee881faf50af5e4548&appname=&cdb=&gdprApplies=false&rid=&sii=4709542567805584580&oee=true&tpubid=1305601&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BS&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1305599&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fece3d85eb5481c6574ef49fbd5103e294df2b1be72175458b77353c5b8a5c69

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1418
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062574.063590,VS0,VE220
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f406d74e7e0d7846477adddb217af2f30bd4c52878d91ca3cb162a73053f38

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vr52DA.knsITUM0FXqy6EclJtLy13OP0
content-encoding: gzip
etag: "93cc34c8ad724077a44b1904ac803651"
age: 112
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: n10vUnKjK26sm91Bv8hn4vJ5q1psi6QjEJdsBW5DxEBNUO1H4+TJ2+NoTtTG/s2rsEQanPLmqQs=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:37:06 GMT
server: AmazonS3
x-timer: S1628062574.063782,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: 5MSQ2JZQ2Y73AERC
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 362

GET
H2 200 userx.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 21ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 469ddba95516d00cddad0bb531e6e3aab469b07f5c0aecc23eda06435497c2de

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GoRRin3jq4ZQbSHoGzkZIribychkKLAA
content-encoding: gzip
etag: "c47d9ca6539bf2c224c0670f261951f1"
age: 6
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7949
x-amz-id-2: pL/TVvDd7hUmFFs2u5YtbII3L2bW5sjqWP9w4dEYBAHovEfC4JEzK9tH71zs6ASuz5pT2aaeF44=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:36:28 GMT
server: AmazonS3
x-timer: S1628062574.077433,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: 3Q52Z129NXV46HWM
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 3

GET
H2 200 explore-more.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
7 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06f27befa33fd5f7b6285871a89689dfb77dcdd92881232525c18c82b903db4f

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .Sg2W2VTOHEFft4XmkmlpMC5zH0fVjoY
content-encoding: gzip
etag: "580aedeb1ecb5332759f53ae3699252a"
age: 92
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6760
x-amz-id-2: juEvBVQ10AbTBYWzenrBrM3EWivgfI4oVZRt1UzDGdRNHUExnwFXIq9ICoXNX6O/eYuUq+P603s=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:37:09 GMT
server: AmazonS3
x-timer: S1628062574.084521,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: BVBXX066JR66C7QK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 97

GET
H2 204 supply-feature
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
413 B 86ms
86ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/supply-feature?route=AM:IL:V&tvi2=3127&lti=deflated&ri=689964b5b94fe3b2853a64d6c6342df9&sd=v2_69a5ad37414c6b2d5c4abe3d22c7ff41_0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed_1628062573_1628062573_CNawjgYQgdhPGK3I3YCxLyABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1628062573613&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A36%3A14.053&id=9210&llvl=1&cv=20210803-2-RELEASE&
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062574.122993,VS0,VE68
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 19ms
19ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 74
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: QvMTzrJ1sqHqbtTS38GSlbgcAwEVpb/6/VVZi7XQWhIdO7VhR40gonWNObdQTHplF21EUdzhZZA=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1628062574.126743,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: QQEHSY6P3GVEQ2QG
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 88
x-cache-hits: 117

GET
H2 204 abtests
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
410 B 87ms
86ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/abtests?route=AM:IL:V&tvi2=3127&lti=deflated&ri=689964b5b94fe3b2853a64d6c6342df9&sd=v2_69a5ad37414c6b2d5c4abe3d22c7ff41_0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed_1628062573_1628062573_CNawjgYQgdhPGK3I3YCxLyABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1628062573613&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1628062574212%7D&tim=09%3A36%3A14.212&id=7056&llvl=1&cv=20210803-2-RELEASE&
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062574.223868,VS0,VE68
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 _d_H49-2520508900085629.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 54 KB
54 KB 37ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8289ff006deb71ecbdfdb9140eae27145810eee084b8dc6b7abdcacee86867b1

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118641
edge-cache-tag: 306276251610743200399146818836565422115,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 215
expiration: expiry-date="Sat, 21 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
content-length: 54918
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 21 Jul 2021 12:12:18 GMT
server: nginx
x-timer: S1628062574.236521,VS0,VE1
etag: "fa3713ca3375ac51e4fb9911b42e1ffc"
x-served-by: cache-wdc5573-WDC, cache-dca17781-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
2 KB 50ms
48ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6136b70b6f20152d4197275c44115c84ed6bdd34b4cc55f12746e9932d1fc78

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1430
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062574.236470,VS0,VE27
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _d_AQx-9734770052948901.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 378 KB
379 KB 20ms
18ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e4855ba9b4197fab1834c7f2d6f112fad0e815e488d3fcdd318b41fcf81ea0b1

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3036809
edge-cache-tag: 482797609829693863326244612073413339268,467903737168118102616749492334122969911,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
content-length: 387442
x-request-id: 6f6fcce7dc9a3c1b60172477532fb6b4
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Tue, 29 Jun 2021 07:56:08 GMT
server: cloudinary
x-timer: S1628062574.236749,VS0,VE0
etag: "ad67ee4bf0527fabc6f9cd95239d9f91"
x-served-by: cache-dca17769-DCA, cache-dca17778-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 42487

GET
H2 200 b88f727bcdb3f12597815591d8e84271.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 90 KB
91 KB 38ms
37ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2ba58dd4879f304eb53b55398d33a452ac03f6d4b02f2bf13ff43d7a7503c2d3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1821944
edge-cache-tag: 475764738279907525436029692078971560168,467903737168118102616749492334122969911,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Tue, 27 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
content-length: 92242
x-served-by: cache-dca17778-DCA, cache-dca17775-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Sat, 26 Jun 2021 20:11:26 GMT
server: cloudinary
x-timer: S1628062574.237623,VS0,VE1
etag: "7ccd611d39a879348e2eff890a256190"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9f7f4a3b7988491d30517f3692cbc88d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 81 KB
82 KB 37ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e36a1bd64bf9e55c94a899bce9a01f3cc441d17be0cd526b0873e31f8680b41

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2349209
edge-cache-tag: 402859474325993245848879504541540797692,388120122364841688401930655993729966617,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 288
expiration: expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_450%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
content-length: 83358
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 10 Jun 2021 07:09:33 GMT
server: nginx
x-timer: S1628062574.237590,VS0,VE1
etag: "6aa9a1f81a0ae7f908d479b946227397"
x-served-by: cache-wdc5566-WDC, cache-dca17781-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 dd34d2d9b80d618220ba3a662f69adaf.png
images.taboola.com/taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 37ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd34d2d9b80d618220ba3a662f69adaf.png
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b53db97b2516775b1f94c1af5b7effd9abd3307436362cbcad63859bb88c71b7

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 4275474
edge-cache-tag: 410443980102166552846862047524097195544,630452671806266936403974530451507492522,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 46
expiration: expiry-date="Sat, 26 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_245,w_440,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd34d2d9b80d618220ba3a662f69adaf.png
content-length: 11608
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 26 May 2021 20:47:24 GMT
server: nginx
x-timer: S1628062574.237943,VS0,VE1
etag: "40366654662c0ce2d2d2a4734f3fb83c"
x-served-by: cache-wdc5547-WDC, cache-dca17777-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/ 23 KB
24 KB 37ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48c165c445b9909ba945a057c7aeda24f11144051b2b17cb8ae7ffbc7e5bb9f0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1384578
edge-cache-tag: 356657829545545669179717632909697191236,418213119990820519753380268763636342871,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 46
expiration: expiry-date="Wed, 18 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_245%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
content-length: 23594
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 18 Jul 2021 19:56:43 GMT
server: nginx
x-timer: S1628062574.237933,VS0,VE1
etag: "5fb8ac8034d4e7698060fcba43e6224b"
x-served-by: cache-wdc5564-WDC, cache-dca17723-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 cf590a0fcec8b6c84327312445418146
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/pASDHt4Pwf8DUeGPay7Vtg--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwN... 16 KB
17 KB 109ms
107ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/pASDHt4Pwf8DUeGPay7Vtg--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTUyOC42MTM0Nzc5MjQwODk4/https%3A//s.yimg.com/uu/api/res/1.2/kEQaOUH2qyBcuod_NhOcAQ--~B/aD05Njg7dz0xMjkxO2FwcGlkPXl0YWNoeW9u/https%3A//media.zenfs.com/en/the_independent_635/cf590a0fcec8b6c84327312445418146
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58698d34e1d62d4affffac97e730072424119d778c944178cb0637498cb70af3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1788922
edge-cache-tag: 587221150133850372147141543732444511899,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 162
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/pASDHt4Pwf8DUeGPay7Vtg--/YXBwaWQ9aGlnaGxhbmRlcjt3PTcwNTtoPTUyOC42MTM0Nzc5MjQwODk4/https%3A//s.yimg.com/uu/api/res/1.2/kEQaOUH2qyBcuod_NhOcAQ--~B/aD05Njg7dz0xMjkxO2FwcGlkPXl0YWNoeW9u/https%3A//media.zenfs.com/en/the_independent_635/cf590a0fcec8b6c84327312445418146
content-length: 16594
x-request-id: 2dd8ebe9d81c0a7ff95860ebc428a708
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 30 Jun 2021 16:10:33 GMT
server: nginx
x-timer: S1628062574.275254,VS0,VE88
etag: "a2910cf1fb66a1ba3dca4acf278f576f"
x-served-by: cache-wdc5578-WDC, cache-dca17759-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 mikaela-testa-model.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/ 24 KB
24 KB 107ms
106ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/mikaela-testa-model.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8046fdafed2d2de4bba634e538f6f1282668ce9b1db779a3caa6402347d83503

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3189952
edge-cache-tag: 429010175858360561965722443189002926497,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 150
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/mikaela-testa-model.jpg%3Fquality%3D90%26strip%3Dall
content-length: 24504
x-request-id: 954cbf0a1bf30b55f8aa44746e6fd681
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 23 Jun 2021 20:49:35 GMT
server: nginx
x-timer: S1628062574.280898,VS0,VE87
etag: "9229eab1b679c410a976bb73f43ca128"
x-served-by: cache-wdc5564-WDC, cache-dca17749-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 207edd30-8031-11eb-aede-80139ec42a22
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/xayhztD1dDMtHzYh6Lx9rA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2M... 37 KB
37 KB 308ms
304ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/xayhztD1dDMtHzYh6Lx9rA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTU3Ng--/https%3A//s.yimg.com/os/creatr-uploaded-images/2021-03/207edd30-8031-11eb-aede-80139ec42a22
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09d6b59c82a711ae023b1eb1a03a8db8c3755b31c7b99a3aed16ba341ba8156a

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 283
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 417879503158630428431498650733444120863,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 185
expiration: expiry-date="Tue, 10 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s.yimg.com/ny/api/res/1.2/xayhztD1dDMtHzYh6Lx9rA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTU3Ng--/https%3A//s.yimg.com/os/creatr-uploaded-images/2021-03/207edd30-8031-11eb-aede-80139ec42a22
content-length: 37614
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Sat, 10 Jul 2021 17:15:40 GMT
server: nginx
x-timer: S1628062574.287623,VS0,VE283
etag: "fe26c5b8187a99ebe270e7280f3467db"
x-served-by: cache-wdc5567-WDC, cache-dca17751-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 A-screengrab-from-Paul-Pierces-Instagram-story.-1.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/04/ 26 KB
27 KB 114ms
111ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/04/A-screengrab-from-Paul-Pierces-Instagram-story.-1.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce159cb678358a02920a8c3d9076d285b3dbeb4d3e74aaedf24746c7b1797cd3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 130463
edge-cache-tag: 309038869440478049531760845681814084555,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1306
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/04/A-screengrab-from-Paul-Pierces-Instagram-story.-1.jpg%3Fquality%3D90%26strip%3Dall
content-length: 26756
x-request-id: 53690d41d944877c906674b191d37483
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 11 Jul 2021 01:13:42 GMT
server: nginx
x-timer: S1628062574.287603,VS0,VE89
etag: "c68ba32cb957b1cf9ec9737a8174a5da"
x-served-by: cache-wdc5565-WDC, cache-dca17721-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 osaka.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/11/ 35 KB
36 KB 113ms
112ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/11/osaka.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dee2b21720e71fc13af836ab33d5663bf6dcab1b96daf81e9b4cace84923eb1f

