thenextweb.com Open in urlscan Pro
104.130.220.65  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://sync.search.spotxchange.com/partner?source=204258 HTTP 302
• https://sync.search.spotxchange.com/partner?source=204258&__user_check__=1&sync_id=13f1d760-cfeb-11e9-bc4a-107c10e90a06 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFpgdZ4m3TXuiti-taFZN8&google_cver=1 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=spotx&ttd_tpi=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7028&uid=8eaf4b9c-4e3a-4112-920d-edab8b58cd81&img=1 HTTP 302
• https://c1.adform.net/serving/cookie/match?party=30 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=30 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8459&uid=8217917924880701264&img=1 HTTP 302
• https://ad.sxp.smartclip.net/sync?type=host&dsp=48&dspuuid=13f1d70c-cfeb-11e9-bc4a-107c10e90a06&red=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8130%26uid%3D{UUID} HTTP 302
• https://ad.sxp.smartclip.net/sync?type=host&dsp=48&dspuuid=13f1d70c-cfeb-11e9-bc4a-107c10e90a06&red=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8130%26uid%3D{UUID}&ang_testid=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8130&uid=5d42b110-7717-48ec-8ce3-29000bac532b HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6653&uid=d7385d71-16fa-4900-ab93-99becc18b15d HTTP 302
• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=XXEeUAAAFHlD1hKk&img=1 HTTP 302
• https://dsp.adfarm1.adition.com/cookie/?ssp=14 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7577&uid=6733196251170732173

Request Chain 40

• https://wamfactory.solution.weborama.fr/stream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221%22%2C%22url%22%3A%22https%253A%252F%252Fthenextweb.com%252Fsecurity%252F2019%252F09%252F02%252Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%252F%22%2C%22ref%22%3A%22%22%7D&d.r=1567694416998 HTTP 307
• https://wamfactory.solution.weborama.fr/rstream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221%22%2C%22url%22%3A%22https%253A%252F%252Fthenextweb.com%252Fsecurity%252F2019%252F09%252F02%252Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%252F%22%2C%22ref%22%3A%22%22%7D&d.r=1567694416998

Request Chain 61

• https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&gjid=2006171015&_gid=162216671.1567694417&_u=aGBAgUArQAQC~&z=1292424705 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705&slf_rd=1&random=3066530691

Request Chain 78

• https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&gjid=2098438408&_gid=162216671.1567694417&_u=aHDAgUArQAQC~&z=757754610 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610&slf_rd=1&random=3513622464

Request Chain 85

• https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&c8=Fraudsters%20deepfake%20CEO%27s%20voice%20to%20trick%20manager%20into%20transferring%20%24243%2C000&c9=&cv=2.0&cj=1&ns__t=1567694421020 HTTP 302
• https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&c8=Fraudsters%20deepfake%20CEO%27s%20voice%20to%20trick%20manager%20into%20transferring%20%24243%2C000&c9=&cv=2.0&cj=1&ns__t=1567694421020

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/	105 KB 24 KB	1506ms 230ms	Document text/html	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 8a50b1a64c092e7d35a5527d6070584e6020fd96ca63178145fad35844db9000 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority thenextweb.com :scheme https :path /security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 server nginx date Thu, 05 Sep 2019 14:40:16 GMT content-type text/html; charset=UTF-8 set-cookie PHPSESSID=fbk562c8ftstm4v1fo4fc9lrtf; path=/ cache-control no-store, no-cache, must-revalidate pragma no-cache link <https://thenextweb.com/wp-json/>; rel="https://api.w.org/" <https://thenextweb.com/?p=1240282>; rel=shortlink vary Accept-Encoding x-cacheable YES content-encoding gzip age 2383 x-cache HIT accept-ranges bytes strict-transport-security max-age=31536000; x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff referrer-policy unsafe-url
GET H2	200	style.css cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/	181 KB 41 KB	61ms 18ms	Stylesheet text/css	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 954355e63b485946a75f221df66b4ac072d9c308d249c20bc70bcb7974936d58 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 3 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"2d368-591b5e7f8ef62-gzip" strict-transport-security max-age=31536000; content-type text/css cache-control public, max-age=5184000, must-revalidate
GET H2	200	facets.min.css thenextweb.com/wp-content/plugins/elasticpress/dist/css/	833 B 694 B	125ms 123ms	Stylesheet text/css	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/plugins/elasticpress/dist/css/facets.min.css?ver=3.0.3 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash e391cab635634a5f5456b9309c8eede3ed3e496b954d70eb26b2903c04411ca2 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109054 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 353 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "341-591b5e5e61c37-gzip" vary Accept-Encoding content-type text/css cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	jquery.js Show response thenextweb.com/wp-includes/js/jquery/	95 KB 33 KB	130ms 129ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109054 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 33766 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "17ba0-591b5e5ff8fdd-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	jquery-migrate.min.js Show response thenextweb.com/wp-includes/js/jquery/	10 KB 4 KB	231ms 230ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109054 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 4014 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "2748-591b5e5ff8fdd-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	wordlift-tnw-public.js Show response thenextweb.com/wp-content/plugins/wordlift-tnw/public/js/	838 B 830 B	125ms 124ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/plugins/wordlift-tnw/public/js/wordlift-tnw-public.js?ver=1.5.0-dev Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109054 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 479 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "346-591b5e5e7d1b7-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	tnw_adtech_setup.js Show response massariuscdn.com/pubs/tnw/	55 KB 8 KB	95ms 20ms	Script application/javascript	2606:4700:30::681b:8db9 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://massariuscdn.com/pubs/tnw/tnw_adtech_setup.js Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:8db9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash cb943f04723ec86a2e6465009ace0dc51bfa352d7722839b15d58dc49377fa75 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding br cf-cache-status HIT last-modified Wed, 04 Sep 2019 14:38:02 GMT server cloudflare age 4992 etag W/"5d6fcc4a-da41" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=1800 cf-ray 5118f5177b89cbd0-VIE expires Thu, 05 Sep 2019 15:10:16 GMT
GET H2	200	tnw.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	479 B 631 B	85ms 42ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/tnw.svg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 1c2723ad746207b0b451aec197cd753e1f79b052e2faf90bbe6ab7220cf21b34 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 3345 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"1df-590115f0723fe-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	voice-796x398.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2016/09/	31 KB 32 KB	91ms 49ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2016/09/voice-796x398.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 459335551187b9c6d17eee736cca37d09548c5d7991bbd656fbfc0fb9c77f6b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 4999 x-cache HIT status 200 content-length 32012 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "7d0c-553a98ce9aca7" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	vRZNU7bT.js Show response cdn.jwplayer.com/libraries/	112 KB 36 KB	36ms 9ms	Script text/javascript	2600:9000:20bb:ce00:1:a3fa:7cc0:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cdn.jwplayer.com/libraries/vRZNU7bT.js Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20bb:ce00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software openresty / Resource Hash e87072f1616b2248ef4c7a5d88ce93c1f8b5d658f7593a2244daf3002c7aa853 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:15 GMT content-encoding gzip server openresty x-amz-cf-pop FRA56 status 200 x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=150, max-stale=180 content-length 36851 via 1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront) x-amz-cf-id FVeEuQszhUa5f7pzlVpG4LqN46_xfsrR0aqHZPuUcbtVsd6oLNUSVw== expires Thu, 05 Sep 2019 14:42:45 GMT
