Submitted URL: http://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Effective URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Submission: On July 26 via api from DE — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 57 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ec8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.welivesecurity.com. The Cisco Umbrella rank of the primary domain is 380578.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 19th 2024. Valid for: a year.
This is the only time www.welivesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2a02:26f0:480... 20940 (AKAMAI-ASN1)
27 2606:2800:233... 15133 (EDGECAST)
3 199.232.196.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 151.101.192.134 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
57 8
Apex Domain
Subdomains
Transfer
29 esetstatic.com
web-assets.esetstatic.com
cdn.esetstatic.com
1 MB
18 welivesecurity.com
www.welivesecurity.com — Cisco Umbrella Rank: 380578
1 MB
4 disqus.com
welivesecurity.disqus.com
disqus.com — Cisco Umbrella Rank: 1722
referrer.disqus.com — Cisco Umbrella Rank: 7356
27 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
205 KB
0 go-mpulse.net Failed
s.go-mpulse.net Failed
57 6
Domain Requested by
27 web-assets.esetstatic.com www.welivesecurity.com
18 www.welivesecurity.com www.welivesecurity.com
2 region1.google-analytics.com www.googletagmanager.com
2 referrer.disqus.com
2 cdn.esetstatic.com www.googletagmanager.com
2 www.googletagmanager.com www.welivesecurity.com
www.googletagmanager.com
1 disqus.com welivesecurity.disqus.com
1 welivesecurity.disqus.com www.welivesecurity.com
0 s.go-mpulse.net Failed www.welivesecurity.com
57 9
Subject Issuer Validity Valid
www.welivesecurity.com
Thawte TLS RSA CA G1
2024-01-19 -
2025-01-18
a year crt.sh
web-assets.esetstatic.com
Thawte TLS RSA CA G1
2024-05-22 -
2025-05-21
a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-16 -
2025-04-16
a year crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
cdn.esetstatic.com
Thawte TLS RSA CA G1
2023-11-06 -
2024-11-05
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Frame ID: 5FD6C2941C628692721B6AE86C8D1272
Requests: 56 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
Frame ID: 07500CF21CD8BB90C90F81CA73D7630E
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&t_e=30590&t_d=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&t_t=30590&s_o=default&l=en
Frame ID: CAC91F723AB962828BCD894D530A7D12
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: E3F86470C359D4EC24C20A7CC633BBC2
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8E3BD195D5248CFDCA33E6BB509955AF
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

HotPage: Story of a signed, vulnerable, ad-injecting driver

Page URL History Show full URLs

  1. http://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/ HTTP 307
    https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