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1564758
edge-cache-tag: 478091137283892434007926794504322568234,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 49
expiration: expiry-date="Tue, 10 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/11/osaka.jpg%3Fquality%3D90%26strip%3Dall
content-length: 35638
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 10 Jul 2021 16:55:59 GMT
server: nginx
x-timer: S1628062574.287594,VS0,VE90
etag: "0da7b7dbd4aee43bd307c2ccfb59722b"
x-served-by: cache-wdc5557-WDC, cache-dca17776-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 madison-lecroy-jlo-arod.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//pagesix.com/wp-content/uploads/sites/3/2021/03/ 49 KB
50 KB 110ms
109ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//pagesix.com/wp-content/uploads/sites/3/2021/03/madison-lecroy-jlo-arod.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 73b2100435c5e94859a3d5dc0f7441fc5a7cb13f10b36da4d8ad26c514143b27

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 227376
edge-cache-tag: 452027414377737049932078981197659707546,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 729
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//pagesix.com/wp-content/uploads/sites/3/2021/03/madison-lecroy-jlo-arod.jpg%3Fquality%3D90%26strip%3Dall
content-length: 50188
x-request-id: 5f32ebe2ad48394c0324650c3cf89e43
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 13 Jul 2021 08:47:37 GMT
server: nginx
x-timer: S1628062574.287522,VS0,VE89
etag: "3691b5039011ce5e626e7d62b59ce1b4"
x-served-by: cache-wdc5570-WDC, cache-dca17726-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Dave-LaMont-Maria-Taylor.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/07/ 25 KB
26 KB 107ms
107ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/07/Dave-LaMont-Maria-Taylor.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0dd0b7b90c80636b608a088d6415e6880f6c548064996c754633ff4b333e4213

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1429162
edge-cache-tag: 385308731492241975320982064416248231888,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 98
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/07/Dave-LaMont-Maria-Taylor.jpg%3Fquality%3D90%26strip%3Dall
content-length: 25766
x-request-id: 50bdf700d9c1a774ab07b72eae282dc8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 23 Jun 2021 16:25:23 GMT
server: nginx
x-timer: S1628062574.383440,VS0,VE88
etag: "b3c7c92d055b659d2a6f7332a9189430"
x-served-by: cache-wdc5535-WDC, cache-dca17780-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 tik-toker-dead-1.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/ 25 KB
25 KB 21ms
21ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/tik-toker-dead-1.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ceca42481e32ce61c7de6689f71acc63ffccf0bd3fd94e782c046b82fccd663

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1690588
edge-cache-tag: 511700976147760550131944155563825877450,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 783
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/tik-toker-dead-1.jpg%3Fquality%3D90%26strip%3Dall
content-length: 25364
x-request-id: b331e475139a62b76e4ee14300e4ec63
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 15 Jul 2021 17:34:03 GMT
server: nginx
x-timer: S1628062574.388744,VS0,VE1
etag: "03b0914a402b7ca3fdd06e2b16c382e6"
x-served-by: cache-wdc5525-WDC, cache-dca17769-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 _d_H49-2520508900085629.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 63 KB
63 KB 21ms
19ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f46d21b9402df73ba20fea8d6b45381b573ce9379d7a812be102f7c73b45b658

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1192502
edge-cache-tag: 306276251610743200399146818836565422115,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 601
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
content-length: 64008
x-request-id: 61d8cc262470cecdc7f91f8ad48f8e1b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 21 Jul 2021 07:03:55 GMT
server: nginx
x-timer: S1628062574.400627,VS0,VE1
etag: "dff333a743aaace7e0df4f315f4107a3"
x-served-by: cache-wdc5530-WDC, cache-dca17739-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9f7f4a3b7988491d30517f3692cbc88d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 92 KB
92 KB 22ms
21ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e3ccd4932598acd7f84254a1fe27e2fbb7d60bcabf0ebf6be7090fd9af2472

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2966847
edge-cache-tag: 402859474325993245848879504541540797692,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 157
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
content-length: 94100
x-request-id: 53efa7679364edc40fba365ce14a0f85
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 16 Jun 2021 08:19:30 GMT
server: nginx
x-timer: S1628062574.400769,VS0,VE1
etag: "9d6ea0c3d407ee7fcb6242076c146316"
x-served-by: cache-wdc5523-WDC, cache-dca17777-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 the-weeknd-nose.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/08/ 14 KB
14 KB 109ms
108ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/08/the-weeknd-nose.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 560d67abdbb184b963c5296987a4daac5aaea05343e90ee8245a5a6436bb03f6

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2291104
edge-cache-tag: 455741283049080071972039364535531089236,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/08/the-weeknd-nose.jpg%3Fquality%3D90%26strip%3Dall
content-length: 13870
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 10 Jun 2021 10:12:52 GMT
server: nginx
x-timer: S1628062574.400737,VS0,VE89
etag: "07d0e414ac50771e893a42d7c8d8f04b"
x-served-by: cache-wdc5566-WDC, cache-dca17748-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 braintree-murder.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/06/ 9 KB
10 KB 114ms
113ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/06/braintree-murder.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 01aa6baefffab04ddbb649e6e9acb7e2b98fa3bd79982fdfceae654d351a52f4

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 775348
edge-cache-tag: 486179764773564305856296591646408796190,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 40
expiration: expiry-date="Wed, 04 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/06/braintree-murder.jpg%3Fquality%3D90%26strip%3Dall
content-length: 9408
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sun, 04 Jul 2021 10:04:26 GMT
server: nginx
x-timer: S1628062574.414669,VS0,VE90
etag: "d8a6732e3b6791b59426583e9a974911"
x-served-by: cache-wdc5556-WDC, cache-dca17748-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 43ms
42ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc9b53e83e74e9dc3980bd55b142ccba8dbc828aab33b842cc46d60b9915540c

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1446
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062574.242274,VS0,VE20
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _d_AQx-9734770052948901.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 372 KB
373 KB 22ms
20ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f238bc75b608d5635b20ec05fb592820aa0a21543cfa25463cca99b0333653b1

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1226798
edge-cache-tag: 482797609829693863326244612073413339268,588162462047810506170673246735458618600,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
content-length: 380777
x-served-by: cache-dca17723-DCA, cache-dca17770-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Wed, 30 Jun 2021 06:09:58 GMT
server: cloudinary
x-timer: S1628062574.423970,VS0,VE1
etag: "78a9a2e5a0ca1e0dc8372aa57a0ea67a"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 b88f727bcdb3f12597815591d8e84271.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 86 KB
87 KB 23ms
22ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4161a7ecc637f58360462937925c0d06c02ede88cc5d9cf72a572053c4cd1b3b

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 507621
edge-cache-tag: 475764738279907525436029692078971560168,588162462047810506170673246735458618600,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 02 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
content-length: 88516
x-served-by: cache-dca17767-DCA, cache-dca17756-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Fri, 02 Jul 2021 16:39:19 GMT
server: cloudinary
x-timer: S1628062574.424034,VS0,VE1
etag: "c7c6d506b9f1a2e5764ab4693c735c92"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 kyrgios.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/ 33 KB
34 KB 108ms
107ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/kyrgios.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5f70f1ad3f2415331fccd92e061914df16b2f446b00cf10db89943fe8a79256

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3054555
edge-cache-tag: 295697819325670673279275914671118810619,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 79
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/02/kyrgios.jpg%3Fquality%3D90%26strip%3Dall
content-length: 33662
x-request-id: c6c24706020ee9fa9668f2a2c6494263
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 19 Jun 2021 11:44:50 GMT
server: nginx
x-timer: S1628062574.450013,VS0,VE88
etag: "8a3ad01da4bba32931ee48c312bdcf70"
x-served-by: cache-wdc5550-WDC, cache-dca17735-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 bmw-gowanus-expressway-brooklyn-crash-HP.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/ 42 KB
43 KB 109ms
109ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/bmw-gowanus-expressway-brooklyn-crash-HP.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7fe56b91acb4c7e4a8de7f4510b1d62644e614c7426ff24955a5e9445db71f38

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2101346
edge-cache-tag: 590420854510565767435419553625832763721,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 88
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2021/03/bmw-gowanus-expressway-brooklyn-crash-HP.jpg%3Fquality%3D90%26strip%3Dall
content-length: 43438
x-request-id: 721940641beeae79f6555cc53acbaaf8
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Tue, 15 Jun 2021 06:27:36 GMT
server: nginx
x-timer: S1628062574.450412,VS0,VE90
etag: "b531c293c1bb077e8e5332f72de64186"
x-served-by: cache-wdc5533-WDC, cache-dca17750-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 204 abtests
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
61 B 90ms
89ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/abtests?route=AM:IL:V&tvi2=3127&lti=deflated&ri=689964b5b94fe3b2853a64d6c6342df9&sd=v2_69a5ad37414c6b2d5c4abe3d22c7ff41_0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed_1628062573_1628062573_CNawjgYQgdhPGK3I3YCxLyABKAEwKziy0A1AvIgQSNiP2gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&pi=/microsoft-signed-a-driver-loaded-with-rootkit-malware&wi=4709542567805584580&pt=text&vi=1628062573613&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1628062574254%7D&tim=09%3A36%3A14.255&id=9924&llvl=1&cv=20210803-2-RELEASE&
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062574.267009,VS0,VE67
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
2 KB 60ms
59ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f98cccaf599407bfa1e644de30e2c6a87c36152be71507f59d52d4b2f61a49

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1429
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062574.270035,VS0,VE41
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _d_AQx-9734770052948901.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 254 KB
255 KB 24ms
22ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ed8189ca934ed108c6e393cfb5a9f36ec7dd0a2911d7dc3b5acbda370827b4d9

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1721343
edge-cache-tag: 482797609829693863326244612073413339268,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_AQx-9734770052948901.gif
content-length: 260302
x-served-by: cache-dca17725-DCA, cache-dca12920-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Wed, 30 Jun 2021 05:16:40 GMT
server: cloudinary
x-timer: S1628062574.494972,VS0,VE1
etag: "7e3855f5e0a1d0b6405a0b9a210c8d81"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 57ms
56ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17b4e69cead2d105f455c32fe04ad1eed7250fbde3342965130209ae6d979b4a

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1429
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062574.271475,VS0,VE38
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 56 KB
56 KB 21ms
21ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 55c98b983bae7eb3bc9a953f36a3a357130e39c8953e5210bf6f88aed35d4e08

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 909924
edge-cache-tag: 502799783262806491759975645567713804953,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 15 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length: 57171
x-served-by: cache-dca17729-DCA, cache-dca17725-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Thu, 15 Jul 2021 19:48:01 GMT
server: cloudinary
x-timer: S1628062575.510567,VS0,VE1
etag: "62a55caa1eeccc90315d56dfe3c38fc1"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9a007e45e7acd474ab89ecc2b0ae33a0.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
62 KB 20ms
20ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a007e45e7acd474ab89ecc2b0ae33a0.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 45c892d8bc0211db910e708ded4dd54c544fb8fe8d329f0b4dab791bb2835299

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 957789
edge-cache-tag: 337105465699718507160110388981550806448,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Tue, 27 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a007e45e7acd474ab89ecc2b0ae33a0.jpg
content-length: 63053
x-served-by: cache-dca17739-DCA, cache-dca17730-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Sat, 26 Jun 2021 05:59:45 GMT
server: cloudinary
x-timer: S1628062575.518303,VS0,VE1
etag: "f88e147d658ba7cc70cdc36c59925097"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 38a957f6-24ea-446d-90db-ba89c0c4f669.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ 67 KB
68 KB 21ms
20ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/38a957f6-24ea-446d-90db-ba89c0c4f669.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 56c084b4e51c3521f90e9e9f47ecca29164868352f1502bb3c0e9752c2d57c30

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 94652
edge-cache-tag: 293642003495860052906233238024576634682,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 26 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/38a957f6-24ea-446d-90db-ba89c0c4f669.jpg
content-length: 68937
x-served-by: cache-dca17776-DCA, cache-dca17729-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Mon, 26 Jul 2021 20:44:25 GMT
server: cloudinary
x-timer: S1628062575.525727,VS0,VE1
etag: "231e396e8cfd549a81a4d7b1801c0a41"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 2cb0f8a140561c1d87c082aa0ad2d605.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 44 KB
45 KB 111ms
111ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb0f8a140561c1d87c082aa0ad2d605.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 38209a2b3d76f06e36716ba6f76448b79cc8c6cdf119ace6aafc30f96966b9a6

