URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Submission: On March 11 via api from US

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 74 HTTP transactions. The main IP is 13.226.159.17, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on November 23rd 2020. Valid for: a year.
This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 13.226.159.17 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2406:da00:ff0... 14618 (AMAZON-AES)
1 13.226.159.33 16509 (AMAZON-02)
3 104.108.145.172 16625 (AKAMAI-AS)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 23.37.53.17 16625 (AKAMAI-AS)
1 35.201.93.216 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 209.234.224.20 395162 (MOD-PTC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.10.67.84 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.226.158.149 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.58.24 16509 (AMAZON-02)
5 65.9.96.69 16509 (AMAZON-02)
1 13.226.159.80 16509 (AMAZON-02)
1 136.243.25.85 24940 (HETZNER-AS)
2 13.32.21.93 16509 (AMAZON-02)
1 136.243.25.122 24940 (HETZNER-AS)
2 99.83.181.31 16509 (AMAZON-02)
74 28
Domain Requested by
18 www.reuters.com www.reuters.com
www.googletagmanager.com
13 cdn.cookielaw.org www.reuters.com
cdn.cookielaw.org
5 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.reuters.com
3 sb.scorecardresearch.com 1 redirects www.reuters.com
2 onetag-geo-grouping.s-onetag.com signal-beacon.s-onetag.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 ad.wsod.com www.reuters.com
ad.wsod.com
2 experience.tinypass.com www.reuters.com
cdn.tinypass.com
2 tru.am www.googletagmanager.com
tru.am
2 z.moatads.com www.reuters.com
z.moatads.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 expepp.de
1 qivaiw.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 get.s-onetag.com www.reuters.com
1 www.google.de www.reuters.com
1 www.google.com www.reuters.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.segment.com www.reuters.com
1 cdn.tinypass.com experience.tinypass.com
1 px.moatads.com www.reuters.com
1 mb.moatads.com z.moatads.com
1 gwiqcdn.globalwebindex.net www.reuters.com
1 cdn.adsafeprotected.com www.reuters.com
1 usasync01.admantx.com www.reuters.com
1 www.googletagmanager.com www.reuters.com
74 29
Subject Issuer Validity Valid
www.reuters.com
COMODO RSA Organization Validation Secure Server CA
2020-11-23 -
2021-11-23
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.admantx.com
SSL.com RSA SSL subCA
2019-03-29 -
2021-06-25
2 years crt.sh
*.adsafeprotected.com
Amazon
2020-08-19 -
2021-09-18
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
gwiqcdn-v3.globalwebindex.net
GTS CA 1D2
2021-01-18 -
2021-04-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-20 -
2021-07-20
a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA
2020-09-17 -
2021-09-17
a year crt.sh
www.wsod.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-06 -
2022-01-10
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2021-02-12 -
2022-02-11
a year crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA
2019-03-12 -
2021-06-10
2 years crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA
2020-06-12 -
2021-07-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-17 -
2021-05-12
3 months crt.sh
www.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.s-onetag.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
qivaiw.com
R3
2021-02-18 -
2021-05-19
3 months crt.sh
expepp.de
R3
2020-12-30 -
2021-03-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Frame ID: 62B51DD10B26AF729B806242740B3BDB
Requests: 74 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: D2DF390E03FB1ECD5EE879A0CB242B98
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

74
Requests

100 %
HTTPS

44 %
IPv6

21
Domains

29
Subdomains

28
IPs

4
Countries

1688 kB
Transfer

5858 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&c9=&cs_ak_ss=1

74 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request deepfake-used-to-attack-activist-couple
www.reuters.com/article/us-cyber-deepfake-activist/
241 KB
52 KB
Document
General
Full URL
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2efd93040e41e6d1117fb6d003ac31681047db53240098e8175ecca6985005f2

Request headers

:method
GET
:authority
www.reuters.com
:scheme
https
:path
/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
content-language
en
date
Thu, 11 Mar 2021 20:06:25 GMT
raptor_app_version
v1.31.4
server
nginx
x-cacheable
YES: default
vary
Accept-Encoding
x-cache
Error from cloudfront
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
T66EzKMr2su1ShEpHbWKUuTmzR81eK6fxhRrjaB5TvuFwmAKZmxmiQ==
age
0
_app.b3cdf4b1.chunk.css
www.reuters.com/article/_next/static/css/pages/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ff5f9e2db7793f67bfc6158b3ea94c6958f3b8120743f2fe907aa23a7b0ca00b