96 %
HTTPS

71 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

3080 kB
Transfer

4543 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/ HTTP 307
    https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Redirect Chain
  • http://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
  • https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
143 KB
40 KB
Document
General
Full URL
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fabaa12dfb54da8d087b5ccbea050c2b292ee616bc844e0406bb318e0d98b94b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=86400 public
content-encoding
gzip
content-length
36827
content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 05:15:06 GMT
expires
Fri, 26 Jul 2024 23:25:16 GMT
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1721970906763_34831752_2527685_15_1038_19_29_255";dur=1
strict-transport-security
max-age=15724800
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-content-type-options
nosniff
x-edps-request-status
normal
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Non-Authoritative-Reason
HttpsUpgrades
FedraSansAltPro-BookLF-405f3258.woff
www.welivesecurity.com/build/assets/
163 KB
167 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-BookLF-405f3258.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
405f32580b4440f0ddf2af9fcfd37fc9a863fde26b57b5623a9b188d61d47166
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527755_22_878_19_0_219";dur=1
content-length
166912
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:12:46 GMT
etag
"668e346e-28c00"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Mon, 14 Jul 2025 20:38:16 GMT
FedraSansAltPro-BoldLF-31f4bc72.woff
www.welivesecurity.com/build/assets/
162 KB
166 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-BoldLF-31f4bc72.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
31f4bc726f2849a3c8f77f8432b635d2d4529a3ff80b669fc9e21b0ed1c81ea7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527756_22_879_19_0_219";dur=1
content-length
166288
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:13:19 GMT
etag
"668e348f-28990"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Mon, 14 Jul 2025 20:38:16 GMT
FedraSansAltPro-DemiLF-8885b886.woff
www.welivesecurity.com/build/assets/
164 KB
168 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-DemiLF-8885b886.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8885b88667beb8538140ecc550853e59d12e85fbd73dd70d4487b6cc757d8a2b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'none'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'none'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'none'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'none'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527757_74_560_19_0_219";dur=1
content-length
167780
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Jun 2024 05:17:11 GMT
etag
"665ff4d7-28f64"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Tue, 24 Jun 2025 22:08:12 GMT
hotpage-ad-injecting-driver.jpeg
web-assets.esetstatic.com/tn/-x425/wls/2024/7-2024/hotpage/
96 KB
96 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x425/wls/2024/7-2024/hotpage/hotpage-ad-injecting-driver.jpeg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D0A) /
Resource Hash
87a1d4805e0817f0fbc5e31d734733e3d54cb3fce5c49efce0bb0602215b228c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
1261342
x-cache
HIT
content-length
97813
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 13:50:10 GMT
server
ECAcc (frc/4D0A)
etag
W/"668fe312-484a4"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
article-header-995fa639.js
www.welivesecurity.com/build/assets/
442 B
4 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/article-header-995fa639.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
606ea62b1a8a1e2b24b9e0eafef0757cea22f73f3956d6548611f7c26c4551b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527758_24_857_19_0_219";dur=1
content-length
200
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:39:10 GMT
etag
W/"668e346e-1ba"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:39:10 GMT
app-6317871c.css
www.welivesecurity.com/build/assets/
298 KB
36 KB
Stylesheet
General
Full URL
https://www.welivesecurity.com/build/assets/app-6317871c.css
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6317871c5ca7b272b4fd676ec207449ca4e75847b4af2c95f4682e15fde4af95
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527754_19_913_19_0_255";dur=1
content-length
32655
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:45:58 GMT
etag
W/"668e349f-4a871"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
text/css
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:45:11 GMT
romain-dumont.jpeg
web-assets.esetstatic.com/tn/-x45/wls/
1 KB
1 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x45/wls/romain-dumont.jpeg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF5) /
Resource Hash
e1dff8ed16093991fa6c2b2bb97094a50e8ab172eda52cf1a1bfd250f6f27ba7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
5501026
x-cache
HIT
content-length
1271
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Mon, 08 Apr 2024 11:07:10 GMT
server
ECAcc (frc/4CF5)
etag
W/"6613cfde-272f6"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
hotpage-ad-injecting-driver.jpeg
web-assets.esetstatic.com/tn/-x700/wls/2024/7-2024/hotpage/
250 KB
250 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x700/wls/2024/7-2024/hotpage/hotpage-ad-injecting-driver.jpeg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D0B) /
Resource Hash
52a86849e7e3e7691af809d2c105815b157c49d151e4f1cf4b92a5e7a97e7240
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
1261342
x-cache
HIT
content-length
256273
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 13:50:10 GMT
server
ECAcc (frc/4D0B)
etag
W/"668fe312-484a4"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-1-owner-of-hotpage-driver-s-digital-signature.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
6 KB
6 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-1-owner-of-hotpage-driver-s-digital-signature.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
7583504bff4b63512acd5e13c8e60b4bc9955ce1859ff183cfa6f0b6c9b809c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
917513
x-cache
HIT
content-length
5831
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:54:38 GMT
server
ECAcc (frc/4CCC)
etag
"668fc7fe-16c7"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-2-hotpage-driver-s-certificate-extended-verification-and-code-signing-attributes.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
29 KB
29 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-2-hotpage-driver-s-certificate-extended-verification-and-code-signing-attributes.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF0) /
Resource Hash
b1b30f675551e709f6d1caed8d1b1c897d619b3ca5577a2230714102df8f6820
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
29438
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:54:44 GMT
server
ECAcc (frc/4CF0)
etag
"668fc804-72fe"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-3-hotpage-driver-s-certificate-spcspopusinfo-attribute.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
26 KB
26 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-3-hotpage-driver-s-certificate-spcspopusinfo-attribute.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
a6a59d9a1a12c4ee271462b1560b268ad77e6723418d67aa80167b15777d68e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
26306
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:54:51 GMT
server
ECAcc (frc/4CD8)
etag
"668fc80b-66c2"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-4-extraction-of-the-company-name-from-the-hotpage-driver-s-certificate.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
22 KB
22 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-4-extraction-of-the-company-name-from-the-hotpage-driver-s-certificate.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE5) /
Resource Hash
4d1df5ca3cf533ceb1c49841384da1e26149e66afcdf851686fdeed71553ebd6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
22083
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:55:06 GMT
server
ECAcc (frc/4CE5)
etag
"668fc81a-5643"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-5-the-chinese-company-s-certified-products-listed-in-the-windows-server-catalog.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
60 KB