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 846442
edge-cache-tag: 496270802465461199215170944989972305148,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 19 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2cb0f8a140561c1d87c082aa0ad2d605.jpg
content-length: 45240
x-served-by: cache-wdc5583-WDC, cache-dca17767-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Mon, 19 Jul 2021 08:11:15 GMT
server: cloudinary
x-timer: S1628062575.532774,VS0,VE91
etag: "ed1b787e4d05827900601da3b35a05ea"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 1215383987__C08WtIyv.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 56 KB
57 KB 192ms
191ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1215383987__C08WtIyv.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a8916df75912de3eaaf1f21079bf19cb65ba5272a2582f82f60c929fd679af0b

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 168
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 443269399992592607886308193476613095660,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Wed, 25 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1215383987__C08WtIyv.jpg
content-length: 57275
x-served-by: cache-dca17770-DCA, cache-dca17758-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Sun, 25 Jul 2021 07:43:20 GMT
server: cloudinary
x-timer: S1628062575.540506,VS0,VE168
etag: "6eb38cd57fb41b7bf57e7d1600e0796a"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 ee11f8d26e6d66cba8ae3ecd0d0fb159.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 43 KB
43 KB 20ms
20ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee11f8d26e6d66cba8ae3ecd0d0fb159.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c64c492715f343976072fc07f10ca418dc7b38690f1804bf4d38dde4f40a0c7c

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 527239
edge-cache-tag: 371119739631993814191781717682391200805,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 12 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee11f8d26e6d66cba8ae3ecd0d0fb159.jpg
content-length: 43658
x-served-by: cache-dca17739-DCA, cache-dca17729-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Mon, 12 Jul 2021 10:23:54 GMT
server: cloudinary
x-timer: S1628062575.547089,VS0,VE1
etag: "d605e38a6963147016bd1bc729ca68d9"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 d5461876320a060ad857ddb6c6574c72.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
55 KB 1130ms
1129ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5461876320a060ad857ddb6c6574c72.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3f30cdec592dc4881cd922ed34ed68085777c9411fadfa2632067281d16a2ad4

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1110
date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 494445165673893869478633143473676661418,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5461876320a060ad857ddb6c6574c72.jpg
content-length: 55885
x-request-id: 8b298c93ee8a7f8d6590cacc6b78da31
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Thu, 22 Jul 2021 02:58:01 GMT
server: cloudinary
x-timer: S1628062575.557735,VS0,VE1110
etag: "dd98134686a6fb2b23cd217270a4f71a"
x-served-by: cache-dca17754-DCA, cache-dca17732-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 5a07b726-6637-469d-83da-0f3a2a2788bd.png
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//rrdpm.com/content/ 59 KB
60 KB 22ms
22ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//rrdpm.com/content/5a07b726-6637-469d-83da-0f3a2a2788bd.png
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fd246902f209a1b71130d2aa15ea851adaac85f61db845f50dc61c37ce3f81c3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 896385
edge-cache-tag: 563328830587305130614584926593390490902,561118827561388220103478491527485042930,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 01 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//rrdpm.com/content/5a07b726-6637-469d-83da-0f3a2a2788bd.png
content-length: 60537
x-served-by: cache-dca17746-DCA, cache-dca17722-DCA, cache-fra19133-FRA
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified: Thu, 01 Jul 2021 07:42:24 GMT
server: cloudinary
x-timer: S1628062575.560266,VS0,VE1
etag: "44a2bc47fdf7c90580c5470f8b47dda1"
vary: ImageFormat
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 _d_H49-2520508900085629.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 59 KB
60 KB 22ms
22ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 23044756cf4f841512b4c9c6e90407621500a89b4f35f98ddd841961fa057e9c

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1192582
edge-cache-tag: 306276251610743200399146818836565422115,296976295446780505124068076499017006972,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 83
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
content-length: 60860
x-request-id: e238eae13c034be082d90465cc9a9665
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Wed, 21 Jul 2021 07:03:55 GMT
server: nginx
x-timer: S1628062575.568337,VS0,VE1
etag: "503c3145bb0fdc5c1083e4b20b974ecf"
x-served-by: cache-wdc5563-WDC, cache-dca17766-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9f7f4a3b7988491d30517f3692cbc88d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 25ms
25ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 79116bee20a3dea9566942082bc1e87bd62bac5ee64e90e49e0815ea42834c2f

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3466816
edge-cache-tag: 402859474325993245848879504541540797692,296976295446780505124068076499017006972,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 107
expiration: expiry-date="Wed, 30 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
content-length: 89436
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Sun, 30 May 2021 10:53:24 GMT
server: nginx
x-timer: S1628062575.583471,VS0,VE1
etag: "f57fffb21c8001f7adc6e7cc6b2812fd"
x-served-by: cache-wdc5577-WDC, cache-dca17761-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 b88f727bcdb3f12597815591d8e84271.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 89 KB
90 KB 26ms
24ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3e2d7d074df543218ed3bab6eebc97f0a4672fd0b990328e4763b5817859324

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3949409
edge-cache-tag: 475764738279907525436029692078971560168,296976295446780505124068076499017006972,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 100
expiration: expiry-date="Wed, 30 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b88f727bcdb3f12597815591d8e84271.jpg
content-length: 91058
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Sun, 30 May 2021 08:17:09 GMT
server: nginx
x-timer: S1628062575.595461,VS0,VE1
etag: "47421c2cf0813f2a74656db21664924d"
x-served-by: cache-wdc5548-WDC, cache-dca12925-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 dd34d2d9b80d618220ba3a662f69adaf.png
images.taboola.com/taboola/image/fetch/h_500,w_900,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 24ms
23ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_500,w_900,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd34d2d9b80d618220ba3a662f69adaf.png
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b835d3db599a303e622f04a74ad6f76ff08de3a51668831d4454c5f3830ec6b6

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 4754309
edge-cache-tag: 410443980102166552846862047524097195544,537393078090080507586094300552749628068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 156
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_500,w_900,c_fill,g_xy_center,x_320,y_276/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd34d2d9b80d618220ba3a662f69adaf.png
content-length: 29846
x-request-id: 8f69a3020a09b4210e6fb40c9cb618df
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 12 May 2021 12:11:58 GMT
server: nginx
x-timer: S1628062575.595457,VS0,VE1
etag: "6d34da052b12663e12d707f6ab1b3bf0"
x-served-by: cache-wdc5544-WDC, cache-dca17766-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/ 64 KB
65 KB 22ms
21ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8780b7242ce1b0108df255735b6fc7aae1d54fa62798b40819bd23c960d3c5e5

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2581353
edge-cache-tag: 356657829545545669179717632909697191236,296976295446780505124068076499017006972,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 192
expiration: expiry-date="Fri, 16 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_500%2Cw_900%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ojasf.com/content/a5adda3c-a8cc-4432-8945-4ac12aa85f1f.jpeg
content-length: 65486
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 15 Jun 2021 11:19:35 GMT
server: nginx
x-timer: S1628062575.611279,VS0,VE1
etag: "c209967d68b68765f11a97a9ccaeb32d"
x-served-by: cache-wdc5522-WDC, cache-dca17726-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 next-up-widget.20210803-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 21ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20210803-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/reportdoor-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 423471bafe1b160da885c334fd3b2326baa6ac07c97082d1519cc7cc4da6d1b3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GhsqP_fvIsYNQG7K62i5QbWy_9FhjYo.
content-encoding: gzip
etag: "62e907e3dac43cbfa6a223b92b044642"
age: 107
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4414
x-amz-id-2: fvpF4by+1BL2QcfwhMeJXfmDVEHINXTXxbmJNeQK/kX2hmwFiI+LGTY2uQ1frpmvUbnKFFDR7dk=
x-served-by: cache-fra19133-FRA
last-modified: Tue, 03 Aug 2021 10:36:54 GMT
server: AmazonS3
x-timer: S1628062574.287537,VS0,VE0
date: Wed, 04 Aug 2021 07:36:14 GMT
vary: Accept-Encoding
x-amz-request-id: 65V3ZHBKNHSHJ0NJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 88
x-cache-hits: 32

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 21ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age: 3207206
x-amz-meta-mtime: 1580720676
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-fra19133-FRA
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1628062574.356456,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
x-cache-hits: 854777

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.8/ 96 KB
28 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront), 1.1 varnish
age: 769306
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28132
x-served-by: cache-fra19133-FRA
last-modified: Mon, 26 Jul 2021 09:53:28 GMT
server: AmazonS3
x-timer: S1628062574.357181,VS0,VE0
etag: "e8d2f43df8d5011ca2de7e55d7bcb3f8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZxadBrSkd87SRI9xwghYSc9r-jUi9_mHxrB5tYJiAgXB8vFjcIz8oQ==
x-cache-hits: 121280

GET
H2 200 css
fonts.googleapis.com/ Frame 6968 3 KB
694 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3069572125&adf=2653041513&pi=t.ma~as.2385331166&w=1200&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573352&bpp=4&bdt=197&idt=315&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHUSpG97Jr&p=https%3A//www.reportdoor.com&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 07:14:50 GMT
server: ESF
date: Wed, 04 Aug 2021 07:36:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Aug 2021 07:36:14 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6968 1 KB
937 B 36ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:28:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame 6968 18 KB
8 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:34:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6968 2 KB
1 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:30:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6968 124 KB
37 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Wed, 04 Aug 2021 07:36:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame 6968 14 KB
6 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:35:08 GMT

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame 6968 26 KB
11 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 06:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Nov 2021 06:50:38 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6968 26 KB
26 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRXu7NKzjp78JppyXrNBnb5G2J8i1SvrIY6LTr1RUsOBBEZpqTCWIL5HLfqKg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7a01de8614325fd8c9c0ae5a0b7e61f3b3fa088ec0ef908f2a773390ada134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:25:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 22 Feb 2020 14:04:04 GMT
server: sffe
age: 69050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26495
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:25:24 GMT

GET
H3-29

200

12292211746583241485
tpc.googlesyndication.com/simgad/ Frame 6968
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E
https://tpc.googlesyndication.com/simgad/12292211746583241485

30 KB
30 KB

22ms
7ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12292211746583241485

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 05:26:07 GMT
x-content-type-options: nosniff
age: 94207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30912
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 23:08:24 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:26:07 GMT

Redirect headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 12:53:58 GMT
x-content-type-options: nosniff
server: cafe
age: 67336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12292211746583241485
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:53:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6968 0
0 31ms
31ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq5P2bUMKYZiVKpXt3wPMoITICb_3qdBj1a_i8-8M8Lu0mPsZEAEg7YL5MWCVAqABuf--7APIAQapAhb9vDt96rM-qAMByAMCqgSxAU_QE8lYj7n1VuB51HBsGftCauH-I9wuq_TESYczYdBROTFOG3VsGM4tg2eI6RPxkvG1OwmMGiXDMkkNHOwDHLk1AwuMJpva5JwlMIEdL4qqtVwtLQHy3CvxfDHk5n53QOw3iR4RDcWZAkftRxEanYzQ0fdYh4UN36YPFr9zEPhOZG5GhpKe2X2k64XoOyL34AWQzeVFol-yKLFuOti5l0Mw9ZMmSiw7L4taZButYa5UTsAE3Mue0f4CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_qyhxaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEL_PBNIICQiA4YAQEAEYH4AKAcgLAdgTC4gUAdAVAYAXAbIXGgoYCAASFHB1Yi0zNTExNDQzNzk5NDA3NDk5&sigh=1GglsKLmU5E&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3069572125&adf=2653041513&pi=t.ma~as.2385331166&w=1200&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573352&bpp=4&bdt=197&idt=315&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KHUSpG97Jr&p=https%3A//www.reportdoor.com&dtd=320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 Aug 2021 07:36:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Aug 2021 07:36:14 GMT

GET
H2 200 joselyn-cano-2.jpg%3Fquality%3D90%26strip%3Dall
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/12/ 5 KB
5 KB 38ms
22ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/12/joselyn-cano-2.jpg%3Fquality%3D90%26strip%3Dall
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 37aefe1f81e60b122c99eb7eee7ec71376bb02acc262c4301b7b655ce2f742fd