GET H2	200	stackpath.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	3 KB 2 KB	21ms 18ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/stackpath.svg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 710353b5dc82107d4a281beea246c50b540ee446079bfab9521782720fd3deba Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 0 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"bcf-59103ee5f947a-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	icon-twitter.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	530 B 666 B	22ms 19ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icon-twitter.svg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 0a0caa7f2c3dda6f0b39dec629aec475f2f27073521b660a85a0812ab572b243 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 264 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"212-590115f01673c-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	icon-facebook.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	311 B 570 B	22ms 19ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icon-facebook.svg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash de133925b660ae2bcf6f7f675b1db8923d94a59b0606ea5413769466e1b6e520 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 264 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"137-590115f01673c-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	tnw-red.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	590 B 713 B	22ms 20ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/tnw-red.svg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 8dbf1ba8790c8ccd1b916234b18903da8ff6b0a5ac63d8c57384e86129a75063 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 264 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"24e-590115f06d5de-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	advertisement.js Show response thenextweb.com/wp-content/	27 B 356 B	131ms 128ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/advertisement.js Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 613ec1ebdc66e10b32c6273a1c6bb16f768de81820344596ac6501b70ed16b17 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip referrer-policy unsafe-url x-cacheable YES server nginx age 109057 etag W/"1b-591b5e5e4d416" x-frame-options SAMEORIGIN x-cache HIT content-type application/javascript status 200 x-xss-protection 1; mode=block cache-control public, max-age=5184000, must-revalidate strict-transport-security max-age=31536000; x-content-type-options nosniff
GET H2	200	app.min.js Show response cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/	264 KB 100 KB	27ms 24ms	Script application/javascript	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1567585357 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 43b3ba7f64ac8837e1fd59415f470eab89f60d89798c3326baa549056d1f5a2d Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 3 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"4208f-591b5e8619c5d-gzip" strict-transport-security max-age=31536000; content-type application/javascript cache-control public, max-age=5184000, must-revalidate
GET H2	200	bundle.js Show response thenextweb.com/wp-content/plugins/wordlift/js/dist/	3 KB 2 KB	136ms 135ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/plugins/wordlift/js/dist/bundle.js?ver=3.21.0 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash d21f48d025eb2ba45b79f7b0c022bdfb7265816cdad4f3aef2e0252b46a98b11 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109057 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 1312 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "d7b-591b5e5ea42b8-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	underscore.min.js Show response thenextweb.com/wp-includes/js/	16 KB 6 KB	124ms 124ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-includes/js/underscore.min.js?ver=1.8.3 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109057 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 5822 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "401a-591b5e6006a9e-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	facets.min.js Show response thenextweb.com/wp-content/plugins/elasticpress/dist/js/	2 KB 1 KB	124ms 123ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/plugins/elasticpress/dist/js/facets.min.js?ver=3.0.3 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 22b4a1e088e3899531742edae5d45f68f354230b926d5d6e9ded10b1766433c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109057 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 760 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "615-591b5e5e61c37-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	ping.js Show response www.stack-sonar.com/	8 KB 4 KB	117ms 28ms	Script application/javascript	13.35.253.122 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.stack-sonar.com/ping.js Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.122 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-122.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 0eb6f1e4c5cb64a2c39ae23dc0ef608dbed64449ac8eaf8c26d8121bc2412c0d Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:32:52 GMT content-encoding gzip last-modified Fri, 11 Jan 2019 21:55:30 GMT server AmazonS3 age 744 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id d_H1h-r0tvEMTe6Y1Hvdtq-O7qlePQZ5jEte0NINIzgggRWCKL39HA== via 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
GET H2	200	services.js Show response js.gumgum.com/	80 KB 30 KB	247ms 174ms	Script application/javascript	13.35.253.32 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://js.gumgum.com/services.js Requested by Host: massariuscdn.com URL: https://massariuscdn.com/pubs/tnw/tnw_adtech_setup.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-32.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 99ff3a87c4d29fd6e6f99549e60d7a2c1d12c2078314f0c05006b5e0a1c34bd6 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Sep 2019 19:26:03 GMT content-encoding gzip x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront status 200 x-amz-meta-version 3.14.1 last-modified Wed, 28 Aug 2019 19:10:42 GMT x-amz-meta-access-control-allow-origin * x-amz-meta-timing-allow-origin * server AmazonS3 vary Accept-Encoding x-amz-version-id ._y6SzNgFNHLlZnxkli7Qv1jchjvLEDh via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) cache-control max-age=7200 content-type application/javascript x-amz-cf-id ZBLvleTa_U4IO4GHrJ7M00H50WBOB4_IAhmLrGuj4O-cGmymrL2MIg==
GET H2	200	faktor.js Show response config-prod.choice.faktor.io/15b88d74-25fc-4361-9108-80f86132b019/	62 KB 18 KB	43ms 8ms	Script text/javascript	2600:9000:2057:1200:3:65d8:2640:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://config-prod.choice.faktor.io/15b88d74-25fc-4361-9108-80f86132b019/faktor.js Requested by Host: massariuscdn.com URL: https://massariuscdn.com/pubs/tnw/tnw_adtech_setup.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:1200:3:65d8:2640:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash c35ac6668b84daed6cacafb8438d54e93866e635187625d1d9cfecf6b20775ba Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id pWnAGBOL0IrJPpreSfcJyvsUakZ1cag7 content-encoding gzip last-modified Tue, 27 Aug 2019 15:19:49 GMT server AmazonS3 age 83634 date Wed, 04 Sep 2019 15:26:23 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript status 200 content-disposition attachment; filename="faktor.js" x-amz-cf-pop FRA6-C1 x-amz-cf-id gPViVPuRVMBYw3QcR10B27T0qH-vHInXVu737r5xuxTT9XCxn7KEZQ== via 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