60 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-5-the-chinese-company-s-certified-products-listed-in-the-windows-server-catalog.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCB) /
Resource Hash
2afa4bb064d0739c9a7a9fb4e3097772cc6851f2d76011e27c084a76a6195fb6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
61094
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:55:15 GMT
server
ECAcc (frc/4CCB)
etag
"668fc823-eea6"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-6-translated-executive-and-shareholder-information-about-the-company.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
11 KB
11 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-6-translated-executive-and-shareholder-information-about-the-company.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C89) /
Resource Hash
104efd46c7dc18e0bce68c2e6aa55b8e6a3539ecaf64647565e815aaee9125c6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
11461
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:55:31 GMT
server
ECAcc (frc/4C89)
etag
"668fc833-2cc5"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-7-screenshot-of-the-dwadsafe-com-webpage-made-by-zhizhuyinqing-com.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
77 KB
77 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-7-screenshot-of-the-dwadsafe-com-webpage-made-by-zhizhuyinqing-com.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
c6ebb42e216e9d29ccd465dd04ca1bd5e99ce616a112c5768680fbdbb57cc4c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
78822
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:55:52 GMT
server
ECAcc (frc/4CD8)
etag
"668fc848-133e6"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-8-mention-of-dwadsafe-com-in-a-forum-dedicated-to-internet-cafe-maintenance.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
36 KB
36 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-8-mention-of-dwadsafe-com-in-a-forum-dedicated-to-internet-cafe-maintenance.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF6) /
Resource Hash
98ac4777472493ddbd66eac73dce3b98604854c71a85acef30bd694653e8871e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
36824
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:10 GMT
server
ECAcc (frc/4CF6)
etag
"668fc85a-8fd8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-9-overview-of-the-installer-s-workflow.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
47 KB
47 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-9-overview-of-the-installer-s-workflow.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C95) /
Resource Hash
a297b088ceacb9f017f649398e1b2e7207263e9b568f7e2b2b7885e70a1988ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
48319
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:17 GMT
server
ECAcc (frc/4C95)
etag
"668fc861-bcbf"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-10-newtalbe-configuration.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
58 KB
58 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-10-newtalbe-configuration.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE4) /
Resource Hash
f01620d3843095a3b4437dfb1763ea8e2c4274419dbd28e4a4209294a60fe49f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
59410
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:24 GMT
server
ECAcc (frc/4CE4)
etag
"668fc868-e812"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-11-simplified-driver-logic.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
77 KB
77 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-11-simplified-driver-logic.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF5) /
Resource Hash
0d4428d1d74f11d19b39ca987c36e48dc25fe1b6db8a328668eb81c781d253d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
78395
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:31 GMT
server
ECAcc (frc/4CF5)
etag
"668fc86f-1323b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-12-the-hotpage-configuration.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
42 KB
43 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-12-the-hotpage-configuration.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE0) /
Resource Hash
19fbbe2771762dcf412927b7a21c485e3be50a4c3e8f08e1777b31a85681ad5f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
43427
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:38 GMT
server
ECAcc (frc/4CE0)
etag
"668fc876-a9a3"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-13-legitimate-main-page-of-the-web-directory-2345-com.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
76 KB
76 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-13-legitimate-main-page-of-the-web-directory-2345-com.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D0B) /
Resource Hash
8239918c48f90074fed5191d03091dd697a9eab18d2af8f2d7f188c1b8823ec8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
78108
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:56:45 GMT
server
ECAcc (frc/4D0B)
etag
"668fc87d-1311c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-14-ad-riddled-page-mimicking-the-homepage-of-2345-com.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
57 KB
57 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-14-ad-riddled-page-mimicking-the-homepage-of-2345-com.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCA) /
Resource Hash
0a54497ae129172c0ac2901fc95a2955685eb767a18cc4c404603ec6f3a66b65
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
58432
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:51 GMT
server
ECAcc (frc/4CCA)
etag
"668fc8bf-e440"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-15-function-that-finds-the-command-line-buffer-left-and-disassembly-of-the-getcommandlinea.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
30 KB
30 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-15-function-that-finds-the-command-line-buffer-left-and-disassembly-of-the-getcommandlinea.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBC) /
Resource Hash
daa0e040618ce7765400a255051eb18ae5939ef6ddd220ed8474263c26f48b07
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
30545
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:12 GMT
server
ECAcc (frc/4CBC)
etag
"668fc898-7751"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-16-patterns-used-to-find-the-dopayloadwrite-function.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
34 KB
34 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-16-patterns-used-to-find-the-dopayloadwrite-function.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
6373412ff05fdabada6b5a14b11909fe70f15119c285d248432e2fff061db61c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
34629
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:19 GMT
server
ECAcc (frc/4CB9)
etag
"668fc89f-8745"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-17-finding-the-pointer-to-the-ssl-write-function.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
18 KB
18 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-17-finding-the-pointer-to-the-ssl-write-function.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
4c1f0baf28c8b5ba812dde1b3d3c3569550c1be95d253ec0bdc309cc65066da4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
18746
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:26 GMT
server
ECAcc (frc/4CEB)
etag
"668fc8a6-493a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-18-hook-routine-for-ntdeviceiocontrolfile-api-function.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
22 KB
22 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-18-hook-routine-for-ntdeviceiocontrolfile-api-function.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAC) /
Resource Hash
4e1a1c905aa7bfa1fb95f46dbd43aa8999dba449e63566a9aed2e94c07e539d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
22236
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:35 GMT
server
ECAcc (frc/4CAC)
etag
"668fc8af-56dc"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-19-redirection-method-0.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
103 KB
103 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-19-redirection-method-0.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCD) /
Resource Hash
690467af6b93cbab28e7c0bdc9de5e656ea93f8e2e81d4962a7154757626f1b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
105297
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:58 GMT
server
ECAcc (frc/4CCD)
etag
"668fc8c6-19b51"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
figure-20-log-file-of-our-injected-library.png