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2383905
edge-cache-tag: 356970782679251290556247382081738149444,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 27
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//nypost.com/wp-content/uploads/sites/2/2020/12/joselyn-cano-2.jpg%3Fquality%3D90%26strip%3Dall
content-length: 4868
x-request-id: 5403c1309716e7da202a8b3a67bfb2c9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 27 Jun 2021 22:21:54 GMT
server: nginx
x-timer: S1628062575.637412,VS0,VE1
etag: "89ce20d2a9a5fc8eb74d5f9a41ac39bf"
x-served-by: cache-wdc5547-WDC, cache-dca17741-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 _d_H49-2520508900085629.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 8 KB
9 KB 27ms
21ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e47a1d9faa3db1a3b53641c28e95c0360dffd84b793492e6b3e5a6518bdecbf5

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1130094
edge-cache-tag: 306276251610743200399146818836565422115,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 358
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_H49-2520508900085629.jpeg
content-length: 8170
x-request-id: eca17418b760659312b4a1f7aa457cdb
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Wed, 21 Jul 2021 07:03:55 GMT
server: nginx
x-timer: S1628062575.637450,VS0,VE1
etag: "7a5534bda8015926618a240fa3c3e92a"
x-served-by: cache-wdc5525-WDC, cache-dca12929-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9f7f4a3b7988491d30517f3692cbc88d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 24ms
22ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd5134f255e073308685f19ca0d177be68008bf2bcac5755981c31d46a9cd12b

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1898675
edge-cache-tag: 402859474325993245848879504541540797692,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9f7f4a3b7988491d30517f3692cbc88d.jpg
content-length: 6236
x-request-id: 01961309f19eeb5d92c37d001bcc407f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 16 Jun 2021 08:19:30 GMT
server: nginx
x-timer: S1628062575.637588,VS0,VE1
etag: "67d7e617c31f6ab39aa3a00b0d1c5e23"
x-served-by: cache-wdc5523-WDC, cache-dca17744-DCA, cache-fra19133-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 53D9 0
86 B 30ms
27ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2542BAB204867835231019512686&cicmp=1337627&cijs=1&dast=V7POgCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHG7IaTSYMCmUwGs52w81qMtktV8vhcjVYTsFgC5_T3d2GDTSdDp_rXq_7_e6Sl-FvOZ38fstd43f75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAfDMUSAOz8vsDwCAhwIQAAABDBIAgcTCEgCHu8UTAACAgzqZp22W_____xiAvPcmGQCKtI0bgx6ABx-AByEAAICLIVL4JftlxOx2ogLLIkYAAAAAW4SI7UeTOqGyqPr___-3ArgCAAjYg7gwc826OSlmDQMAAAAYW6CHxe83O-wav9tl__________9m_2cAaEI-R65pQPLhSGo8I9cKa7-AAABs7wYA8CYAF3MAdgAAAAB3_____3kAAABXe5Rsr9V49ijrfQZb-Jzu7vpN2GK0mkw2y-FsuZgMhqPhaLQ_AVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0RBlaWyXJkG65VE-dkLRqMDGvlardySzyz3cRmMc4cg5Fb9PqYjoPNxrgyWfFgPi7nvnbho0Mu5orNZK7YzOaSzW6VAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=2542BAB204867835231019512686&cicmp=1337627&cijs=1&dast=V7POgCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHG7IaTSYMCmUwGs52w81qMtktV8vhcjVYTsFgC5_T3d2GDTSdDp_rXq_7_e6Sl-FvOZ38fstd43f75QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAfDMUSAOz8vsDwCAhwIQAAABDBIAgcTCEgCHu8UTAACAgzqZp22W_____xiAvPcmGQCKtI0bgx6ABx-AByEAAICLIVL4JftlxOx2ogLLIkYAAAAAW4SI7UeTOqGyqPr___-3ArgCAAjYg7gwc826OSlmDQMAAAAYW6CHxe83O-wav9tl__________9m_2cAaEI-R65pQPLhSGo8I9cKa7-AAABs7wYA8CYAF3MAdgAAAAB3_____3kAAABXe5Rsr9V49ijrfQZb-Jzu7vpN2GK0mkw2y-FsuZgMhqPhaLQ_AVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0RBlaWyXJkG65VE-dkLRqMDGvlardySzyz3cRmMc4cg5Fb9PqYjoPNxrgyWfFgPi7nvnbho0Mu5orNZK7YzOaSzW6VAAAAAAAAAACWMGXeBAAAAOA0iNlsstutuPFmzwSxVqtlDQAAAMCtGzk!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628062574.466782,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
132 KB 21ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
age: 2272444
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697428
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135037
x-amz-id-2: 5ZEK05RyjWXa97qptTPBSENaZ0pc6jcL83hmVOcr2fb6bBsVEaYB8SNmG5+2XhxOHKu5gLWx8+c=
x-served-by: cache-fra19133-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:50 GMT
server: AmazonS3-br
x-timer: S1628062574.466763,VS0,VE0
etag: "37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: Z5B1SHCEPKEDXX46
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 1690

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
7 KB 23ms
21ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
age: 2274016
x-amz-meta-mtime: 1605697226
x-cache: HIT
x-amz-meta-ctime: 1605697397
x-amz-meta-mode: 33188
content-encoding: br
content-length: 6493
x-amz-id-2: 2yWZZvT6gWp6l0uX9pHoFWIk2Hv8VbMXoRsq99K3IClzKkG/QKZ3jaeaCwqUOso5plrCYiz2g4g=
x-served-by: cache-fra19133-FRA
accept-ranges: bytes
last-modified: Wed, 18 Nov 2020 11:03:19 GMT
server: AmazonS3-br
x-timer: S1628062574.467631,VS0,VE0
etag: "083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 7VRTW61VG1AQ808K
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 135674

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9203 0
92 B 56ms
56ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=96C917904F4862019021193592451&cicmp=1337627&cijs=1&dast=V7IdsCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHDnbMBe75WA0Iw1nk8FiOVjslsPVbjFZLqZgsIXP6e5uwwaaTofPda_X_X53ycvwt5xOfr_lrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wB45igQh-dl9gcAwEMBCACAAAYJgEBiYQmAw93iCQAAwEGdzNM2y____38MQN57kwwARdrGjUEPwIMPwIMQAADAxdAYPdgaKAKWJlGBaREjAAAAgC1CxPajSZ1QWVT9____WwFcAQAE7EFcmL1m3ZwUs4YBAAAAjC3Qw-L3mx12jd_tsv________9_s_8zADQhnyPXNCD5cCQ1npFrhbVfQAAAtncDAHgTgIs5ADsAAACAu_____88AACAgT1KttdqPHuU9T6DLXxOd3f9JmwxWk0mm-VwtlxMBsPRcDTanwAuBzgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCAMry2Q5sg3XqolzshYNRoa1crVbuSWe2W5isxhnjsHILXp9TMfBZmNcmax4MB-Xc1-78NEhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGsRsNtntVtx4s2eCWKvVsgYAAADg1o0c!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=96C917904F4862019021193592451&cicmp=1337627&cijs=1&dast=V7IdsCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHDnbMBe75WA0Iw1nk8FiOVjslsPVbjFZLqZgsIXP6e5uwwaaTofPda_X_X53ycvwt5xOfr_lrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wB45igQh-dl9gcAwEMBCACAAAYJgEBiYQmAw93iCQAAwEGdzNM2y____38MQN57kwwARdrGjUEPwIMPwIMQAADAxdAYPdgaKAKWJlGBaREjAAAAgC1CxPajSZ1QWVT9____WwFcAQAE7EFcmL1m3ZwUs4YBAAAAjC3Qw-L3mx12jd_tsv________9_s_8zADQhnyPXNCD5cCQ1npFrhbVfQAAAtncDAHgTgIs5ADsAAACAu_____88AACAgT1KttdqPHuU9T6DLXxOd3f9JmwxWk0mm-VwtlxMBsPRcDTanwAuBzgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCAMry2Q5sg3XqolzshYNRoa1crVbuSWe2W5isxhnjsHILXp9TMfBZmNcmax4MB-Xc1-78NEhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGsRsNtntVtx4s2eCWKvVsgYAAADg1o0c!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628062574.468174,VS0,VE36
content-length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame DEB6 0
76 B 28ms
27ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=43D8F5CFBF4870830801508635524&cicmp=1337627&cijs=1&dast=V7PnwCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsFsuJsvhZLZaLQZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJIF00MCe_ptZKooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQMQeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=43D8F5CFBF4870830801508635524&cicmp=1337627&cijs=1&dast=V7PnwCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsFsuJsvhZLZaLQZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJIF00MCe_ptZKooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQMQeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628062574.470364,VS0,VE9
content-length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5559 0
53 B 29ms
29ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=43D8F5CFBF487083078277129292&cicmp=1337627&cijs=1&dast=V7IAMCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsNstZoPFZjAajnZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJoor_iD76GXIGooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQNIeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=43D8F5CFBF487083078277129292&cicmp=1337627&cijs=1&dast=V7IAMCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBugHHbQZEWesDY1CIw13g-FmsNstZoPFZjAajnZTMNjC53R3t2EDTafD57rX636_u-Rl-FtOJ7_fctf43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAPHMUiMPzMvsDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GJoor_iD76GXIGooLKIEQAAAMAWIWL70aROqCyq_v___60ArgAAAvYgLsy4s25OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCakM-RaxqQfDiSGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAQNIeJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SBlWWyHNmGa9XEOVmLBiPDWrnardwSz2w3sVmMM8dg5Ba9PqbjYLMxrkxWPJiPy7mvXfjokIu5YjOZKzazuWSzWyUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
accept-ranges: bytes
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628062574.473246,VS0,VE10
content-length: 0

GET
DATA 200
OK truncated
/ Frame 6968 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae64fc98ebab12295dc7dd8b33666b63c99cd3b89c6533236ec7cbd8ada6fb48

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 437F 188 KB
55 KB 42ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 437F 13 KB
5 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 437F 87 KB
27 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 437F 71 KB
16 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 437F 4 KB
2 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 437F 40 KB
13 KB 73ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 437F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a17db0b7dbc6ced3ac80bdf65c60cdcfceaef76b868c1c2c058bbaa4b363138f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5586
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 4 KB
4 KB 8ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:40:22 GMT
x-content-type-options: nosniff
age: 100552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4464
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:40:22 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 419 B
444 B 9ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/puls.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 10:38:00 GMT
x-content-type-options: nosniff
age: 75494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 10:38:00 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 6 KB
6 KB 10ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/preisButt.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:27:22 GMT
x-content-type-options: nosniff
age: 68932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6154
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:27:22 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 938 B
963 B 13ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ll.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 938
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 929 B
954 B 16ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/CTA.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:40:22 GMT
x-content-type-options: nosniff
age: 100552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 929
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:40:22 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 437F 3 KB
3 KB 13ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/DBx.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 437F 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 57701
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 04 Aug 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 437F 295 B
319 B 15ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 68321
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 04 Aug 2021 12:37:33 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 437F 43 B
1 KB 101ms
29ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586361&cb=1749550050

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 04 Aug 2021 07:36:14 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 04 Aug 2021 07:36:14 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 437F 0
17 B 33ms
31ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9ZUXbUMKYcPfK8Gk3gPu0rrYD_yRochjlrmpxuwNjq7dh44OEAEg7YL5MWCVAqABi67A5APIAQmpAhb9vDt96rM-qAMByAMIqgS3AU_Q5mYQVI7FGOHsPHS_s6MPCgstkqq8zAuhqMK75Ia50RAwCENsCH2ZTm-5ALfp0nnhMBiq5_oYg1-1fsofqTWNUnJzkXTzSsSv6zUvUQojUImPsw-w4AOmbDIX-AicJdX1N26k6HBke5deKVbbfSZb-YBrgnRfUYLBjnkMb0wrK_QNxYgPN8PK0m5gILcAPsv4ZTOAZpVrz09X8uztap7cPUpd8kpzt_eYY9YMb8mpg1rUiIVhosAEjM_I06wDkgUECAQYAZIFBAgFGASgBi6AB93RvxuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQsaEE0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=uDujdo5XAN0&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 Aug 2021 07:36:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 3A82 188 KB
54 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 3A82 13 KB
5 KB 54ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 3A82 87 KB
27 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 3A82 71 KB
16 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 3A82 4 KB
2 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 3A82 40 KB
13 KB 47ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A82 2 KB
2 KB 15ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 57701
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 04 Aug 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A82 295 B
319 B 16ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 68321
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 04 Aug 2021 12:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 3A82 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef8c5324f7c78825eb539071eaaf674a4ab671ae1db6cc71cda8986b3505bd12