GET H2	200	prebid.2.25.0-gridFix.js Show response massariuscdn.com/prod/	289 KB 85 KB	31ms 28ms	Script application/javascript	2606:4700:30::681b:8db9 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://massariuscdn.com/prod/prebid.2.25.0-gridFix.js Requested by Host: massariuscdn.com URL: https://massariuscdn.com/pubs/tnw/tnw_adtech_setup.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:8db9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7cec39cca706eb053fa357812a9a41ca7341a400a85d43fdd5ed222e1cde471c Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding br cf-cache-status HIT age 4992 cf-polished origSize=565073 status 200 last-modified Fri, 02 Aug 2019 08:26:06 GMT cf-bgj minify server cloudflare etag W/"5d43f39e-89f51" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-ray 5118f5188eb6cbd0-VIE expires Thu, 05 Sep 2019 15:10:16 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	39 KB 12 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:81a::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: massariuscdn.com URL: https://massariuscdn.com/pubs/tnw/tnw_adtech_setup.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 1d3f9c588a7988c34332a295c9bd427438c396f0bdaf2a01deb5d49510e66ca2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "269 / 210 of 1000 / last-modified: 1567692292" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39" content-length 12514 x-xss-protection 0 expires Thu, 05 Sep 2019 14:40:16 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	200 KB 37 KB	17ms 15ms	Script application/javascript	2a00:1450:4001:819::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash f241b224590f88b8284ff8fad0840eed3f1b760ebf906c9a2b634a3f9e491400 Security Headers Name Value X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding br last-modified Thu, 05 Sep 2019 12:00:00 GMT server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 37500 x-xss-protection 0 expires Thu, 05 Sep 2019 14:40:16 GMT
GET H2	200	wamfactory_dpm.wildcard.min.js Show response cstatic.weborama.fr/js/wam/customers/	7 KB 3 KB	92ms 20ms	Script text/javascript	93.184.221.133 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1567694416713 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (ama/8B5B) / Resource Hash d8b57412bff7e6474840d6da4534faa7eb3696dd6419cb97dc43ad2c066bc6f0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip last-modified Wed, 05 Apr 2017 10:37:19 GMT server ECAcc (ama/8B5B) status 200 etag "2383984225" vary Accept-Encoding x-cache HIT p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-type text/javascript content-length 2630 expires Thu, 12 Sep 2019 14:40:16 GMT
GET H2	200	ars-maquette-regular.woff cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/	37 KB 37 KB	73ms 33ms	Font application/font-woff	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/ars-maquette-regular.woff Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 3ae7369c5505d7e8e8127e757f7a34855e3c11613e49b44120c94c02258a3c9c Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 Origin https://thenextweb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 16190 x-cache HIT status 200 vary Accept-Encoding content-length 37684 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"9334-59103ee585118-gzip" strict-transport-security max-age=31536000; content-type application/font-woff access-control-allow-origin https://thenextweb.com cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	icons-sprite.svg cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	54 KB 10 KB	37ms 36ms	Image image/svg+xml	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/icons-sprite.svg?1520429355783 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 169b7364dbc7ec39c1854b8f3f32494fbc95b141256335e30277b2150c49a16e Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 264 x-cache HIT status 200 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"d9db-590115f01673c-gzip" strict-transport-security max-age=31536000; content-type image/svg+xml cache-control public, max-age=5184000, must-revalidate
GET H2	200	shentox-medium.woff2 cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/	42 KB 42 KB	80ms 46ms	Font text/plain	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/shentox-medium.woff2 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash ac2e2c8fe0330696cf6474134149236ff65ba54fcb1457f0c2ea57def07c2beb Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 Origin https://thenextweb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 2831 x-cache HIT status 200 content-length 42590 x-xss-protection 1; mode=block referrer-policy unsafe-url last-modified Wed, 28 Aug 2019 17:49:16 GMT server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "a65e-5913101f9894b" strict-transport-security max-age=31536000; access-control-allow-origin https://thenextweb.com accept-ranges bytes
GET H2	200	avalon-bold.woff cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/	26 KB 26 KB	102ms 68ms	Font application/font-woff	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/avalon-bold.woff Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 2617f853ce2aba81506f0216ea94dc22ef468b70d9487868ccf3cddf5bf0f0a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 Origin https://thenextweb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 16166 x-cache HIT status 200 vary Accept-Encoding content-length 26284 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"66ac-59103ee585118-gzip" strict-transport-security max-age=31536000; content-type application/font-woff access-control-allow-origin https://thenextweb.com cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	ars-maquette-bold-alt.woff cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/	39 KB 39 KB	93ms 59ms	Font application/font-woff	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/fonts/ars-maquette-bold-alt.woff Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 350b3fd2c9fd85e57d9b671154fe97578e582e74ee1fc8afa87062b1faf75a36 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 Origin https://thenextweb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 44 x-cache HIT status 200 vary Accept-Encoding content-length 40020 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag W/"9c54-59103ee5831d8-gzip" strict-transport-security max-age=31536000; content-type application/font-woff access-control-allow-origin https://thenextweb.com cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	wp-emoji-release.min.js Show response thenextweb.com/wp-includes/js/	12 KB 5 KB	124ms 124ms	Script application/javascript	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 109058 x-cache HIT status 200 strict-transport-security max-age=31536000; content-length 4382 x-xss-protection 1; mode=block referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN etag "2efa-591b5e6006a9e-gzip" vary Accept-Encoding content-type application/javascript cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	newsletter-boris.png cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/	48 KB 49 KB	19ms 19ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/img/newsletter-boris.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 7f07fbb55fb1ad77dd14fed3bfa4ebf29611f426a19b5e6ef19a1df9d1324da3 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/css/style.css?v=1567585350 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT x-content-type-options nosniff x-cacheable YES age 248 x-cache HIT status 200 content-length 49540 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "c184-590115f0176dc" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	17ms 16ms	Script application/javascript	2a00:1450:4001:81c::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=thenextweb.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	2a00:1450:4001:81c::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=thenextweb.