web-assets.esetstatic.com/wls/2024/7-2024/hotpage/
113 KB
113 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2024/7-2024/hotpage/figure-20-log-file-of-our-injected-library.png
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8C) /
Resource Hash
341d64cf56a121004afcb27357c736f58d8abb549e1ea1a9952319e12396ed88
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
841133
x-cache
HIT
content-length
115616
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jul 2024 11:57:44 GMT
server
ECAcc (frc/4C8C)
etag
"668fc8b8-1c3a0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
welivesecurity-eset-threat-intelligence.jpeg
web-assets.esetstatic.com/wls/2023/2023-12/
72 KB
72 KB
Image
General
Full URL
https://web-assets.esetstatic.com/wls/2023/2023-12/welivesecurity-eset-threat-intelligence.jpeg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C92) /
Resource Hash
a7def1fa0223f6d52a8d16be0dfde290883e9e2aa7911d0bfd46141eae8beabe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff
age
5514218
x-cache
HIT
content-length
73925
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Apr 2024 13:50:18 GMT
server
ECAcc (frc/4C92)
etag
"6615479a-120c5"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
signed-kernel-drivers-windows-vulnerabilities-1.jpg
web-assets.esetstatic.com/tn/-x82/wls/2022/01/
3 KB
3 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x82/wls/2022/01/signed-kernel-drivers-windows-vulnerabilities-1.jpg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C84) /
Resource Hash
ba5b7534881bcdd8afe257687f0232466b1fb2bc51d69b09eb899b451cb4e63b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
5028141
x-cache
HIT
content-length
2928
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Tue, 09 Apr 2024 11:49:39 GMT
server
ECAcc (frc/4C84)
etag
W/"66152b53-a90c"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
DLink_Malware-1.jpg
web-assets.esetstatic.com/tn/-x82/wls/2018/06/
6 KB
6 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x82/wls/2018/06/DLink_Malware-1.jpg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
99ed04b99018e7ea4c5c0637dedba28d941b37c8c3237f104f59629dca866188
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
5026153
x-cache
HIT
content-length
6411
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Tue, 09 Apr 2024 06:00:13 GMT
server
ECAcc (frc/4CD8)
etag
W/"6614d96d-f4cd6"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
Untitled-design-2-1.jpg
web-assets.esetstatic.com/tn/-x82/wls/2019/06/
4 KB
4 KB
Image
General
Full URL
https://web-assets.esetstatic.com/tn/-x82/wls/2019/06/Untitled-design-2-1.jpg
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD8) /
Resource Hash
d910ee8ab8f906544584f00c2e8abc76bfea117284beb58429a8dc26e32669dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:06 GMT
strict-transport-security
max-age=15724800
x-content-type-options
nosniff, nosniff
age
5437984
x-cache
HIT
content-length
4441
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Tue, 09 Apr 2024 07:34:40 GMT
server
ECAcc (frc/4CD8)
etag
W/"6614ef90-15592"
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://web-assets.esetstatic.com, https://web-assets.esetstatic.com
cache-control
max-age=7776000, public
access-control-allow-credentials
true, true
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none', accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'none'; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
accept-ranges
bytes
access-control-allow-headers
Content-Type, Content-Type
expires
Thu, 24 Oct 2024 05:15:06 GMT
apt-activity-report-4523d00f.webp
www.welivesecurity.com/build/assets/
42 KB
46 KB
Image
General
Full URL
https://www.welivesecurity.com/build/assets/apt-activity-report-4523d00f.webp
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4523d00f830e0b1ed61aae703522b8ec315f4e5b00357656875c9148c20d988c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906899_34831752_2527859_21_1037_19_0_146";dur=1
content-length
42990
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:13:02 GMT
etag
"668e347e-a7ee"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000, public
accept-ranges
bytes
expires
Sun, 13 Oct 2024 18:20:10 GMT
app-7a4ecde0.js
www.welivesecurity.com/build/assets/
80 KB
25 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/app-7a4ecde0.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b67a0820b92ad626dd7204b203736274c68fa2cb1a107077d571e60f6dedf96
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'none'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'none'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'none'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'none'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527759_24_856_19_0_219";dur=1
content-length
22056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jun 2024 12:56:19 GMT
etag
W/"665ff4e7-13f2d"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Tue, 10 Sep 2024 13:00:52 GMT
search-7d9f58b7.js
www.welivesecurity.com/build/assets/
276 KB
88 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/search-7d9f58b7.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
956f61e41e263b6074a58cbcb2eb181014e8c8e277388ebd98cc0d59921577f4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527760_28_969_19_0_219";dur=1
content-length
86056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:42:36 GMT
etag
W/"668e349f-44eae"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:41:00 GMT
_commonjsHelpers-042e6b4d.js
www.welivesecurity.com/build/assets/
725 B
4 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/_commonjsHelpers-042e6b4d.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed915d2176566b841f0e01e7632ce7a20b023cbcb4f5976a6015284fccd8a865
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527761_29_954_19_0_219";dur=1
content-length
330
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:39:40 GMT
etag
W/"668e345e-2d5"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:39:38 GMT
prism-40494b65.css
www.welivesecurity.com/build/assets/
2 KB
4 KB
Stylesheet
General
Full URL
https://www.welivesecurity.com/build/assets/prism-40494b65.css
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
40494b653a0f9485c88432191eaace18e7dff8646f45114d6007fe19da129e34
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906899_34831752_2527857_19_978_19_0_182";dur=1
content-length
563
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:44:22 GMT
etag
W/"668e345e-6fa"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
text/css
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:43:35 GMT
prism-40d1b0a4.js
www.welivesecurity.com/build/assets/
66 KB
24 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/prism-40d1b0a4.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6572478fbf8e29ee8109a22286fd9f82330fae739c518b58d5f37df25e17ea37
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906839_34831752_2527762_28_934_19_0_219";dur=1
content-length
20342
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:39:43 GMT
etag
W/"668e345e-10728"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:39:42 GMT
article-e3625c4c.css
www.welivesecurity.com/build/assets/
23 KB
8 KB
Stylesheet
General
Full URL
https://www.welivesecurity.com/build/assets/article-e3625c4c.css
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3625c4c1b10a8e8b5fb271f45549d6d68e0a9c462062fc927709ea7ab285ca5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906899_34831752_2527858_21_959_19_0_182";dur=1
content-length
4371
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:42:39 GMT
etag
W/"668e345e-5d19"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
text/css
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:41:26 GMT
article-fd027339.js
www.welivesecurity.com/build/assets/
140 KB
39 KB
Script
General
Full URL
https://www.welivesecurity.com/build/assets/article-fd027339.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9d5fa7dbd42331253c178a9fb1ce2aaac7543c8667326489b58d4ab3a51abfd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
x-edps-request-status
normal
date
Fri, 26 Jul 2024 05:15:06 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970906864_34831752_2527803_51_1059_20_0_219";dur=1
content-length
36164
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Jul 2024 20:40:21 GMT
etag
W/"668e345e-23021"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public
expires
Sat, 12 Oct 2024 20:40:19 GMT
7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/
0
0