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
21
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
1335
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css; charset=UTF-8
x-amz-cf-id
HDxJm9AbCgD-VhRuq4Y_75dz7BNZaDqkWn9GQ64hVenaFd2eWX929A==
ArticlePage.abdcb66b.chunk.css
www.reuters.com/article/_next/static/css/pages/
124 KB
20 KB
Stylesheet
General
Full URL
https://www.reuters.com/article/_next/static/css/pages/ArticlePage.abdcb66b.chunk.css
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
bd4abcdfbc6f184a42e868c80bc92fe49af52d777c0ebc5a7ebbc43e22db31bf

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
2
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
19708
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css; charset=UTF-8
x-amz-cf-id
VkDDzxzOjUnXPDMuauI5Cc4bnxZi2J0psRF96aK0y_Ud4ux-qGUaBQ==
main-37e54b5e39d310aabe58.js
www.reuters.com/article/_next/static/chunks/
184 KB
58 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/chunks/main-37e54b5e39d310aabe58.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
eb199f1ad937a5ee84b011e2b16c83687a13a30bdcf641edde15134aeb138388

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
34
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
58761
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
aTca8U5kCvGKIyTNZGGIMleZxgPb_9NmXZ-5KYOlVWlQzaG37rg7LQ==
webpack-d9bb0cfd3285b55104f8.js
www.reuters.com/article/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/chunks/webpack-d9bb0cfd3285b55104f8.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
778754c715bf3fa9f2f9721caf738a214abb29affd1c74b10c64bee132f6289b

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
46
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
1615
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
9b8Dnoo306FAgU0n1rvvJTPYBWepGMszxUKdddM7wkr9uU1l-44g1g==
_app-42dc15587581d896b6cc.js
www.reuters.com/article/_next/static/chunks/pages/
452 KB
140 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/chunks/pages/_app-42dc15587581d896b6cc.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
75ca2415b9c5b0c3e440d95294182509b9dca7843380ac0e5fb2fdae1613adde

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
59
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
142787
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
gLSq1MgYINFzTtOxgwmtuwHqTPOCtb5UfSXGXJksHJ12y9fz3kDAhQ==
ArticlePage-202a909ca8e343de60b8.js
www.reuters.com/article/_next/static/chunks/pages/
833 KB
238 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/chunks/pages/ArticlePage-202a909ca8e343de60b8.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
18b521e6f94f2e8ddb61a588cccc3a4e7e9674781309d5bec9d0d53e79c66a17

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
32
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
243058
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
dpBOkba6vAkKGK7n30GZeeZ6CAinvTC_b0E_A0yQAg1SiyZ9JGByqg==
bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
www.reuters.com/article/_next/static/scripts/
23 KB
8 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
4fe04752843efe8b29178b77414555295dca770cd0f7872fdc708d85d34ec3a5

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-cacheable
YES: default
age
8
x-cache
Miss from cloudfront
raptor_app_version
v1.31.4
content-length
8074
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
vary
Accept-Encoding
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
UnwaU50pw29OFQOnMhrASZKbv9qM1sdaWndefhi04iSjljw5Tprrow==
gtm.js
www.googletagmanager.com/
241 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60fff15e2cccdc15a2846afa6815b0c0c8797a66056dd794ee897115ad4a1630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68477
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 20:06:25 GMT
_buildManifest.js
www.reuters.com/article/_next/static/v1.31.4/
793 B
1 KB
Script
General
Full URL
https://www.reuters.com/article/_next/static/v1.31.4/_buildManifest.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
4933f2c8117d9a8e6a2f2d0fef4922779275694a111f4470c4a278375f2a7efb