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2019082701.js Show response securepubads.g.doubleclick.net/gpt/	158 KB 58 KB	33ms 32ms	Script text/javascript	216.58.210.2 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082701.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s07-in-f2.1e100.net Software sffe / Resource Hash d1d597a740d4b09db2d6491af33397944f7dddc5d7e21d95cb33066f2e747ca8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Aug 2019 11:19:55 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 59715 x-xss-protection 0 expires Thu, 05 Sep 2019 14:40:16 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	1 KB 1 KB	21ms 7ms	XHR application/json	2a04:4e42:1b::621 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20190905 Requested by Host: massariuscdn.com URL: https://massariuscdn.com/prod/prebid.2.25.0-gridFix.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash db71e1c81da8d499482f16a03ed023d6935dc67bce5846a154dca1d985686868 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-cache HIT, HIT status 200 content-length 747 etag W/"538-gxS3HRY7jOY1iEI2/CCMRPX+aqY" x-served-by cache-ams21038-AMS, cache-hhn4032-HHN date Thu, 05 Sep 2019 14:40:16 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHDDSC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 7003 date Thu, 05 Sep 2019 12:43:33 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 17803 expires Thu, 05 Sep 2019 14:43:33 GMT
GET H2	200	cmp.bundle.js Show response cmp.choice.faktor.io/dist/1.2/	214 KB 63 KB	41ms 7ms	Script application/javascript	2600:9000:2057:3600:14:816b:3900:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Requested by Host: config-prod.choice.faktor.io URL: https://config-prod.choice.faktor.io/15b88d74-25fc-4361-9108-80f86132b019/faktor.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:3600:14:816b:3900:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 3d3ab950c24b616e0561d96745f06823b9e2eb9437ceb01ff9949edd60a25b1c Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id LNSeLwtrIGKgaGx.JhNidio7r2p3zqQU content-encoding gzip last-modified Wed, 04 Sep 2019 09:40:00 GMT server AmazonS3 age 18013 date Thu, 05 Sep 2019 09:40:05 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public,max-age=86400 x-amz-cf-pop FRA6-C1 x-amz-cf-id ONeC7beSS-Sux9AiPiPZ7bOtNXe5vBaTD2Nb1hfC6mrZsIDrVu7FzQ== via 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
GET H/1.1	200	partner sync.search.spotxchange.com/ Redirect Chain https://sync.search.spotxchange.com/partner?source=204258 https://sync.search.spotxchange.com/partner?source=204258&__user_check__=1&sync_id=13f1d760-cfeb-11e9-bc4a-107c10e90a06 https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_sc https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELFpgdZ4m3TXuiti-taFZN8&google_cver=1 https://match.adsrvr.org/track/cmf/generic?ttd_pid=spotx&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=spotx&ttd_tpi=1 https://sync.search.spotxchange.com/partner?adv_id=7028&uid=8eaf4b9c-4e3a-4112-920d-edab8b58cd81&img=1 https://c1.adform.net/serving/cookie/match?party=30 https://c1.adform.net/serving/cookie/match?CC=1&party=30 https://sync.search.spotxchange.com/partner?adv_id=8459&uid=8217917924880701264&img=1 https://ad.sxp.smartclip.net/sync?type=host&dsp=48&dspuuid=13f1d70c-cfeb-11e9-bc4a-107c10e90a06&red=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8130%26uid%3D{UUID} https://ad.sxp.smartclip.net/sync?type=host&dsp=48&dspuuid=13f1d70c-cfeb-11e9-bc4a-107c10e90a06&red=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D8130%26uid%3D{UUID}&ang_testid=1 https://sync.search.spotxchange.com/partner?adv_id=8130&uid=5d42b110-7717-48ec-8ce3-29000bac532b https://sync.mathtag.com/sync/img?mt_exid=30&redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6653%26uid%3D%5BMM_UUID%5D https://sync.search.spotxchange.com/partner?adv_id=6653&uid=d7385d71-16fa-4900-ab93-99becc18b15d https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=XXEeUAAAFHlD1hKk&img=1 https://dsp.adfarm1.adition.com/cookie/?ssp=14 https://sync.search.spotxchange.com/partner?adv_id=7577&uid=6733196251170732173	43 B 526 B	22ms 21ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7577&uid=6733196251170732173 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 14:40:17 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 104 Connection keep-alive Content-Length 43 Redirect headers Location https://sync.search.spotxchange.com/partner?adv_id=7577&uid=6733196251170732173 Date Thu, 05 Sep 2019 14:40:17 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	external_ids_sync.html cstatic.weborama.fr/iframe/ Frame DCAA	0 0	20ms 19ms	Document text/html	93.184.221.133 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/iframe/external_ids_sync.html?d.r=1567694417001 Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1567694416713 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (ama/8B4B) / Resource Hash Request headers :method GET :authority cstatic.weborama.fr :scheme https :path /iframe/external_ids_sync.html?d.r=1567694417001 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-encoding gzip accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-type text/html date Thu, 05 Sep 2019 14:40:17 GMT etag "332064282" expires Thu, 12 Sep 2019 14:40:17 GMT last-modified Wed, 17 Jul 2019 10:06:40 GMT p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" server ECAcc (ama/8B4B) vary Accept-Encoding x-cache HIT content-length 1812
GET H2	204	/ wamfactory.solution.weborama.fr/rstream/ Redirect Chain https://wamfactory.solution.weborama.fr/stream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221%... https://wamfactory.solution.weborama.fr/rstream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221...	0 44 B	26ms 25ms	Image text/plain	130.211.8.7 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://wamfactory.solution.weborama.fr/rstream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221%22%2C%22url%22%3A%22https%253A%252F%252Fthenextweb.com%252Fsecurity%252F2019%252F09%252F02%252Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%252F%22%2C%22ref%22%3A%22%22%7D&d.r=1567694416998 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.8.7 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 7.8.211.130.bc.googleusercontent.com Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:14 GMT via 1.1 google server nginx/1.6.2 p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" status 204 cache-control no-store alt-svc clear Redirect headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT via 1.1 google server nginx/1.6.2 status 307 p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://wamfactory.solution.weborama.fr/rstream/?wamid=4925&Wvar=%7B%22tnw-keywords%22%3A%5B%22tech%22%5D%2C%22tnw-category%22%3A%5B%22thenextweb%22%5D%2C%22wamid%22%3A%224925%22%2C%22typ%22%3A%221%22%2C%22url%22%3A%22https%253A%252F%252Fthenextweb.com%252Fsecurity%252F2019%252F09%252F02%252Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%252F%22%2C%22ref%22%3A%22%22%7D&d.r=1567694416998 cache-control no-store content-type text/html; charset=utf-8 alt-svc clear content-length 459