7R9SM-QGSYF-QDLJK-UETXR-SPM6B
s.go-mpulse.net/boomerang/ Frame 0750
0
0

embed.js
welivesecurity.disqus.com/
80 KB
26 KB
Script
General
Full URL
https://welivesecurity.disqus.com/embed.js
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a58697d3b48910904c527c8ce1368c3c36998480c33de36143d46394a5055ff0
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:15:06 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
5
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
26392
gtm.js
www.googletagmanager.com/
362 KB
114 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db0ea8a5916a2b339361932737617aea6835f1b97c1a31b475fb8078d461e1ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116688
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Jul 2024 05:15:07 GMT
truncated
/
671 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
644fbb688b94c602990a4988d379d439a5151ea782e06496cb6347cbbb64e49d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
FedraSansAltPro-MediumLF-261e3ac5.woff
www.welivesecurity.com/build/assets/
166 KB
170 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-MediumLF-261e3ac5.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/build/assets/app-6317871c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
261e3ac5dbb4ba8069ecba539a13b971d2e147981f4573e993410d8bd6de0037
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/build/assets/app-6317871c.css
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:07 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970907146_34831752_2528211_18_869_24_0_255";dur=1
content-length
170432
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:12:10 GMT
etag
"668e344a-299c0"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Mon, 14 Jul 2025 20:38:17 GMT
FedraSansAltPro-BookItalicLF-4cad214a.woff
www.welivesecurity.com/build/assets/
162 KB
166 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-BookItalicLF-4cad214a.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/build/assets/app-6317871c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4cad214a2eeb48599ea314d32d2685f6554fe548be21add2f606db059530506e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/build/assets/app-6317871c.css
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:07 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970907146_34831752_2528212_20_854_24_0_255";dur=1
content-length
165752
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:13:02 GMT
etag
"668e347e-28778"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Mon, 14 Jul 2025 20:38:29 GMT
FedraSansAltPro-LightLF-ec800a5b.woff
www.welivesecurity.com/build/assets/
159 KB
163 KB
Font
General
Full URL
https://www.welivesecurity.com/build/assets/FedraSansAltPro-LightLF-ec800a5b.woff
Requested by
Host: www.welivesecurity.com
URL: https://www.welivesecurity.com/build/assets/app-6317871c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec800a5bcb2d4e57adcc0c7ec3d69427ac3e392d4a0302891dd76fb80ffd0bfd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/build/assets/app-6317871c.css
Origin
https://www.welivesecurity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
date
Fri, 26 Jul 2024 05:15:07 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970907146_34831752_2528213_18_928_24_0_255";dur=1
content-length
162900
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:13:02 GMT
etag
"668e347e-27c54"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Mon, 14 Jul 2025 20:38:17 GMT
js
www.googletagmanager.com/gtag/
259 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FBY6B30C4M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab1e24e43c19d5052f3c5c313d77c8e16fc25e30fa835ed02323da51323f9b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93036
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jul 2024 05:15:07 GMT
app.min.css
cdn.esetstatic.com/cookie-consent/v3/
21 KB
5 KB
Stylesheet
General
Full URL
https://cdn.esetstatic.com/cookie-consent/v3/app.min.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81b0b9aa30ff74d6e8eb03dc1ac3399d5374e3bf6d0cea7dae97de1d607d5bf3