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 5 KB
5 KB 18ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5586
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 4 KB
4 KB 17ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/txt2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:40:22 GMT
x-content-type-options: nosniff
age: 100552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4464
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:40:22 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 419 B
444 B 18ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/puls.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 10:38:00 GMT
x-content-type-options: nosniff
age: 75494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 10:38:00 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 6 KB
6 KB 17ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/preisButt.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:27:22 GMT
x-content-type-options: nosniff
age: 68932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6154
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:27:22 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 938 B
963 B 16ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ll.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 938
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 929 B
954 B 15ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/CTA.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:40:22 GMT
x-content-type-options: nosniff
age: 100552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 929
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:40:22 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/8242159491242305743/images/ Frame 3A82 3 KB
3 KB 14ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/8242159491242305743/images/DBx.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:10:06 GMT
x-content-type-options: nosniff
age: 66368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:33:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:10:06 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3A82 43 B
1 KB 96ms
27ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586361&cb=1831423264

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 04 Aug 2021 07:36:14 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 04 Aug 2021 07:36:14 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A82 0
17 B 42ms
37ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVhTnbUMKYbXtKoKk3wOdo5CIC_yRochjlrmpxuwNjq7dh44OEAEg7YL5MWCVAqABi67A5APIAQmpAqq3xi-z67M-qAMByAMIqgS3AU_Q2tqY_yWaQ1XsoNwtAHYHx743MnPfMJiNbkrQKnQbkmAD3C77Qxs4wtXM599-3CSP_kXWzmq1Ltf7650b_kHzwz6o_8xcUN33l83RdowXO7RJaO8Hq35h6MpYavgbYjpbDdRBY0DMc2RDRp3fzQyrrruxm4v7u-TGkDamd6_WMIm2AvWescD5PIAj_dQR_OxfQiNCM43vBwbJe_nU3I7ULyBuwXZSPKF_K9x1sFGxrZhcPUkUT8AEjM_I06wDkgUECAQYAZIFBAgFGASgBi6AB93RvxuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQy_YF0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=zPgu_Wnzd_E&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 Aug 2021 07:36:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 6968 20 KB
21 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:42 GMT
x-content-type-options: nosniff
age: 54332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:42 GMT

GET
H3-29 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 6968 21 KB
21 KB 19ms
6ms Font
font/woff2 2a00:1450:4001:800::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:42:10 GMT
x-content-type-options: nosniff
age: 71644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 11:42:10 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age: 4015735
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-fra19133-FRA
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1628062575.800584,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits: 3714774

GET
H2 200 st Show response
imprammp.taboola.com/ Frame C86F 551 B
470 B 51ms
51ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=undefined&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4F93D37AFB35607496125490671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bdf6385e3aaf4e3e39c19c295184a08af7b05af2bfc23b572dabdc91d67a25ff

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=undefined&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4F93D37AFB35607496125490671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19133-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1628062575.938854,VS0,VE32
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 9901 551 B
637 B 75ms
24ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: bdf6385e3aaf4e3e39c19c295184a08af7b05af2bfc23b572dabdc91d67a25ff

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
date: Wed, 04 Aug 2021 07:36:14 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3403

GET
H2 200 wf-generator.js Show response
vidstat.taboola.com/wf-generator/1.1.5/ 13 KB
6 KB 19ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/wf-generator/1.1.5/wf-generator.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:14 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age: 858533
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 5504
x-served-by: cache-fra19133-FRA
last-modified: Mon, 14 Jun 2021 10:33:18 GMT
server: AmazonS3
x-timer: S1628062575.941853,VS0,VE0
etag: "0db1e60d5975c9daae20996e2dcf2ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gbjnjPqPmiUVAhfhyLPytGgVcJHyh8FSjMrHZ6w4TelMroDzBySn1A==
x-cache-hits: 984854

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 86ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=31589837&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1628062572635.2!ts:1628062574930&mntl=1
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
content-length: 0
server: nginx

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/ Frame 74F4 252 KB
134 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc51061b71ab3d525adedd10b1710da58d6447be8c6085974662b8287ed71c2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16472413395395139628/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 31 Jul 2021 13:26:00 GMT
expires: Sun, 31 Jul 2022 13:26:00 GMT
last-modified: Wed, 21 Apr 2021 00:19:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 137432
age: 324615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F670 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSys7bUMKYfbqLYjm3wPXsoCIDqHr5Yhk3PSJqI8Nqb_ChIobEAEg7YL5MWCVAqAB9NrMmQPIAQmpAhb9vDt96rM-qAMByANIqgS9AU_Q9FZ7rWQoQacwT5_h7TIdNz2FLfaAtFkC7U9vxHGNoZt-M-mmovrv32YMbWINHVnlgPObETYkUt3R7EQcE-W2AtPtKwMYiPpkkLjHIk_l97hdplxGpcMN0bKxUNs7h_taQmp0nans-Kan9cSwS-3gufjTz91JEIX7RXor7ZvEVdtGIu3IM4iEqrAdkdygOsNEjb6aoAqRE0izlOZmQJ-hUTXQUmYI3G-KSuhf45DhlVA0TzBJ3rG9e2VkksAE_f6_iIkDkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ_YAO0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshcaChgIABIUcHViLTM1MTE0NDM3OTk0MDc0OTk&sigh=k0zQds8jCHU&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 Aug 2021 07:36:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/ Frame F670 18 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7610
x-xss-protection: 0
server: cafe
etag: 7847795998687576317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:34:29 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F670 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:30:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F670 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Wed, 04 Aug 2021 07:36:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/ Frame F670 14 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210729/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 07:35:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F670 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVt4AL0Y_eDnlg1PCLPGhEyG8KU30fyaLQ7N2dULZPL7y0ircaXvhCKPT4X6sEXXB2hkKoQe0X1VhxAM1Y9IbIvgVsRg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107240354000/ 20 KB
7 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 138571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26bfa3b7da51af82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A82 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 57702
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 04 Aug 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A82 295 B
321 B 6ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 68322
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 04 Aug 2021 12:37:33 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 437F 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 57702
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 04 Aug 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 437F 295 B
321 B 6ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 68322
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 04 Aug 2021 12:37:33 GMT

GET
BLOB 206
Partial Content e56bf5cd-5264-4ddc-a743-d5c8b26c866a
https://www.reportdoor.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reportdoor.com/e56bf5cd-5264-4ddc-a743-d5c8b26c866a
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 47ea03b0-6ad7-4a8c-8503-d82bd0e5241e
https://www.reportdoor.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reportdoor.com/47ea03b0-6ad7-4a8c-8503-d82bd0e5241e
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 ju2hrauyooa2zumcvgqo.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ 41 KB
41 KB 23ms
21ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ju2hrauyooa2zumcvgqo.mp4
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af13ee36182642c9e1b992b519ab990f4918615b0142fd3c59bb74b0c2926386

Request headers

Referer: https://www.reportdoor.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: pnxt_Db1lddDHt4OpJsGWPAig_QQ4llG
via: 1.1 varnish
etag: "fffd53845ec613dc0c5fdb97a79cf5f7"
age: 13
x-cache: HIT
Content-Range: bytes 0-41490/41491
x-amz-replication-status: COMPLETED
Content-Length: 41491
x-amz-id-2: Uonu8zl06MbF2mQq+wV88IogQEYlqQkOvycDAwiXj2W4AQRkvZ3ciwYxmvoyAMxobgGisB0LOyM=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 07 Jul 2021 09:18:02 GMT
server: AmazonS3
x-timer: S1628062575.280459,VS0,VE1
date: Wed, 04 Aug 2021 07:36:15 GMT
x-amz-request-id: Q2KSDBS7C4HD7VRH
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 88
x-cache-hits: 0

GET
H2 206 l51irnyvicbqyw000tlf.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/ 964 KB
965 KB 25ms
24ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/l51irnyvicbqyw000tlf.mp4
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6721b2c203ce1ccd325a286fddcd1d9825857f79f9529dd47fbe58649efe1c0

Request headers

Referer: https://www.reportdoor.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: k735iVgT8zcJHqILZLBsMsb_ifRwNBdS
via: 1.1 varnish
etag: "2358cd8e2dda81cfdd44bd51e65422aa"
age: 7
x-cache: HIT
Content-Range: bytes 0-987124/987125
x-amz-replication-status: COMPLETED
Content-Length: 987125
x-amz-id-2: kCR63kCcxax4byfTRbL20u65F/l9bmmvHzHDilJtmEVKWZnm7tNeN9l3fO3GFC5IWawrcRAUmig=
x-served-by: cache-fra19133-FRA
last-modified: Mon, 17 May 2021 21:31:45 GMT
server: AmazonS3
x-timer: S1628062575.283420,VS0,VE1
date: Wed, 04 Aug 2021 07:36:15 GMT
x-amz-request-id: XGQ1EF4483D9TYVA
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 88
x-cache-hits: 0

GET
H2 206 ju2hrauyooa2zumcvgqo.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ 41 KB
41 KB 102ms
102ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ju2hrauyooa2zumcvgqo.mp4
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af13ee36182642c9e1b992b519ab990f4918615b0142fd3c59bb74b0c2926386

Request headers

Referer: https://www.reportdoor.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: pnxt_Db1lddDHt4OpJsGWPAig_QQ4llG
via: 1.1 varnish
etag: "fffd53845ec613dc0c5fdb97a79cf5f7"
age: 13
x-cache: HIT
Content-Range: bytes 0-41490/41491
x-amz-replication-status: COMPLETED
Content-Length: 41491
x-amz-id-2: Uonu8zl06MbF2mQq+wV88IogQEYlqQkOvycDAwiXj2W4AQRkvZ3ciwYxmvoyAMxobgGisB0LOyM=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 07 Jul 2021 09:18:02 GMT
server: AmazonS3
x-timer: S1628062575.284505,VS0,VE1
date: Wed, 04 Aug 2021 07:36:15 GMT
x-amz-request-id: Q2KSDBS7C4HD7VRH
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 88
x-cache-hits: 0

GET
H2 206 ju2hrauyooa2zumcvgqo.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ 41 KB
41 KB 99ms
99ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1625649471/ju2hrauyooa2zumcvgqo.mp4
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af13ee36182642c9e1b992b519ab990f4918615b0142fd3c59bb74b0c2926386

Request headers

Referer: https://www.reportdoor.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: pnxt_Db1lddDHt4OpJsGWPAig_QQ4llG
via: 1.1 varnish
etag: "fffd53845ec613dc0c5fdb97a79cf5f7"
age: 13
x-cache: HIT
Content-Range: bytes 0-41490/41491
x-amz-replication-status: COMPLETED
Content-Length: 41491
x-amz-id-2: Uonu8zl06MbF2mQq+wV88IogQEYlqQkOvycDAwiXj2W4AQRkvZ3ciwYxmvoyAMxobgGisB0LOyM=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 07 Jul 2021 09:18:02 GMT
server: AmazonS3
x-timer: S1628062575.289948,VS0,VE1
date: Wed, 04 Aug 2021 07:36:15 GMT
x-amz-request-id: Q2KSDBS7C4HD7VRH
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 88
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
334 B 155ms
154ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/bulk?tvi2=3127&route=AM%3AIL%3AV&lti=deflated&bulkSize=13
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 116
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062575.313872,VS0,VE116
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.reportdoor.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 13 KB
8 KB 134ms
132ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1628062575293&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1252&pt=-1485521368&tz=120&viewable=true&ddast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/wf-generator/1.1.5/wf-generator.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8996ff16783696362ac9f00355e3d634201580cf018aa57b4f6f60461173d98

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1457
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062575.346907,VS0,VE68
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://ad.360yield.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ad.360yield.com>; rel=preconnect,<https://ad.360yield.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27B9 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAuUg758JhNiAz-rbkHlRUW5prfH1PnXEEi61bJIwAlT_HCyy0w5reEKQ0nUA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 04 Aug 2021 07:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F670 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39c8d21f15dac2029961625b7644e06beb7977658659e35e500899337cb6b466

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C86F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

0
254 B

86ms
86ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=undefined&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4F93D37AFB35607496125490671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.770873,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C86F
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a659908c-f4f6-11eb-879b-156973b60106&orig=video&us_privacy=1---gdpr=0&

0
255 B

26ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a659908c-f4f6-11eb-879b-156973b60106&orig=video&us_privacy=1---gdpr=0&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66442115&crid=5999075&dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&cmcv=&pix=undefined&cb=1628062574930&uv=2999&tms=1628062574930&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vD!ul95750-994_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4F93D37AFB35607496125490671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Wed, 04 Aug 2021 07:36:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12349