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 926 B	6ms 6ms	Script text/javascript	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:21:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 1140 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 856 x-xss-protection 0 expires Thu, 05 Sep 2019 15:21:17 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:07:52 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 1945 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 1296 x-xss-protection 0 expires Thu, 05 Sep 2019 15:07:52 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 424 B	41ms 15ms	XHR application/json	2a00:1450:4001:814::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Thu, 05 Sep 2019 14:40:17 GMT content-encoding gzip x-content-type-options nosniff alt-svc quic=":443"; ma=2592000; v="46,43,39" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://thenextweb.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	200	article-sheet.php Show response thenextweb.com/wp-content/themes/cyberdelia/ajax/partials/	46 KB 9 KB	270ms 269ms	XHR application/json	104.130.220.65 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL https://thenextweb.com/wp-content/themes/cyberdelia/ajax/partials/article-sheet.php?frstPostId=1240282&idx=0&_=1567694416854 Requested by Host: cdn0.tnwcdn.com URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1567585357 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 104.130.220.65 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software nginx / Resource Hash 09172adcede2e38a8466013c5cffd31b3a3d79dff61b93fab334f4764efbc66c Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 05 Sep 2019 14:40:17 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES age 0 x-cache MISS status 200 strict-transport-security max-age=31536000; content-length 8360 x-xss-protection 1; mode=block pragma no-cache referrer-policy unsafe-url server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json cache-control no-store, no-cache, must-revalidate accept-ranges bytes
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 353 B	42ms 16ms	XHR application/json	2a00:1450:4001:824::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Thu, 05 Sep 2019 14:40:17 GMT content-encoding gzip x-content-type-options nosniff alt-svc quic=":443"; ma=2592000; v="46,43,39" server ESF status 200 x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://thenextweb.com access-control-expose-headers content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H/1.1	204 No Content	event api.stack-sonar.com/v1/	0 176 B	443ms 100ms	Image text/plain	3.216.35.15 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://api.stack-sonar.com/v1/event?ts=1567694416708&_v=1.1.5&_c=stack-connect-wp&_a=xbcLoqGe2L037SCrJ_Im4A&_f=169195037&_u=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&_r=&_x=0&_l=&_p=0&_z=1567694417092.619171047&_y=1567694417093.587953385&_t=1567694417&_s=send&_e=session-start Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.216.35.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-3-216-35-15.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 14:40:17 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx/1.12.1 Connection keep-alive Vary Origin
GET H2	200	Facebook_Alert-796x398-96x96.png cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2017/08/	3 KB 3 KB	21ms 19ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2017/08/Facebook_Alert-796x398-96x96.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 1c414e43aa05140ed6b0a932893b52fd1e44e7bf986379e86a413bfc03178051 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 45 x-cache HIT status 200 content-length 2657 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "a61-5576a73251437" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	58380498_313709929294933_6612449606456311808_n.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/04/	173 KB 174 KB	21ms 19ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/04/58380498_313709929294933_6612449606456311808_n.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash a29b871e5c5f14ef96826d18018ebc2eadbcf6e54f73a07776fa320343d87149 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 323 x-cache HIT status 200 content-length 177213 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "2b43d-58719a76d1415" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	android-phone-hed-96x96.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	3 KB 3 KB	45ms 43ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/android-phone-hed-96x96.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash e64eab60c04f6c94d4b0e8c3fe99857b34f60805a1fbacc244c6635c1fdb3eeb Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 28 x-cache HIT status 200 content-length 2924 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "b6c-591b8006f3c61" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	Amazon-Go-96x96.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2018/01/	4 KB 4 KB	45ms 43ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2018/01/Amazon-Go-96x96.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash ef61e4e5714ba0fde66710b70490da92738b4ec5da815b75a02bd17f71eac703 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 283 x-cache HIT status 200 content-length 3854 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "f0e-5635654dc7fcc" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	Android-10-96x96.png cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	3 KB 3 KB	45ms 44ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/Android-10-96x96.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash ba13b28d693bcb21f669241b711db35ccba75821543c11f3f66fe9f6cdfd32ad Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 140 x-cache HIT status 200 content-length 2717 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "a9d-591b3fd9495b5" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	brave-96x96.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2018/11/	4 KB 4 KB	46ms 44ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2018/11/brave-96x96.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash a352848d27ec187b867b778f84a451ebcb61c16ef713df1be941e45ea6ebf755 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 41 x-cache HIT status 200 content-length 3593 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "e09-57b57442b44bc" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	GIFs-emoji-search-96x96.jpg cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	3 KB 3 KB	29ms 19ms	Image image/jpeg	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/GIFs-emoji-search-96x96.jpg Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 9be9e7f4949c3ca60282dc08bf8e527e032ee7aac6d36455c5a3704255f12f9a Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 110 x-cache HIT status 200 content-length 2829 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "b0d-591cd119a80e3" strict-transport-security max-age=31536000; content-type image/jpeg cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	Switch-SNES-96x96.png cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	6 KB 6 KB	24ms 20ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/Switch-SNES-96x96.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 336c925e1082116b4f45696ee00909229a0b350f631ff75254de96a94474498b Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 18 x-cache HIT status 200 content-length 6007 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "1777-591ccdeb08f5e" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	iPadmac-96x96.png cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	6 KB 6 KB	23ms 21ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/iPadmac-96x96.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 0f47f412748b0147b809b8aec57a489b8a0c82591ecfe0d67d3e3d451109fbdf Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 224 x-cache HIT status 200 content-length 6190 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "182e-591cb49499cef" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	fossil-watch-header-image-cheap-96x96.png cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/	7 KB 7 KB	23ms 21ms	Image image/png	108.161.188.228 Highwinds Network...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.tnwcdn.com/wp-content/blogs.dir/1/files/2019/09/fossil-watch-header-image-cheap-96x96.png Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.188.228 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash e847f2e4ea734d2264d3c267b2656d5faeb752dd589b6374db7ad7918a3b5a92 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff x-cacheable YES age 210 x-cache HIT status 200 content-length 7270 x-xss-protection 1; mode=block referrer-policy unsafe-url server NetDNA-cache/2.2 x-frame-options SAMEORIGIN etag "1c66-591ca89add29a" strict-transport-security max-age=31536000; content-type image/png cache-control public, max-age=5184000, must-revalidate accept-ranges bytes