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:07 GMT
content-encoding
br
last-modified
Fri, 17 May 2024 07:32:50 GMT
etag
W/"0x8DC76438E9D1B90"
vary
Accept-Encoding
x-azure-ref
20240726T051507Z-16b8f8f97cfbrwqwxk4ey2ypqs00000000pg00000000d98e
content-type
text/css
x-ms-request-id
d5356b5c-201e-003d-1209-de81c6000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
60203617
app.min.js
cdn.esetstatic.com/cookie-consent/v3/
381 KB
140 KB
Script
General
Full URL
https://cdn.esetstatic.com/cookie-consent/v3/app.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMDGSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06d4793872942785be4a2c1f4f3336f89e092d61a5380dfc991b115545e2a881

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 05:15:07 GMT
content-encoding
br
last-modified
Fri, 17 May 2024 07:32:50 GMT
etag
W/"0x8DC76438EBCDC12"
vary
Accept-Encoding
x-azure-ref
20240726T051507Z-16b8f8f97cfbrwqwxk4ey2ypqs00000000pg00000000d98f
content-type
text/javascript
x-ms-request-id
8db30da2-901e-0065-50d8-de5999000000
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
60203617
favicon.ico
www.welivesecurity.com/
1 KB
5 KB
Other
General
Full URL
https://www.welivesecurity.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
x-edps-request-status
normal
x-content-type-options
nosniff
strict-transport-security
max-age=15724800
content-encoding
gzip
date
Fri, 26 Jul 2024 05:15:07 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721970907452_34831752_2528823_11_801_19_0_219";dur=1
content-length
980
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Jul 2024 07:13:19 GMT
etag
W/"668e348f-57e"
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=7776000, public
expires
Sat, 12 Oct 2024 20:38:18 GMT
/
disqus.com/embed/comments/ Frame CAC9
0
0
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=welivesecurity&t_i=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&t_u=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&t_e=30590&t_d=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&t_t=30590&s_o=default&l=en
Requested by
Host: welivesecurity.disqus.com
URL: https://welivesecurity.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.134 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Age
5
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3239
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 26 Jul 2024 05:15:07 GMT
ETag
W/"lounge:view:10255041399.0966a81f18aac3a0dd7699189a31dc52.2"
Last-Modified
Thu, 11 Jul 2024 11:49:14 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
event.gif
referrer.disqus.com/juggler/
43 B
339 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=1pbl5m531s6m95&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=welivesecurity&zone=thread&version=e621ec0efa439e4ab046fb8b5c626aff&page_url=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2152520
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:15:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
event.gif
referrer.disqus.com/juggler/
43 B
339 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=1pbl5m531s6m95&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=welivesecurity&zone=thread&version=e621ec0efa439e4ab046fb8b5c626aff&page_url=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2152520
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 05:15:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
x-xss-protection
1; mode=block
truncated
/ Frame E3F8
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E3F8
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E3F8
155 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E3B
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E3B
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E3B
155 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FBY6B30C4M&gtm=45je47o0v889440112z86269785za200zb6269785&_p=1721970906951&gcs=G101&gcd=13q3v3q2q5&npa=1&dma_cps=-&dma=1&tag_exp=95250753&cid=1658881874.1721970908&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&ngs=1&_s=1&sid=1721970907&sct=1&seg=0&dl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&dt=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&en=page_view&_fv=2&_nsi=1&_ss=2&ep.branch=en&ep.page_location_noquery=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&ep.hostname=www.welivesecurity.com&ep.useragent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ep.article_category=ESET%20Research&ep.article_date=2024%2F07%2F18&ep.article_section=(not%20set)&ep.author=Romain%20Dumont&ep.blog_length=3k%2B&epn.publication_id=30590&ep.cookie_consent=b%3A1%7Ca%3A0%7Cm%3A0&tfd=837
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBY6B30C4M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 05:15:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.welivesecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FBY6B30C4M&gtm=45je47o0v889440112z86269785za200zb6269785&_p=1721970906951&gcs=G101&gcd=13q3v3q2q5&npa=1&dma_cps=-&dma=1&tag_exp=95250753&cid=1658881874.1721970908&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&ngs=1&_s=2&sid=1721970907&sct=1&seg=0&dl=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&dt=HotPage%3A%20Story%20of%20a%20signed%2C%20vulnerable%2C%20ad-injecting%20driver&en=cookie_consent_visible&ep.branch=en&ep.page_location_noquery=https%3A%2F%2Fwww.welivesecurity.com%2Fen%2Feset-research%2Fhotpage-story-signed-vulnerable-ad-injecting-driver%2F&ep.hostname=www.welivesecurity.com&ep.useragent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ep.article_category=ESET%20Research&ep.article_date=2024%2F07%2F18&ep.article_section=(not%20set)&ep.author=Romain%20Dumont&ep.blog_length=3k%2B&epn.publication_id=30590&ep.cookie_consent=b%3A1%7Ca%3A0%7Cm%3A0&_et=113&tfd=5953
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBY6B30C4M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 05:15:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.welivesecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B
Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| $current_language object| BOOMR_mq string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| disqus_config object| dataLayer number| uidEvent object| __VUE_INSTANCE_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ object| Prism object| DISQUS object| google_tag_manager object| google_tag_data number| BOOMR_onload function| onYouTubeIframeAPIReady string| myDomain object| links object| gaGlobal object| regeneratorRuntime object| $cookiebar