Redirect headers

Date: Wed, 04 Aug 2021 07:36:15 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a659908c-f4f6-11eb-879b-156973b60106&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 17
Connection: keep-alive
Content-Length: 0

GET

bum
ums.acuityplatform.com/ Frame C86F
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://ums.acuityplatform.com/bum?tpid=29&uid=1e339cb9-c67a-460a-a28b-33957033efbf&bidswitch_ssp_id=taboola

0
0

POST
H2 204 visible Show response
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
132 B 98ms
97ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/visible?tvi2=3127&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 72
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062575.402364,VS0,VE72
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.reportdoor.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame F670 0
20 B 55ms
41ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbVhdvtlvICFQjzdwodVxkA4Q&gqi=bUMKYbucLceWgQeQ8o_IDg&layout=/sadbundle/%24csp%253Der3%24/16472413395395139628/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
721 B 20ms
19ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 28716
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1628062575.423578,VS0,VE0
date: Wed, 04 Aug 2021 07:36:15 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 88
x-cache-hits: 9825

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9901
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

0
56 B

87ms
86ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.770855,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9901
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&

0
256 B

25ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Wed, 04 Aug 2021 07:36:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12349

Redirect headers

Date: Wed, 04 Aug 2021 07:36:15 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 28
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9901
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=040a9c9c-409a-407a-9394-adf23edeb88a&ssp=taboola&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

0
255 B

24ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12365

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
date: Wed, 04 Aug 2021 07:36:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 74F4 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 74F4 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16472413395395139628/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Aug 2021 12:37:33 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/29_9_9/infra/ 728 KB
121 KB 57ms
17ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_9_9/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f0338eecc8908d0999384acb0942c42c5124734e3e720e4238a2975aaf472810

Request headers

Origin: https://www.reportdoor.com
Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
age: 340163
x-amz-meta-mtime: 1627722325
x-cache: HIT
x-amz-meta-ctime: 1627722326
x-amz-meta-mode: 33188
content-encoding: br
content-length: 123006
x-amz-id-2: 09bCgfcxwIR2LYa9MnH3Jwq+ZJW3E/8G+2VJOxz1IkYoxlACv3t9Lbl/QXJbjzf8yyBDxEthXOE=
x-served-by: cache-fra19165-FRA
accept-ranges: bytes
last-modified: Sat, 31 Jul 2021 09:05:27 GMT
server: AmazonS3-br
x-timer: S1628062576.516443,VS0,VE0
etag: "69c01e733cac104310502ac783a72eef"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 7APNR7SF41GT1J65
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 183154

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_9_9/assets/css/ 60 KB
8 KB 22ms
21ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_9_9/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
age: 340163
x-amz-meta-mtime: 1627722344
x-cache: HIT
x-amz-meta-ctime: 1627722345
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7972
x-amz-id-2: DnYvug4I/OUvqZN4lFFe7PWb/Kf1nPG/m8BrQ96o/2PDSmpPsu6Hp/GDyV1gbD9lBV1vabeKoZI=
x-served-by: cache-fra19133-FRA
accept-ranges: bytes
last-modified: Sat, 31 Jul 2021 09:05:46 GMT
server: AmazonS3-br
x-timer: S1628062575.479248,VS0,VE0
etag: "ce1087477d9ed75a60ebb531908eb622"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: F8QGJHDSPTQTFZRM
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 253948

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cef87f050e4bcb239ba55f306073a122767e0e9183cef65b324352674ef381f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 74F4 843 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f0c88ed1f811308a51a043c12b8208f7dca3f30cccebb701f7b623bf8980f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccf362270f55814120b056e10ad90c85288a54f8aacb297641a23d412e0423e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 32 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e4108ed045249eeec3ffd0b0520922f0b46eaf1d5a54db1bf9dc549ff7dc80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00f24d35adc5a60b6457d6b9ccd31e654cf3f8f8c76b4cc668be2a46834d1fce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6f6facd55ab986290b7cdd3aa2a8acfcc6f7edf53bf37689cf51f33dc54bcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74F4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=2343743570&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573358&bpp=2&bdt=202&idt=371&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=sRYx3YXQMq&p=https%3A//www.reportdoor.com&dtd=375

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAuUg758JhNiAz-rbkHlRUW5prfH1PnXEEi61bJIwAlT_HCyy0w5reEKQ0nUA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 04 Aug 2021 07:36:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 04-Aug-2021 08:36:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 07:36:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 04 Aug 2021 07:36:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 22ms
21ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_9/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 varnish
age: 2585987
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-fra19133-FRA
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1628062576.713175,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 66yyU3j4fvwR2pWghuTSRe4J90AY-n2Za3iK1pdjZQmlD5ieLGYAOA==
x-cache-hits: 927350

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 19ms
18ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_9/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront), 1.1 varnish
age: 1748697
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-fra19133-FRA
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1628062576.716218,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: NwTi62GILtiOKVcZVCVe6w3zPd3VwYvdVppQs49EBTM5ao_pyhU2uw==
x-cache-hits: 1758948

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/ 554 KB
114 KB 20ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_9/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7ee4512b06c999e9a14bbd4c30cbab69cce38c5a5f0f375e590514faeaba519b

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
via: 1.1 varnish
age: 81266
x-amz-meta-mtime: 1627981246
x-cache: HIT
x-amz-meta-ctime: 1627981260
x-amz-meta-mode: 33188
content-encoding: br
content-length: 115949
x-amz-id-2: BpnaOy6HVBiCXhu/pIkvvqFK1QVGpUlGLQIqBNV686akt2kBGqWjj/SnCSc4bxCQhgXvifzWfsc=
x-served-by: cache-fra19133-FRA
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 09:01:01 GMT
server: AmazonS3-br
x-timer: S1628062576.737824,VS0,VE0
etag: "ea377fcdaec15f4fe70ed2e44e499bde"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: SVA8T0EZVEAH1C8D
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 35219

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 872A 551 B
636 B 26ms
25ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_9_9/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: bdf6385e3aaf4e3e39c19c295184a08af7b05af2bfc23b572dabdc91d67a25ff

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

server: nginx
date: Wed, 04 Aug 2021 07:36:15 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 74F4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 15:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 15:39:39 GMT

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
444 B 141ms
94ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444496&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506802001,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK getmu Show response
ioms.bfmio.com/ 49 B
628 B 475ms
148ms XHR
application/xml 52.5.116.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.reportdoor.com&i_type=out&stream=out&playback=2&cb=R0.1628062575980&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.116.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-116-95.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.reportdoor.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
445 B 120ms
79ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444495&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506802001,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
443 B 137ms
99ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444494&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506802001,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 872A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

0
197 B

88ms
88ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.066529,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 872A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&

0
255 B

25ms
24ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15399

Redirect headers

Date: Wed, 04 Aug 2021 07:36:16 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a65fca7d-f4f6-11eb-b3d6-107c10e90506&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 872A
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=GlLpmCuAT6xJ0YB0Ls_Co1uEiO0&user_group=1&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

0
256 B

24ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25583

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
date: Wed, 04 Aug 2021 07:36:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6968 42 B
64 B 30ms
28ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgHro8NniJyH9L_R5jvOjESnmj_-1uLF0p65cVzqd9Qdym8fPvXKg4d0HBJVt1gTnd8yh-xM7ksVB0LtAbHbspofoVa3aUM-VkzepMLXujfSIEin1ddwBVBJDl1Q&sai=AMfl-YRP-XHHRd5DDBB3zEGAYG5NehWv1OJeGCKR9_fkw2bEH5aBOKqT2jQQwPYdOkk1vgg9FY2icm1Y3uE3&sig=Cg0ArKJSzPwQMJQUdxA0EAE&id=lidar2&mcvt=1080&p=0,200,280,1400&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3069572125&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628062573675&dlt=595&rpt=42&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 35E4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRX6F7JW-15-52FG

0
55 B

102ms
102ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRX6F7JW-15-52FG
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 80
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.145609,VS0,VE80
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19133-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRX6F7JW-15-52FG
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 35E4
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=baQut2GLnLzq&ev=1&orig=trc&pid=562107

0
247 B

24ms
24ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=baQut2GLnLzq&ev=1&orig=trc&pid=562107
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21558

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=baQut2GLnLzq&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-g89tn
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 35E4 43 B
679 B 93ms
29ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Aug 2021 07:36:16 GMT
X-Proxy-Origin: 91.132.136.237; 91.132.136.237; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3d0941fb-f5d0-4e43-86cc-95fa328f2ac0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 35E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIeLCm6UOZ8bmmSVh3m88fc&google_cver=1

0
56 B

86ms
86ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIeLCm6UOZ8bmmSVh3m88fc&google_cver=1
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.137447,VS0,VE67
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIeLCm6UOZ8bmmSVh3m88fc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 35E4 42 B
546 B 81ms
24ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed:$UID
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:15 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 35E4
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed

170 B
523 B

39ms
27ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
tbl-x-upstream: 10.41.10.199:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15399

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 35E4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2

0
60 B

88ms
87ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 69
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.102883,VS0,VE69
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c7ee6a6a-9a66-43b0-a373-a12c2c8635f2
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 35E4
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

29ms
29ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Aug 2021 07:36:16 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Aug 2021 07:36:16 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 35E4 49 B
729 B 297ms
97ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-84459f4bbf-95pzl
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 35E4 43 B
697 B 106ms
33ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:15 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 35E4 0
59 B 99ms
17ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:16 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 35E4
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=46865104-5658-43a6-86d7-a7480248d3a1

0
256 B

23ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=46865104-5658-43a6-86d7-a7480248d3a1
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15113

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Wed, 04 Aug 2021 07:36:15 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=46865104-5658-43a6-86d7-a7480248d3a1
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1980
content-type: text/html; charset=utf-8
content-length: 222
expires: Wed, 04 Aug 2021 00:00:00 GMT

GET
H/1.1

200

4.gif
id5-sync.com/c/464/101/4/ Frame 35E4
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOzE9DEEVfg-dy91oph7KUcb_FPwnauLOqMsLhCA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://id5-sync.com/cq/464/124/6/2.gif?puid=77071126-2126-4620-a0a4-7edbca0dd1d8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=afa3f2a607bf54e84f9cf0a4ea54e1d1&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=db8e8496-3f0f-4aaa-86cc-f6d4f3e53084&gdpr=1&gdpr_consent=

43 B
1 KB

23ms
22ms

Image
image/gif

54.36.109.22
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/464/101/4/4.gif?puid=db8e8496-3f0f-4aaa-86cc-f6d4f3e53084&gdpr=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.22 , France, ASN16276 (OVH, FR),

Reverse DNS

p09.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 07:36:02 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/464/101/4/4.gif?puid=db8e8496-3f0f-4aaa-86cc-f6d4f3e53084&gdpr=1&gdpr_consent=
Date: Wed, 04 Aug 2021 07:36:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 35E4
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=vVZLkVw2Ar2tHWa-cEMKYQ

0
247 B

24ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=vVZLkVw2Ar2tHWa-cEMKYQ
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23923

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=vVZLkVw2Ar2tHWa-cEMKYQ
date: Wed, 04 Aug 2021 07:36:16 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 35E4 35 B
380 B 440ms
112ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Wed, 04 Aug 2021 07:35:27 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 35E4
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=6002850776573017902&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf

0
255 B

23ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17283

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=1e339cb9-c67a-460a-a28b-33957033efbf
date: Wed, 04 Aug 2021 07:36:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 35E4
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e&tbid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&query=taboola_hm%3D9f0548ee-2059-...