GET H2	200	data Show response geo.choice.faktor.io/	3 B 461 B	8ms 7ms	Fetch binary/octet-stream	2600:9000:2057:f000:b:caaa:6c0:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://geo.choice.faktor.io/data Requested by Host: cmp.choice.faktor.io URL: https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:f000:b:caaa:6c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Access-Control-Allow-Origin * Accept application/json Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Content-Type application/json Response headers x-amz-version-id 3rVfjxQtTX9Tp7Tv8nLRzOJdJC2qARMB via 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront) etag "8a80554c91d9fca8acb82f023de02f11" age 54438 x-cache Hit from cloudfront status 200 content-length 3 last-modified Thu, 04 Jul 2019 12:18:12 GMT server AmazonS3 date Thu, 05 Sep 2019 07:34:57 GMT access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control 604800 x-amz-cf-pop FRA6-C1 accept-ranges bytes x-amz-cf-id GEluPX9tbo0Jih6fTRBZk7EGoFOHsFHHdEqHgRqGBc35Jko10_BP6Q==
GET H2	200	services Show response g2.gumgum.com/zones/avcbnbt4/	310 B 594 B	150ms 50ms	XHR application/json	54.76.31.118 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/zones/avcbnbt4/services?dp=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&pu=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&ogu=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&rf=&r=3.14.1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%7D&ns=9933&bf=4a0da1960356c914dabcb254970ddebfb3e6605a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1567694417160&to=-120&vpii=false&vph=1200&vpw=1600 Requested by Host: js.gumgum.com URL: https://js.gumgum.com/services.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-76-31-118.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash fc37372e25f95f47ff2a66bc3e635a3cee5024b2d41ef77e9504c040eeec76f5 Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT content-encoding gzip server nginx p3p CP="This is not a P3P policy" status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://thenextweb.com access-control-allow-credentials true timing-allow-origin *
POST H2	200	collect www.google-analytics.com/	35 B 129 B	15ms 14ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	56 KB 21 KB	26ms 24ms	Script application/javascript	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-KWW25VS&t=primary&cid=1131588022.1567694417&aip=true Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 292da7b7b48959ac31b3b17eab1c0afe550b7243da4d42d9aaaa628dd57cba25 Security Headers Name Value X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:17 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 21576 x-xss-protection 0 expires Thu, 05 Sep 2019 14:40:17 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&gjid=2006171015&_gid=162216671.1567694417&_u=aGBAgUArQAQC~&z=1292424705 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705&slf_rd=1&random=3066530691	42 B 109 B	51ms 30ms	Image image/gif	2a00:1450:4001:81e::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705&slf_rd=1&random=3066530691 Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=981054316&_v=j79&z=1292424705&slf_rd=1&random=3066530691 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	faktor-portal.html cmp.choice.faktor.io/dist/1.2.18/ Frame 6C8E	0 0	10ms 9ms	Document text/html	2600:9000:2057:3600:14:816b:3900:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cmp.choice.faktor.io/dist/1.2.18/faktor-portal.html Requested by Host: cmp.choice.faktor.io URL: https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:3600:14:816b:3900:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority cmp.choice.faktor.io :scheme https :path /dist/1.2.18/faktor-portal.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-type text/html content-length 95 last-modified Wed, 04 Sep 2019 09:39:59 GMT x-amz-version-id Hi7RRSgLxUa3ERr2sXgCMa5efjsRwX5z accept-ranges bytes server AmazonS3 date Thu, 05 Sep 2019 09:40:10 GMT etag "74b5c41db63c6b260a22cdfb19d6a3f1" cache-control public,max-age=86400 x-cache Hit from cloudfront via 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id E6N0tV1GvlcFv5O29is7j5IotFZf4CmASdUJWrDVaYkVP45L-ATMAw== age 18013
POST H2	200	collect www.google-analytics.com/r/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/r/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	16ms 16ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	14ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	15ms 14ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	portal.html cmp.faktor.mgr.consensu.org/dist/1.2.18/ Frame 1C31	0 0	49ms 6ms	Document text/html	2600:9000:2057:8a00:17:c3b0:1cc0:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cmp.faktor.mgr.consensu.org/dist/1.2.18/portal.html?vendorListLocation=https://vendorlist.consensu.org/vendorlist.json Requested by Host: cmp.choice.faktor.io URL: https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:8a00:17:c3b0:1cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority cmp.faktor.mgr.consensu.org :scheme https :path /dist/1.2.18/portal.html?vendorListLocation=https://vendorlist.consensu.org/vendorlist.json pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-type text/html content-length 88 last-modified Wed, 04 Sep 2019 09:39:59 GMT x-amz-version-id Pzz2MaEsZFs7XOh2.9M2bJ2WFnZpWdUc accept-ranges bytes server AmazonS3 date Thu, 05 Sep 2019 09:40:05 GMT etag "c96bdb42207feefe770178d23ce009ca" cache-control public,max-age=86400 x-cache Hit from cloudfront via 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id ByB_BnxZq8m7jnSSfONhbE2pBubDB8aNsfkidZMUB8vbdRCcZK6pfg== age 68356
GET H2	200	additional-vendors.json Show response vendors.choice.faktor.io/1.2/	23 KB 24 KB	9ms 8ms	Fetch application/json	2600:9000:20bb:b200:15:6da7:f000:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://vendors.choice.faktor.io/1.2/additional-vendors.json Requested by Host: cmp.choice.faktor.io URL: https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20bb:b200:15:6da7:f000:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 1214fabaca41a2217f5e38baae5ef68cfde123254d30219530ec0454b64f692c Request headers Access-Control-Allow-Origin * Accept application/json Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode cors Content-Type application/json Response headers x-amz-version-id Ecfk8o9uUq2VKDu.SN1FSYikRTAG7HLA via 1.1 be3a2ea70ea68d04665ee5db91a73443.cloudfront.net (CloudFront) etag "0f0abeb428a5ad9d695779ba05ee6d1b" age 1719 x-cache Hit from cloudfront status 200 content-length 23945 last-modified Wed, 21 Aug 2019 14:11:37 GMT server AmazonS3 date Thu, 05 Sep 2019 14:11:59 GMT access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public,max-age=86400 x-amz-cf-pop FRA56 accept-ranges bytes x-amz-cf-id QXguMsYrqEGAcE15pv5__0A_NcxM-6UVPutha9mY1kKomGxfYY9t4w==
GET H2	200	index.html cw.choice.faktor.io/dist/1.2.18/ Frame 35D9	0 0	49ms 6ms	Document text/html	2600:9000:2057:6200:1b:aff3:7600:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cw.choice.faktor.io/dist/1.2.18/index.html Requested by Host: cmp.choice.faktor.io URL: https://cmp.choice.faktor.io/dist/1.2/cmp.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:6200:1b:aff3:7600:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority cw.choice.faktor.io :scheme https :path /dist/1.2.18/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br cookie 758f1947-7a1d-45c6-908c-d18e1ba9f832faktorId=290e5bac-bf6f-4b71-bcda-e02a6de2c542 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-type text/html content-length 593 last-modified Wed, 04 Sep 2019 09:33:59 GMT x-amz-version-id mjHOCFKTkdSo516HY1cGXY0c7v0E6v31 server AmazonS3 date Thu, 05 Sep 2019 09:40:04 GMT cache-control public,max-age=86400 etag "ff6dbc32278b1c20d238bd89f9ea4203" x-cache Hit from cloudfront via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id GwQsAhK3XacVNbEQyZe1XKFFMl7ibQq9DfiRvYkTCGzLEePtspKsiA== age 18013