3 Cookies

Domain/Path Name / Value
.welivesecurity.com/ Name: AKA_A2
Value: A
.welivesecurity.com/ Name: _ga
Value: GA1.1.1658881874.1721970908
.welivesecurity.com/ Name: _ga_FBY6B30C4M
Value: GS1.1.1721970907.1.0.1721970907.0.0.0

13 Console Messages

Source Level URL
Text
security error URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/(Line 55)
Message:
Refused to load the script 'https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/(Line 55)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/(Line 55)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/(Line 55)
Message:
Refused to load the script 'https://s.go-mpulse.net/boomerang/7R9SM-QGSYF-QDLJK-UETXR-SPM6B' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://welivesecurity.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://welivesecurity.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://welivesecurity.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://welivesecurity.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://welivesecurity.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://welivesecurity.disqus.com/
Message:
Refused to frame 'https://tempest.services.disqus.com/' because it violates the following Content Security Policy directive: "frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com".
security error URL: https://welivesecurity.disqus.com/
Message:
Refused to frame 'https://tempest.services.disqus.com/' because it violates the following Content Security Policy directive: "frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com".
javascript warning URL: https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver/
Message:
The resource https://web-assets.esetstatic.com/tn/-x425/wls/2024/7-2024/hotpage/hotpage-ad-injecting-driver.jpeg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; child-src https://disqus.com https://vars.hotjar.com; connect-src 'self' http://ad.doubleclick.net https://*.akamaihd.net https://*.akstat.io https://*.eset.com https://*.hotjar.com https://*.hotjar.io https://adservice.google.com https://captcha.eset.com https://captcha.welivesecurity.com https://cc.welivesecurity.com https://cdn.esetstatic.com https://cdn.linkedin.oribi.io https://in.hotjar.com https://px.ads.linkedin.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://trial-eum-clientnsv4-s.akamaihd.net https://trial-eum-clienttons-s.akamaihd.net https://vc.hotjar.io https://ws22.hotjar.com https://ws32.hotjar.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.opinionstage.com wss://*.hotjar.com wss://ws1.hotjar.com; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.slideshare.net https://bid.g.doubleclick.net https://c.disquscdn.com https://disqus.com https://m.facebook.com https://open.spotify.com/ https://platform.twitter.com https://player.vimeo.com https://share.transistor.fm https://tpc.googlesyndication.com https://vars.hotjar.com https://www.facebook.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.podbean.com https://www.screencast.com https://www.slideshare.net https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: https://*.ads.linkedin.com https://*.esetstatic.com https://adservice.google.com https://analytics.twitter.com https://c.disquscdn.com https://captcha.welivesecurity.com https://connect.facebook.net https://googleads.g.doubleclick.net https://px.ads.linkedin.com https://referrer.disqus.com https://region1.google-analytics.com https://script.hotjar.com https://secure.eset.com https://syndication.twitter.com https://t.co https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.google.al https://www.google.ba https://www.google.bf https://www.google.bg https://www.google.by https://www.google.ca https://www.google.cd https://www.google.ch https://www.google.co.ao https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ls https://www.google.co.ma https://www.google.co.tz https://www.google.co.za https://www.google.com.af https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.br https://www.google.com.co https://www.google.com.do https://www.google.com.eg https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.kw https://www.google.com.ly https://www.google.com.mx https://www.google.com.ni https://www.google.com.pe https://www.google.com.ph https://www.google.com.pk https://www.google.com.sa https://www.google.com.sl https://www.google.com.tr https://www.google.com.tw https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gm https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ie https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.mw https://www.google.no https://www.google.ps https://www.google.rs https://www.google.sk https://www.google.tg https://www.google.tn https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.youtube.com; manifest-src 'self'; media-src 'self' https://web-assets.esetstatic.com; object-src 'self' https://content.screencast.com; prefetch-src https://c.disquscdn.com https://disqus.