0
58 B

29ms
27ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e&tbid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&query=taboola_hm%3D9f0548ee-2059-4869-aa18-2f80b50f249e&isDirect=0
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062576.301762,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19133-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9f0548ee-2059-4869-aa18-2f80b50f249e&tbid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&query=taboola_hm%3D9f0548ee-2059-4869-aa18-2f80b50f249e&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18386

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 35E4
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=

43 B
180 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&gdpr=0&gdpr_consent=
date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 35E4
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f3e5f535-fe4d-52d8-8286-5f83e38c1cf3

0
255 B

23ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f3e5f535-fe4d-52d8-8286-5f83e38c1cf3
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21679

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f3e5f535-fe4d-52d8-8286-5f83e38c1cf3
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 35E4 43 B
540 B 335ms
111ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 35E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=EY100SXYQYigq4Td4rK9Pg&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&ui=EY100SXYQYigq4Td4rK9Pg

0
114 B

23ms
23ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&ui=EY100SXYQYigq4Td4rK9Pg
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Wed, 04 Aug 2021 07:36:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18451

Redirect headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&ui=EY100SXYQYigq4Td4rK9Pg
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 35E4
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

21ms
21ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.reportdoor.com
URL: https://www.reportdoor.com/microsoft-signed-a-driver-loaded-with-rootkit-malware/?utm_campaign=microsoft-signed-a-driver-loaded-with-rootkit-malware&utm_medium=rss&_hsmi=136668604&_hsenc=p2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg&utm_source=rss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 04 Aug 2021 07:36:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 20ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 182
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19133-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1628062576.066332,VS0,VE0
date: Wed, 04 Aug 2021 07:36:16 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 88
x-cache-hits: 1744

GET
H2 200 / Show response
pips.taboola.com/ 4 B
124 B 19ms
16ms XHR
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:16 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19165-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.reportdoor.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 285ms
95ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=0e229d68-5b92-40d0-957e-b367bfb8f10d-tuct803c8ed
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 04 Aug 2021 07:36:16 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3A82 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNeePP7IfGbTf7VrSuh-u5Ks0UDkauBx8L7Bgoc-pGronoUA7xzhRTCPcMUVk7BGBfhFi5tOlRuxZHMwF1PLcpDYuJktaofL9f4n_GbKg0oPcMiAxyt0YMOzfJUQ&sai=AMfl-YQQCTHywimJ2rtnS8tlkNAlJ0yitb1cD6QgauVpb3QW6ugQMVrHzT7LfKcnbac3vbu_RuzA3mrrzWdt&sig=Cg0ArKJSzGmtU6UTXjw2EAE&id=ampim&o=240,712&d=740,191&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,0,1005,1005&tos=0,0,0,1005,0&tfs=425&tls=1430&g=100&h=100&tt=1431&r=v&avms=ampa&adk=1053253302

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 37ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210729&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

241868f5dda18f7282997c8f2b1cebd250e3cb1d6b9eaec3a74164bc30391241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Aug 2021 07:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8592
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 07:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 04 Aug 2021 07:36:18 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3AC1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 04 Aug 2021 05:18:54 GMT
expires: Thu, 04 Aug 2022 05:18:54 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 725B 783 B
813 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b77626530add207cca90ad9307b1420db042b603bc019215fa48046852a2e010

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-581BUp0kt3JlgOuA0g7k2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reportdoor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.reportdoor.com/

Response headers

expires: Wed, 04 Aug 2021 07:36:18 GMT
date: Wed, 04 Aug 2021 07:36:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-581BUp0kt3JlgOuA0g7k2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AC1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 15:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 15:39:39 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 13 KB
7 KB 2072ms
2072ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5999075&noaop=5&sortOrderType=0&cb=1628062578196&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1252&pt=-1900279078&tz=120&viewable=true&ddast=V7AfoCFgM1fs4yK9jlAgQ1fs4yK9jlAgUAAAAGBvQHGzRjbkac3YJG4axmg91oOVtMVqPlYLZbDIGDZszNiLNb0Cic1WywGy1Xk8FgsxgsF4PlFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43RKHpdPhc93rd73eXvAx_y-nk91vuGr_br3Z6LH_P32Z6a54-u8vkVrhFlqftZXmL_Q6Ty-TWPU1Ht-TvN32dprfaYfY9LC-_HAAAAAAeALYSxyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAASOK81AJ45CsTheZn9AQDwUAACACCAQQJgoBxWAkCS3X4CAAAAAAAAAMDy____HzNQPz0oM4AvvNkD8OAD8EBUoFjECAAAAGCLELH9aFInVBZVAAAE6VYAVwAAAXsQF2aZYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcjnyDUNSD4cSe0XEABg7RcQAIBN3QAA3gTggo6gFYPB6gJidgAAAAB3_____3ogtly4FibPbrQYbWwTy8i1MS0sLs_IMtn4ZjbTYnsSl_NbV00TJ30hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwsDKMlmObMO1auKcrEWDkWGtXO1WbolntpvYLMaZYzByi14f03Gw2RhXJisezMfl3NcuXBQMsNqL4CKdSF6Gv-V08vstb8nL8LecTn6_5SKWaE4W6UR22deWC9fC5NmNFqONbWIZuTamhcXlGVkmG9_MZlrsCyvLZDmyDdeqiXOyFg1GhrVytVu5JZ7ZbmKzGGeOwcgten1Mx8FmY1yZ_I3ZZDiYTVa7zb4xmwwHs8lqt9l36Azf1eds9ExGQ4_LWXKWHeKZ-aBwGSzel_p0HhaMBe3Jc3TqTENlZ2f0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdyBaumW222iw3zolpuXIZh4uZw-YaLGyulWk1Gk7EEqXpIp3o1U6P5e_520xvzdNnd5ncCrfI8rS9LG-x32Fymdy6p-nolvz9pq_T9FY7zL6H5WVR_9EhF3PFZjJXbGZzyWa3SgAAAAAAAAAAS5gybwIAAABwGtBoNZislgswwR6gCwwCAAAAAACwG7SFOgAmSkBc3PhxhbwMf8vp5Pdb3pKX4W85nfx-y5UBJtb_mTd7Joi1Wi1rAAAAAWwAAIAAbt28BYRTcg!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2415085&dpubid=445025&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!nrlc_vB!scec9_vB!smbs!t45!ufm_vG!ul95750-994_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.reportdoor.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 447d34d3ccdd578718f73b917af966d99c54b99326571293c945efdd09ab3ab5

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 04 Aug 2021 07:36:20 GMT
content-encoding: gzip
access-control-allow-origin: https://www.reportdoor.com
machineid: 1475
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19133-FRA
pragma: no-cache
server: nginx
x-timer: S1628062580.171838,VS0,VE85
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://ad.360yield.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ad.360yield.com>; rel=preconnect,<https://ad.360yield.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210729&jk=3685785568762492&bg=!7e6l7qrNAAals0SOpbM7ACkAdvg8WmL1je_kZJG8_gbFRIKhAoqqHZTONdLzy6abYxPy64nfhu7dcwIAAABuUgAAAAxoAQcKACNlD9UDmDSfq7kdRzdPwsWHX21D5vdHbHK9jdTNMyqQT0pfA5kChu4fzSDg9dimE9P5_JfvxXaHmwBmzq2HGOLejdBZcYgExJkKNgVWuOJrIxfW5jR72WEgLvD0Mnx_p8LiVvXSCdsBmDJCcrqNFPoI940PA76fCR_OIwRPVaLRYmAMvf08ER-fDeeu_2QuQgTcnjIuNsEOuly7dg0yDrY26HZj34OwXGFXteM_R6pzCpNBulVOuB5Zl6Furxg86CAeGNcCQnCKlf2vQXREtlG-a7DbfFI3PEuzsNqoIVwdLmqomjfJzptMeBG_sp7xwl4FR1AR8GS8wVMOL65uS8MCefkaI7anGxs7jKEWnw5ojPoIF0bWeUFWUGDyNtR1COgts8bSVsS6m6940DWUu6hXWUFHJG-6mT0RnYXkeFXHM7I861TBmfeIecd9I8MafAjqFl6wv3b5MX6rmyweh8rMnuP6Eu2HgVc38Uy9nzD-gv0LmMH5SFe6w5hq7qV_yObsmuRv-DjJC_2Mma7S7fge8yxgjYmeuc1sbwXa6640rgEROi6a8Mf9ZsqC8EDuu97W2BxSnZ2wEQWADI635i3x0FjvMF0NbFueTqqkCdPGQtX1VtxY2fL6s0Rku-EDvsnxIWPx1BDUV67-uZSlkqt1V4Q2hz5Woyl2cSLYh8oQ2PDGDeGgv0yVnqKGuS8WRGwtOOk5WOe9Z6T0OGL4hvLZ5LodqYnHqgcvXltS3QaQ8wq6Uyrqp8gKDqG9lC843R5-sWkMmmfZVLCNmY7YXhg-yFZxAlIMYJxdP3yUr2JS7U0lBEQ7Nq7aO3AD5a_lIRywlb0gz1lxEVYJC4qRCsFlT1SfXQHeYbJ0EjLduD09dYqcsf5YYLBu2OC7hon4b-mw4zn9fqMn3i0xFIA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 07:36:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
443 B 72ms
71ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444496&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506801970,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:20 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK getmu Show response
ioms.bfmio.com/ 49 B
628 B 162ms
162ms XHR
application/xml 52.5.116.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.116.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-116-95.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.reportdoor.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
444 B 84ms
83ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444495&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506801970,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:20 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 advast Show response
ad.360yield.com/ 27 B
444 B 91ms
91ms XHR
application/xml 18.192.92.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/advast?p=22444494&w=4&h=3&player_width=700&player_height=393&referrer=https%3A%2F%2Fwww.reportdoor.com&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!taboola.com,1305601,1,-1506801970,reportdoor-reportdoor,reportdoor.com&us_privacy=1---&minduration=1&maxduration=60
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:20 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
123 B 140ms
76ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.5.2/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reportdoor.com
date: Wed, 04 Aug 2021 07:36:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 204 visible Show response
trc.taboola.com/reportdoor-reportdoor/log/3/ 0
325 B 88ms
88ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/reportdoor-reportdoor/log/3/visible?tvi2=3127&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210803-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reportdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 69
pragma: no-cache
date: Wed, 04 Aug 2021 07:36:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1628062581.124549,VS0,VE69
x-served-by: cache-fra19133-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.reportdoor.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/bum?tpid=29&uid=1e339cb9-c67a-460a-a28b-33957033efbf&bidswitch_ssp_id=taboola

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.taboola.com/	1970-01-20 04:59:58	Name: t_gid Value: 5bbd3697-c665-46f8-bc6b-1c0e73393f5c-tuct803c8f0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VX7T9Q85WqZFN90smMnKhZwsW5SJqyG4tkXxXN4vJDMk3hkBZV1-WJV7CgDjQW8qVK4N9bphhYVSJ-jd6TQMFyN8NkBcyYY8LyW8gH1Nt92GxTZW5BwBDR4Zy__GN1YPb73FFXtVW1F5q9n6G-zgtW4LWjHL4GkP0ZW5BWl123Gbr2PW1cx-fv2rk3T3VSq7pZ2F3d59W9bYjlR15QVqFW3zmRFY8CD0PQW558v1t18t_PNW15cc3p339mC1W4sY-Ns4q04t-W26hbPl7_w2M2W19Hqsq5NTdnjW6103JV3FfRQ_N8lkxHGzcJmZVqf2GF2GszSPW4lNXM89535nhW7YgXL12cmCRnW4hFhMB4LyG0TW35n9tL6Z7bJrW6rTn4w4mF0b1W3zwQ3_7bxrVTW2S1kn32VmMlXV8nXMx46qp6CW8nlhz48Rld4r33LM1(Line 13) Message: toS
console-api	log	URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js(Line 51) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js(Line 48) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-footer-97be1685.min.js:3:6000) at e (https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js:48:30005) at t (https://www.reportdoor.com/wp-content/cache/wpo-minify/1627972230/assets/wpo-minify-header-b5121f49.min.js:48:30307) undefined
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=3692112606&adf=1741948306&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573357&bpp=1&bdt=201&idt=331&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C740x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=RUzqI8IQ9i&p=https%3A//www.reportdoor.com&dtd=334
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3511443799407499&output=html&h=280&slotname=2385331166&adk=1053253302&adf=732024954&pi=t.ma~as.2385331166&w=740&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=740x280&url=https%3A%2F%2Fwww.reportdoor.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628062573356&bpp=1&bdt=200&idt=324&shv=r20210729&mjsv=m202108030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7694661818887&frm=20&pv=1&ga_vid=2117701773.1628062573&ga_sid=1628062574&ga_hid=369319700&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065&oid=3&pvsid=3685785568762492&loc=https%3A%2F%2Fwww.reportdoor.com%2Fmicrosoft-signed-a-driver-loaded-with-rootkit-malware%2F%3Futm_campaign%3Dmicrosoft-signed-a-driver-loaded-with-rootkit-malware%26utm_medium%3Drss%26_hsmi%3D136668604%26_hsenc%3Dp2ANqtz-8bA7myFFiJPkWJx4dTuXsQo1CpXDiZIiTZlye4rk_bhEbhz_LcI5JDfkbY65MeXV_4FcEzXNwjJS1qUhtrl--iMtuiGg%26utm_source%3Drss&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xep00S6JP2&p=https%3A//www.reportdoor.com&dtd=328