POST H2	200	collect www.google-analytics.com/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	15ms 15ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	14ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	14ms 14ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	13ms 13ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&gjid=2098438408&_gid=162216671.1567694417&_u=aHDAgUArQAQC~&z=757754610 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610&slf_rd=1&random=3513622464	42 B 109 B	32ms 31ms	Image image/gif	2a00:1450:4001:81e::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610&slf_rd=1&random=3513622464 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-729494-4&cid=1131588022.1567694417&jid=688363148&_v=j79&z=757754610&slf_rd=1&random=3513622464 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	14ms 14ms	Other image/gif	2a00:1450:4001:825::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://thenextweb.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: cdn0.tnwcdn.com URL: https://cdn0.tnwcdn.com/wp-content/themes/cyberdelia/assets/js/app.min.js?v=1567585357 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 970415f537642e167f8a935c5de3ca814d72a7770fa995124a26518bce116fde Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 71LFkeT7y4SVTKLgr8X6dg== status 200 content-length 1780 etag "45bd5fd3500a0dcefe40e40176a5a297" x-fb-debug B7Xs2dGvd7W8EJ9t/G4oZ1bfyV7tZA4JUzVi3NS4SVwC89uhSM/woLtA8iHc62sHkSAD5yBX+VXo1aPSnnxiAg== x-fb-trip-id 194532234 x-fb-content-md5 9b586bb79eec28d1036d6bbfea66d8ad x-frame-options DENY date Thu, 05 Sep 2019 14:40:19 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Thu, 05 Sep 2019 14:53:29 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	200 KB 60 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=6c25c1b6dc159a17e123c532b7250b0a&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash a0c2c644e305d395f223823d62abe453ba837355bae3076c6850f0005b1083ad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Origin https://thenextweb.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 VGBA/YqPCe+bnvNWW/1LbQ== status 200 content-length 60750 etag "48040d2b2f88edee2e1acb7facffe6c1" x-fb-debug pWI6lC/nHI5RR+0Y0d/Zx/N6/vFXMVBWnRVdxM12lb8C3LXBbv9m8XtjBbBsirbU7fKpp0gjmgwBr5H+SxGMbw== x-fb-trip-id 194532234 x-fb-content-md5 b5dc108db0bfedeeb516b7f4db3de9eb x-frame-options DENY date Thu, 05 Sep 2019 14:40:19 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Fri, 04 Sep 2020 13:44:29 GMT
GET H2	200	xd_arbiter.php staticxx.facebook.com/connect/ Frame F63F	0 0	7ms 6ms	Document text/html	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://staticxx.facebook.com/connect/xd_arbiter.php?version=44 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=6c25c1b6dc159a17e123c532b7250b0a&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority staticxx.facebook.com :scheme https :path /connect/xd_arbiter.php?version=44 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-encoding br content-type text/html; charset=utf-8 strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0 expires Fri, 04 Sep 2020 11:18:47 GMT cache-control public,max-age=31536000,immutable x-fb-debug 6g1O0KcRj0XB5vJ+WLuj11lf4VtKl5K4v5LDRl9ob2n+KX6FGLdYAA7mNq2w3hC8k+gqWTI1tSOdPT2eh7YqUg== content-length 11678 x-fb-trip-id 194532234 date Thu, 05 Sep 2019 14:40:19 GMT
GET H2	200	save.php www.facebook.com/v2.6/plugins/ Frame E817	0 0	58ms 55ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v2.6/plugins/save.php?app_id=237724236390598&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df92491541b6ec%26domain%3Dthenextweb.com%26origin%3Dhttps%253A%252F%252Fthenextweb.com%252Ff1e53eb714b46dc%26relation%3Dparent.parent&container_width=0&locale=en_US&sdk=joey&size=large&uri=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=6c25c1b6dc159a17e123c532b7250b0a&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /v2.6/plugins/save.php?app_id=237724236390598&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df92491541b6ec%26domain%3Dthenextweb.com%26origin%3Dhttps%253A%252F%252Fthenextweb.com%252Ff1e53eb714b46dc%26relation%3Dparent.parent&container_width=0&locale=en_US&sdk=joey&size=large&uri=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache strict-transport-security max-age=15552000; preload content-encoding br timing-allow-origin * content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; vary Accept-Encoding x-content-type-options nosniff facebook-api-version v2.10 x-xss-protection 0 content-type text/html; charset="utf-8" x-fb-debug KMf1ea/KRO5+CdlBbl2xcVONg5GUbIdFAbvCAnqzOFtOkn53M/UbEALCvgdJMbMyqgqe/p91NhDD8C5Pj2X7Ng== date Thu, 05 Sep 2019 14:40:19 GMT
GET H2	200	inscreen Show response g2.gumgum.com/	133 B 453 B	52ms 52ms	XHR application/json	54.76.31.118 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/inscreen?pu=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&ogu=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&rf=&pv=4341fc32-3d7a-453e-9ac6-21c86e1c9ea1&r=3.14.1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%7D&ns=9933&bf=4a0da1960356c914dabcb254970ddebfb3e6605a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1567694421018&to=-120&vpii=false&vph=1200&vpw=1600&t=avcbnbt4&sqc=1 Requested by Host: js.gumgum.com URL: https://js.gumgum.com/services.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-76-31-118.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c9001839db75ac6ceeb8fa0678b79461edd10a91004eddd180050c720ec032a9 Request headers Sec-Fetch-Mode cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 14:40:21 GMT content-encoding gzip server nginx p3p CP="This is not a P3P policy" status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://thenextweb.com access-control-allow-credentials true timing-allow-origin *
GET H/1.1	200 OK	p2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-... https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring...	43 B 309 B	27ms 26ms	Image image/gif	23.5.97.37 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&c8=Fraudsters%20deepfake%20CEO%27s%20voice%20to%20trick%20manager%20into%20transferring%20%24243%2C000&c9=&cv=2.0&cj=1&ns__t=1567694421020 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-5-97-37.deploy.static.akamaitechnologies.com Software / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Request headers Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Sep 2019 14:40:21 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=3&c4=avcbnbt4&c7=https%3A%2F%2Fthenextweb.com%2Fsecurity%2F2019%2F09%2F02%2Ffraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000%2F&c8=Fraudsters%20deepfake%20CEO%27s%20voice%20to%20trick%20manager%20into%20transferring%20%24243%2C000&c9=&cv=2.0&cj=1&ns__t=1567694421020 Pragma no-cache Date Thu, 05 Sep 2019 14:40:21 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	digitrust.min.js Show response cdn.digitru.st/prod/1/	41 KB 11 KB	78ms 21ms	Script application/javascript	159.180.84.2 Instart Logic
General Check archive.org Show headers Download Go to Full URL https://cdn.digitru.st/prod/1/digitrust.min.js Requested by Host: js.gumgum.com URL: https://js.gumgum.com/services.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.84.2 Hollywood, United States, ASN33047 (INSTART - Instart Logic, Inc, US), Reverse DNS Software DTOrigin / Resource Hash d84f94c99f3e71dd23ead1bd556e52c38eeb6b917185118a5564bb98e94bda0f Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 08:42:11 GMT content-encoding gzip last-modified Thu, 18 Jul 2019 16:37:13 GMT server DTOrigin etag "76bcf048985b42b1ec2dd798a5b46db3" status 200 p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin * cache-control max-age=86400 x-instart-request-id 5585080717240451924:NZF01-CPVNPPRY13:1567694421:0 x-instart-cache-id 12:8859890484731141677::1567672931 accept-ranges bytes content-type application/javascript content-length 10867 expires Fri, 06 Sep 2019 08:42:11 GMT
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/ Frame 6C96	12 KB 6 KB	124ms 30ms	Script application/x-javascript	91.228.74.224 Quantcast Corpora...