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://a.disquscdn.com https://assets.esetstatic.com https://cdn.esetstatic.com https://connect.facebook.net https://googleads.g.doubleclick.net https://platform.twitter.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://tpc.googlesyndication.com https://welivesecurity.disqus.com https://www.google-analytics.com https://www.google.ie https://www.google.nl https://www.googleadservices.com https://www.googletagmanager.com https://www.instagram.com https://www.opinionstage.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://assets.esetstatic.com https://c.disquscdn.com https://cdn.esetstatic.com; worker-src 'self'; report-uri https://www-welivesecurity-com.api.cspconsole.com/v1/csp/report; report-to default;
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.esetstatic.com
disqus.com
referrer.disqus.com
region1.google-analytics.com
s.go-mpulse.net
web-assets.esetstatic.com
welivesecurity.disqus.com
www.googletagmanager.com
www.welivesecurity.com
s.go-mpulse.net
151.101.192.134
199.232.196.134
2001:4860:4802:32::36
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:806::2008
2a02:26f0:480:f::213:7ec8
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
06d4793872942785be4a2c1f4f3336f89e092d61a5380dfc991b115545e2a881
0a54497ae129172c0ac2901fc95a2955685eb767a18cc4c404603ec6f3a66b65
0d4428d1d74f11d19b39ca987c36e48dc25fe1b6db8a328668eb81c781d253d4
104efd46c7dc18e0bce68c2e6aa55b8e6a3539ecaf64647565e815aaee9125c6
13d1a190e6a23400b5547645f6f047e82b37c0edbadc1bc65616e3bbe245c4e8
19fbbe2771762dcf412927b7a21c485e3be50a4c3e8f08e1777b31a85681ad5f
261e3ac5dbb4ba8069ecba539a13b971d2e147981f4573e993410d8bd6de0037
2afa4bb064d0739c9a7a9fb4e3097772cc6851f2d76011e27c084a76a6195fb6
31f4bc726f2849a3c8f77f8432b635d2d4529a3ff80b669fc9e21b0ed1c81ea7
341d64cf56a121004afcb27357c736f58d8abb549e1ea1a9952319e12396ed88
40494b653a0f9485c88432191eaace18e7dff8646f45114d6007fe19da129e34
405f32580b4440f0ddf2af9fcfd37fc9a863fde26b57b5623a9b188d61d47166
4523d00f830e0b1ed61aae703522b8ec315f4e5b00357656875c9148c20d988c
4c1f0baf28c8b5ba812dde1b3d3c3569550c1be95d253ec0bdc309cc65066da4
4cad214a2eeb48599ea314d32d2685f6554fe548be21add2f606db059530506e
4d1df5ca3cf533ceb1c49841384da1e26149e66afcdf851686fdeed71553ebd6
4e1a1c905aa7bfa1fb95f46dbd43aa8999dba449e63566a9aed2e94c07e539d6
52a86849e7e3e7691af809d2c105815b157c49d151e4f1cf4b92a5e7a97e7240
606ea62b1a8a1e2b24b9e0eafef0757cea22f73f3956d6548611f7c26c4551b5
6317871c5ca7b272b4fd676ec207449ca4e75847b4af2c95f4682e15fde4af95
6373412ff05fdabada6b5a14b11909fe70f15119c285d248432e2fff061db61c
644fbb688b94c602990a4988d379d439a5151ea782e06496cb6347cbbb64e49d
6572478fbf8e29ee8109a22286fd9f82330fae739c518b58d5f37df25e17ea37
690467af6b93cbab28e7c0bdc9de5e656ea93f8e2e81d4962a7154757626f1b6
7583504bff4b63512acd5e13c8e60b4bc9955ce1859ff183cfa6f0b6c9b809c8
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
81b0b9aa30ff74d6e8eb03dc1ac3399d5374e3bf6d0cea7dae97de1d607d5bf3
8239918c48f90074fed5191d03091dd697a9eab18d2af8f2d7f188c1b8823ec8
87a1d4805e0817f0fbc5e31d734733e3d54cb3fce5c49efce0bb0602215b228c
8885b88667beb8538140ecc550853e59d12e85fbd73dd70d4487b6cc757d8a2b
8b67a0820b92ad626dd7204b203736274c68fa2cb1a107077d571e60f6dedf96
956f61e41e263b6074a58cbcb2eb181014e8c8e277388ebd98cc0d59921577f4
98ac4777472493ddbd66eac73dce3b98604854c71a85acef30bd694653e8871e
99ed04b99018e7ea4c5c0637dedba28d941b37c8c3237f104f59629dca866188
a297b088ceacb9f017f649398e1b2e7207263e9b568f7e2b2b7885e70a1988ef
a58697d3b48910904c527c8ce1368c3c36998480c33de36143d46394a5055ff0
a6a59d9a1a12c4ee271462b1560b268ad77e6723418d67aa80167b15777d68e4
a7def1fa0223f6d52a8d16be0dfde290883e9e2aa7911d0bfd46141eae8beabe
ab1e24e43c19d5052f3c5c313d77c8e16fc25e30fa835ed02323da51323f9b1b
b1b30f675551e709f6d1caed8d1b1c897d619b3ca5577a2230714102df8f6820
ba5b7534881bcdd8afe257687f0232466b1fb2bc51d69b09eb899b451cb4e63b
c6ebb42e216e9d29ccd465dd04ca1bd5e99ce616a112c5768680fbdbb57cc4c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d910ee8ab8f906544584f00c2e8abc76bfea117284beb58429a8dc26e32669dd
daa0e040618ce7765400a255051eb18ae5939ef6ddd220ed8474263c26f48b07
db0ea8a5916a2b339361932737617aea6835f1b97c1a31b475fb8078d461e1ce
e1dff8ed16093991fa6c2b2bb97094a50e8ab172eda52cf1a1bfd250f6f27ba7
e3625c4c1b10a8e8b5fb271f45549d6d68e0a9c462062fc927709ea7ab285ca5
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e9d5fa7dbd42331253c178a9fb1ce2aaac7543c8667326489b58d4ab3a51abfd
ec800a5bcb2d4e57adcc0c7ec3d69427ac3e392d4a0302891dd76fb80ffd0bfd
ed915d2176566b841f0e01e7632ce7a20b023cbcb4f5976a6015284fccd8a865
f01620d3843095a3b4437dfb1763ea8e2c4274419dbd28e4a4209294a60fe49f
fabaa12dfb54da8d087b5ccbea050c2b292ee616bc844e0406bb318e0d98b94b