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad.360yield.com
ads.betweendigital.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
bh.contextweb.com
bttrack.com
c1.adform.net
c3.taboola.com
cdn.ampproject.org
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
go.recordedfuture.com
googleads.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
jadserve.postrelease.com
m.exactag.com
match.adsrvr.org
match.taboola.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.rubiconproject.com
platform.twitter.com
prod.perf-serving.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
simage2.pubmatic.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ums.acuityplatform.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reportdoor.com
x.bidswitch.net
ums.acuityplatform.com
104.244.42.8
13.248.242.197
13.248.245.213
141.226.224.32
141.226.228.48
142.250.184.226
142.250.186.130
151.101.13.44
172.105.221.240
178.250.0.163
18.156.12.32
18.192.92.12
18.195.155.181
18.209.200.15
185.33.221.89
185.64.189.110
185.86.139.115
185.94.180.126
188.42.191.196
192.132.33.46
198.148.27.140
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:6702
2606:4700:3037::ac43:81eb
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
3.120.83.159
3.127.166.11
3.68.146.68
34.205.3.24
34.98.64.218
37.157.2.235
52.30.14.23
52.5.116.95
54.36.109.22
69.173.144.139
72.251.249.13
85.14.248.72
00f24d35adc5a60b6457d6b9ccd31e654cf3f8f8c76b4cc668be2a46834d1fce
01aa6baefffab04ddbb649e6e9acb7e2b98fa3bd79982fdfceae654d351a52f4
052e445a28a4a628f123a12cfdd035a3c80661acd551e7b6f3b3681075cc6886
06e4108ed045249eeec3ffd0b0520922f0b46eaf1d5a54db1bf9dc549ff7dc80
06f27befa33fd5f7b6285871a89689dfb77dcdd92881232525c18c82b903db4f
09d6b59c82a711ae023b1eb1a03a8db8c3755b31c7b99a3aed16ba341ba8156a
09dae33c582394eed951c555509767c9a6dd115bf0fa4c59904eab718508e360
0b7a01de8614325fd8c9c0ae5a0b7e61f3b3fa088ec0ef908f2a773390ada134
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd0b7b90c80636b608a088d6415e6880f6c548064996c754633ff4b333e4213
1030c106ca0d76cb60b95088556dcb63a23a429a81c7d6036be1f15e18afa3d0
11d4d3ec878fc7b8a6ca2fb899d27ee232204e1325d1929db6baec1b96928cf8
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
17b4e69cead2d105f455c32fe04ad1eed7250fbde3342965130209ae6d979b4a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184e961f51954d246c0e6e607fda285fe428720a49045b52549918b983c916f2
1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68
1ceca42481e32ce61c7de6689f71acc63ffccf0bd3fd94e782c046b82fccd663
1eb4ba8b4438a9e307afa195311ce88638a3deae2da3cae568c4b4cb449365a0
21e3ccd4932598acd7f84254a1fe27e2fbb7d60bcabf0ebf6be7090fd9af2472
23044756cf4f841512b4c9c6e90407621500a89b4f35f98ddd841961fa057e9c
241868f5dda18f7282997c8f2b1cebd250e3cb1d6b9eaec3a74164bc30391241
253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17
2855c78c7e00bb2ecdf746ccdfea8c6b86f156ff83b49605b3a5b5fb44469def
2ba58dd4879f304eb53b55398d33a452ac03f6d4b02f2bf13ff43d7a7503c2d3
2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec
2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37aefe1f81e60b122c99eb7eee7ec71376bb02acc262c4301b7b655ce2f742fd
38209a2b3d76f06e36716ba6f76448b79cc8c6cdf119ace6aafc30f96966b9a6
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39c8d21f15dac2029961625b7644e06beb7977658659e35e500899337cb6b466
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3f30cdec592dc4881cd922ed34ed68085777c9411fadfa2632067281d16a2ad4
3fc45c831851a43a0c4c5c21796c5ca8f1bfeedc4212abebfe8cd4eeffd1912b
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
4161a7ecc637f58360462937925c0d06c02ede88cc5d9cf72a572053c4cd1b3b
423471bafe1b160da885c334fd3b2326baa6ac07c97082d1519cc7cc4da6d1b3
447d34d3ccdd578718f73b917af966d99c54b99326571293c945efdd09ab3ab5
45c892d8bc0211db910e708ded4dd54c544fb8fe8d329f0b4dab791bb2835299
469ddba95516d00cddad0bb531e6e3aab469b07f5c0aecc23eda06435497c2de
46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48c165c445b9909ba945a057c7aeda24f11144051b2b17cb8ae7ffbc7e5bb9f0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36a1bd64bf9e55c94a899bce9a01f3cc441d17be0cd526b0873e31f8680b41
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55c98b983bae7eb3bc9a953f36a3a357130e39c8953e5210bf6f88aed35d4e08
560d67abdbb184b963c5296987a4daac5aaea05343e90ee8245a5a6436bb03f6
56babb93f023829eec7a98b8446e92791279a5dc7242ae225487d74735c99ff0
56c084b4e51c3521f90e9e9f47ecca29164868352f1502bb3c0e9752c2d57c30
58698d34e1d62d4affffac97e730072424119d778c944178cb0637498cb70af3
58b8a32d181748d31121e45093ebd4fba95dd814e50e28a42756559dbc0a3951
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
5bbc26192d559ed6abfb9b0bfd88369d9a5ee210d4f3aea66508bfb19a00e76e
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
63e3365993c921267712645f738f77e722ef82460c8c47a6fcf84393c18e9f0a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cef87f050e4bcb239ba55f306073a122767e0e9183cef65b324352674ef381f
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
71f98cccaf599407bfa1e644de30e2c6a87c36152be71507f59d52d4b2f61a49
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73b2100435c5e94859a3d5dc0f7441fc5a7cb13f10b36da4d8ad26c514143b27
753c4e05884969ca23009416092cc44c0b87c98f57c07f59cc433f06b5eb3f50
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
79116bee20a3dea9566942082bc1e87bd62bac5ee64e90e49e0815ea42834c2f
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7ee4512b06c999e9a14bbd4c30cbab69cce38c5a5f0f375e590514faeaba519b
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe56b91acb4c7e4a8de7f4510b1d62644e614c7426ff24955a5e9445db71f38
801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd
8046fdafed2d2de4bba634e538f6f1282668ce9b1db779a3caa6402347d83503
81f406d74e7e0d7846477adddb217af2f30bd4c52878d91ca3cb162a73053f38
8243110d46b6e00133bc81f626801e1aaa8f1785a987bd155a58bc7e222d5d44
8289ff006deb71ecbdfdb9140eae27145810eee084b8dc6b7abdcacee86867b1
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
832c9a073f07d51902b8950869b2075b28381e8bac00770b5985802049d0b573
8780b7242ce1b0108df255735b6fc7aae1d54fa62798b40819bd23c960d3c5e5
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7a0fbeb9c70574bb39981f4b9c7ca26fd3491ae914fd0e8af4f246bf386a5d
8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8ef1ed69f675387b64ca365d659c14c972a3b593199552c020017cc9e6ceacfe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68
95cea824273b78af76b89580323d9f00dda48a7bd8a42a91f73cb1b98609cda1
9d68e8430c568e3f199c836930323b9e6a08348740eac27fb58079b7e327b90c
9e2604c6dd17e24abb1fb6cc89b3ca24d6acc9a4ea33587198839686692aa4c1
9fc51061b71ab3d525adedd10b1710da58d6447be8c6085974662b8287ed71c2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17db0b7dbc6ced3ac80bdf65c60cdcfceaef76b868c1c2c058bbaa4b363138f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6136b70b6f20152d4197275c44115c84ed6bdd34b4cc55f12746e9932d1fc78
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a8916df75912de3eaaf1f21079bf19cb65ba5272a2582f82f60c929fd679af0b
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ae64fc98ebab12295dc7dd8b33666b63c99cd3b89c6533236ec7cbd8ada6fb48
aec202090e02ce87cf6606102b3a412c7efc69393b38af8ce2dddb0b026ede47
af13ee36182642c9e1b992b519ab990f4918615b0142fd3c59bb74b0c2926386
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2afd92347cfa3b2e08f77e6204975c5edee29fec7a12a8c7eea0aa40ad8383b
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b34ae8bfda88f1dfb002a68bcf9a6bad17ead96bd1d2fe310900461a979f6971
b53db97b2516775b1f94c1af5b7effd9abd3307436362cbcad63859bb88c71b7
b5f70f1ad3f2415331fccd92e061914df16b2f446b00cf10db89943fe8a79256
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b6f6facd55ab986290b7cdd3aa2a8acfcc6f7edf53bf37689cf51f33dc54bcec
b77626530add207cca90ad9307b1420db042b603bc019215fa48046852a2e010
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b835d3db599a303e622f04a74ad6f76ff08de3a51668831d4454c5f3830ec6b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3
bd5134f255e073308685f19ca0d177be68008bf2bcac5755981c31d46a9cd12b
bdf6385e3aaf4e3e39c19c295184a08af7b05af2bfc23b572dabdc91d67a25ff
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c64c492715f343976072fc07f10ca418dc7b38690f1804bf4d38dde4f40a0c7c
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de
c961b8fdc7dca2dc983386c8ea16b4cea72b3e8706f8698ddf4d994548d6630d
cae4d3f5648800847dab3ac2c4d664356e91679561028920f4d5193570b747a9
cc9b53e83e74e9dc3980bd55b142ccba8dbc828aab33b842cc46d60b9915540c
ccf362270f55814120b056e10ad90c85288a54f8aacb297641a23d412e0423e5
ce159cb678358a02920a8c3d9076d285b3dbeb4d3e74aaedf24746c7b1797cd3
cf8cdd751acce1bad23949fa34c00877424de0ac0615754ae3b70d8a7b92d980
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3e2d7d074df543218ed3bab6eebc97f0a4672fd0b990328e4763b5817859324
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7128d719b3a2f9e8af3322732d746d02f3f892ee4adc56ed1729a1b20d1c544
d8996ff16783696362ac9f00355e3d634201580cf018aa57b4f6f60461173d98
db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080
dee2b21720e71fc13af836ab33d5663bf6dcab1b96daf81e9b4cace84923eb1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a1d9faa3db1a3b53641c28e95c0360dffd84b793492e6b3e5a6518bdecbf5
e4855ba9b4197fab1834c7f2d6f112fad0e815e488d3fcdd318b41fcf81ea0b1
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b
e8f0c88ed1f811308a51a043c12b8208f7dca3f30cccebb701f7b623bf8980f6
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ed8189ca934ed108c6e393cfb5a9f36ec7dd0a2911d7dc3b5acbda370827b4d9
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8c5324f7c78825eb539071eaaf674a4ab671ae1db6cc71cda8986b3505bd12
f0338eecc8908d0999384acb0942c42c5124734e3e720e4238a2975aaf472810
f238bc75b608d5635b20ec05fb592820aa0a21543cfa25463cca99b0333653b1
f46d21b9402df73ba20fea8d6b45381b573ce9379d7a812be102f7c73b45b658
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f6721b2c203ce1ccd325a286fddcd1d9825857f79f9529dd47fbe58649efe1c0
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd246902f209a1b71130d2aa15ea851adaac85f61db845f50dc61c37ce3f81c3
fd8e30a73d6b002eccc6c1cc72950b0a0e6cabb8a9d6134abbdcfa2f82c685b6
fece3d85eb5481c6574ef49fbd5103e294df2b1be72175458b77353c5b8a5c69

www.reportdoor.com Open in urlscan Pro 2606:4700:3037::ac43:81eb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

99 %HTTPS

34 %IPv6

43 Domains

64 Subdomains

38 IPs

9 Countries

5711 kBTransfer

10889 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.reportdoor.com Open in urlscan Pro
2606:4700:3037::ac43:81eb Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

99 %
HTTPS

34 %
IPv6

43
Domains

64
Subdomains

38
IPs

9
Countries

5711 kB
Transfer

10889 kB
Size

1
Cookies

232 HTTP transactions
20 data transactions