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: thenextweb.com URL: https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.224 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US), Reverse DNS Software QS / Resource Hash 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 14:40:21 GMT Content-Encoding gzip Last-Modified Thu, 05-Sep-2019 14:40:21 GMT Server QS ETag M0-e2b9884a Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Connection keep-alive Content-Length 5456 Expires Thu, 12 Sep 2019 14:40:21 GMT
GET H2	200	dt.html cdn.digitru.st/prod/1.5.35/ Frame AC45	0 0	20ms 20ms	Document text/html	159.180.84.2 Instart Logic
General Check archive.org Show headers Download Go to Full URL https://cdn.digitru.st/prod/1.5.35/dt.html Requested by Host: cdn.digitru.st URL: https://cdn.digitru.st/prod/1/digitrust.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.180.84.2 Hollywood, United States, ASN33047 (INSTART - Instart Logic, Inc, US), Reverse DNS Software DTOrigin / Resource Hash Request headers :method GET :authority cdn.digitru.st :scheme https :path /prod/1.5.35/dt.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ Response headers status 200 content-type text/html content-length 1295 expires Fri, 06 Sep 2019 08:42:11 GMT last-modified Thu, 18 Jul 2019 16:37:13 GMT cache-control max-age=86400 content-encoding gzip date Thu, 05 Sep 2019 08:42:11 GMT accept-ranges bytes etag "aba9b97256730cf45ebcafc50cfc8285" x-instart-cache-id 9:194174029718384532::1567672931 x-instart-request-id 14705874653583441851:NZF01-CPVNPPRY13:1567694421:0 p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin * server DTOrigin
GET H2	200	digitrust g2.gumgum.com/visitor/	35 B 237 B	42ms 41ms	Image image/gif	54.76.31.118 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://g2.gumgum.com/visitor/digitrust?dti=BpljEBz%2FNKiyF9PnwMVTyJ%2Fu9rH8X37XQP2XuGPtcVqyxRslWkfVUnUEvn4C137mepIiZBCfdBlWQQ0FZC5Qw0O6vnMNB7pk3O950epKy56fvsS87%2F5AHuNlUHL0jwoQQDpxfX9UTNvqw2tHrEgHZr2W7UfBPgCsPoFYzzcjYz3wDEqrxoIUPGYGIvHuNoJbWc9zNZk%2BzffnDm%2BqagRS2I%2B6nBp8nc5DtreOYDsHuQjLvOkFQSZD0ZnBcJpPOgmsjxLM%2FY2POwFdOeZA%2Ft9jaAEfmuEEj02GlN2Uv1wPzYbldL7ncUHWXte3Ft6SNc4NsepsgU1A0%2BOwE6Uhj3lGeQ%3D%3D&dtk=4&domain=thenextweb.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-76-31-118.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:21 GMT content-type image/gif;charset=UTF-8 server nginx p3p CP="This is not a P3P policy" status 200 cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-length 35 expires 0
GET H2	200	digitrust g2.gumgum.com/visitor/	35 B 237 B	43ms 42ms	Image image/gif	54.76.31.118 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://g2.gumgum.com/visitor/digitrust?dti=KjOXOx3wIvjRoZ9ff0WxQvGsgotSfpXFTnmxVppF88JJA9sXNTGQtwXFrz%2FugVAbUmhj9v7PfUV5cYJJotU6y15hwCHmFjGaSJDSruCcGU0odSvNt4ncSPEzfC7mFJpvUebBAZG4MhXzsYvpgNmjLp%2FumMGPhQ%2Fhv6%2FRtiegDQG8eGNNDzxKo%2BZe%2FcEtJIQIkW3qfeduVIFeGyQmyJTxCzckj%2FU14fxegKrrv7HZAMmhyqGBrz9eSQEVmW6jmJvFuwofmNSETFPlvDKBeO0KUqUBQN2ONlOliKAq9gjr4U19e9Dz1v49RbbiNTVVfE5q5sTCiLPPLwwc%2BLSvRBUGVQ%3D%3D&dtk=4&domain=thenextweb.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.31.118 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-76-31-118.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 05 Sep 2019 14:40:21 GMT content-type image/gif;charset=UTF-8 server nginx p3p CP="This is not a P3P policy" status 200 cache-control private, no-store, must-revalidate, max-age=0 timing-allow-origin * content-length 35 expires 0
GET H2	200	rules-p-00TsOkvHvnsZU.js Show response rules.quantcount.com/ Frame 6C96	3 B 354 B	6ms 6ms	Script application/x-javascript	2600:9000:20bb:4400:6:44e3:f8c0:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20bb:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Sec-Fetch-Mode no-cors Referer https://thenextweb.com/security/2019/09/02/fraudsters-deepfake-ceos-voice-to-trick-manager-into-transferring-243000/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Sep 2019 02:12:36 GMT via 1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront) last-modified Sat, 04 Mar 2017 19:30:30 GMT server AmazonS3 age 45081 etag "8a80554c91d9fca8acb82f023de02f11" x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=86400 x-amz-cf-pop FRA56 accept-ranges bytes content-length 3 x-amz-cf-id mbXMxuuosuS9jeIa1GOUOhmhcurM-8E3w7Mf2oHXxig0zlj46xn86g==