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
9
x-cacheable
YES: default
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
793
x-amz-cf-id
Spw4L6vDDTCoylp-6jTB8w0sS-G1TJPTSIUCAWmb89XXbKV2nrgzzA==
_ssgManifest.js
www.reuters.com/article/_next/static/v1.31.4/
76 B
462 B
Script
General
Full URL
https://www.reuters.com/article/_next/static/v1.31.4/_ssgManifest.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
0
x-cacheable
YES: default
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
76
x-amz-cf-id
o_5O8LRQfgOiwBhzPiayOobEX4eL9qvPqmVHhJcRbnqZehouqKfBiQ==
service
usasync01.admantx.com/admantx/
189 B
385 B
XHR
General
Full URL
https://usasync01.admantx.com/admantx/service?request=%7B%22key%22%3A%22234330834c41105ad5ed794fa036e085b40225c44f9228bb9e2692f427917605%22%2C%20%22decorator%22%3A%22template.reuters_ss%22%2C%20%22filter%22%3A%5B%22default%22%5D%2C%20%22method%22%3A%22descriptor%22%2C%20%22mode%22%3A%22async%22%2C%20%22type%22%3A%22URL%22%2C%20%22body%22%3A%22%22%7D
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::b849:d716 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
43a71c26c4a035e0a3ff30e4527c3712a4c1c75a170fbe5e20ce009c173a16af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 Mar 2021 20:06:26 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
189
Content-Type
text/plain; charset=UTF-8
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 01:53:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 08 Jul 2020 20:34:30 GMT
Server
AmazonS3
Age
65579
ETag
W/"a8663f72a1dbe614b19f167a59af368d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
XU2bCry7sfdgZf3gpOE_ImmZF3C0jwXv9OXBAuFolmjUAhau4wG8uw==
moatheader.js
z.moatads.com/reutersheader194883552024/
222 KB
77 KB
Script
General
Full URL
https://z.moatads.com/reutersheader194883552024/moatheader.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7b9dcdc47d57621c246b26131d859067c63b33212211b59d0836d3e63fd08cab

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 22:20:18 GMT
server
AmazonS3
x-amz-request-id
0YFQ6S6RAJAX1GFY
etag
"b26d380ae64d65567beec85232193baa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59738
accept-ranges
bytes
content-length
78320
x-amz-id-2
j0x4flKIVuu/8mExMjYoZ+S2YOrU9GNBl8iPP5c83cyFQYAw3h74R6/NVZxkDGrBx5YZO0ZR8RY=
cmp.stub.js
cdn.cookielaw.org/consent/
906 B
930 B
Script
General
Full URL
https://cdn.cookielaw.org/consent/cmp.stub.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142c96e3a6e08865a80eb37537f9688fd449c0d9655dabcea8488f0e4844bfd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fmld/hbHJY2/VR7APngRag==
age
6058
vary
Accept-Encoding
cf-request-id
08c47ed88f00004ea463836000000001
x-ms-lease-status
unlocked
last-modified
Tue, 09 Mar 2021 13:15:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cd10c60d-701e-009e-5eef-14a1a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
62e7673a7ca34ea4-FRA
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
16 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8g79L9PKY/vudZazgfW0YA==
age
6060
vary
Accept-Encoding
content-length
5578
cf-request-id
08c47ed8a000004ea4bb3ad000000001
x-ms-lease-status
unlocked
last-modified
Tue, 09 Mar 2021 13:15:40 GMT
server
cloudflare
etag
0x8D8E2FD6FDFFD2E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
80b7e416-e01e-017a-40ef-14f4fe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673a9ce24ea4-FRA
38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test.json
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test/38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fa457de95d295332c16161fc697a73f1c5b55fcc75a3d64563bcf4e8116953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
Cb2mocEwGXoWt1LQe7PRDg==
content-length
1371
cf-request-id
08c47ed8b800002c52ff377000000001
x-ms-lease-status
unlocked
last-modified
Thu, 04 Feb 2021 12:12:52 GMT
server
cloudflare
etag
0x8D8C906326DE287
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2ef2f7ac-f01e-016e-28b2-16379a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
cf-ray
62e7673abf692c52-FRA
knowledge-regular-688baa6ec8576871229e082dcd4b4c5a.woff
www.reuters.com/article/_next/static/fonts/
49 KB
50 KB
Font
General
Full URL
https://www.reuters.com/article/_next/static/fonts/knowledge-regular-688baa6ec8576871229e082dcd4b4c5a.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50

Request headers

Origin
https://www.reuters.com
Referer
https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:03:55 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
164
x-cacheable
YES: default
x-cache
Hit from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff
content-length
50360
x-amz-cf-id
sLhqaDeUj0YJC2E0kzwpUvfReqF9awinoa-AAoG32lai-nWQ6MkNwA==
knowledge-medium-cb99300d7588193b6c012888b94697ec.woff
www.reuters.com/article/_next/static/fonts/
49 KB
50 KB
Font
General
Full URL
https://www.reuters.com/article/_next/static/fonts/knowledge-medium-cb99300d7588193b6c012888b94697ec.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed

Request headers

Origin
https://www.reuters.com
Referer
https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:03:55 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
162
x-cacheable
YES: default
x-cache
Hit from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff
content-length
50380
x-amz-cf-id
K3UiVmRhTH9M1mo3yWRThrJUvcWXM9z4PDQb7G3pyzy167DrFWc1Ig==
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2280
date
Thu, 11 Mar 2021 19:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 21:28:25 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 20:06:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Fri, 12 Mar 2021 20:06:25 GMT
gwiq.js
gwiqcdn.globalwebindex.net/gwiq/
6 KB
6 KB
Script
General
Full URL
https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.93.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.93.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:17:06 GMT
age
2959
x-guploader-uploadid
ABg5-UxJLkowqIxpB7ezjXZ124zHhI65stHRjijVjxvq8RvXE_1nkI-1HrcuV7yU9WbYdsD3qbHNEIt9RPY9M736Gj9VqpaYbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
5766
last-modified
Wed, 15 Apr 2020 08:49:27 GMT
server
UploadServer
etag
"aba61abde9777087262fb27526ba1ef6"
x-goog-hash
crc32c=yYfjgA==, md5=q6Yavel3cIcmL7J1Jroe9g==
x-goog-generation
1586940567400828
cache-control
public, max-age=3600
x-goog-stored-content-length
5766
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 11 Mar 2021 20:17:06 GMT
reuters.js
tru.am/scripts/custom/
1 KB
1 KB
Script
General
Full URL
https://tru.am/scripts/custom/reuters.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f23d93c9b8e3ca26f6fcc6be6a8d087e43a3f5795daa3c61017071642f66f3c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e3JHUg==, md5=QLfU3gba4E7A1lN+8vVNuA==
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1858220
x-guploader-uploadid
ABg5-UzUNQciFFdRglgWenaNWinJrENpltNzFvmDLyKfPceVAHZb8mI3jID2kuU0bW25-pozXPMC25CtdDAM1Gv548I
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c47ed917000097a2caaf5000000001
last-modified
Fri, 19 Apr 2019 06:14:57 GMT
server
cloudflare
etag
W/"40b7d4de06dae04ec0d6537ef2f54db8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nN1ZUjy%2BVEL%2BJvGJcpzKEAwxwiU3cnite8ujMu3Kxa1kdNSOKN0J1DEgyTMUMsp77A%2F%2B0aKi33467fY4UtiJmFmue8OENhgvBdYH4QdnjmUpNBM%3D"}]}
x-goog-generation
1555654497328861
content-type
application/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
1056
cf-ray
62e7673b5f1197a2-FRA
expires
Thu, 18 Feb 2021 08:56:05 GMT
load
experience.tinypass.com/xbuilder/experience/
4 KB
1 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1dc64fac45e75fffefbd76f176c6ea118ab79b88b3efddc5642d4e7c76d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
937
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08c47ed91700002c36fd3e1000000001
x-request-id
CnsltpqDJOV
wn
prod-exp-10-0-81-197
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
62e7673b5b182c36-FRA
expires
Thu, 11 Mar 2021 20:36:25 GMT
/
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async/
6 KB
2 KB
Script
General
Full URL
https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async/
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.234.224.20 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software
nginx / PHP/5.4.16
Resource Hash
b075a90790a5332d8ae79654f18935a9cd690c84b65ee355646639ae0eb17e05

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 20:06:26 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
164 B
361 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
62e7673b49574e20-FRA
cf-request-id
08c47ed90900004e202b177000000001
ArticlePage.abdcb66b.chunk.css
www.reuters.com/article/_next/static/css/pages/
124 KB
20 KB
Fetch
General
Full URL
https://www.reuters.com/article/_next/static/css/pages/ArticlePage.abdcb66b.chunk.css
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/chunks/main-37e54b5e39d310aabe58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
bd4abcdfbc6f184a42e868c80bc92fe49af52d777c0ebc5a7ebbc43e22db31bf

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
x-cacheable
YES: default
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
text/css; charset=UTF-8
content-length
19708
x-amz-cf-id
oQun1t6r5Eoyb9gGqm4W6Qyrrb8Z3Qo6sLnkaIi5llFG8WdTr5Vhug==
common.json
www.reuters.com/static/locales/en/
163 KB
36 KB
XHR
General
Full URL
https://www.reuters.com/static/locales/en/common.json
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/chunks/pages/ArticlePage-202a909ca8e343de60b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
8c228c97b2fc5c7872a0fd367813e47f02b7ec0ab802683d9b7a04d92e437ae8

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html;charset=UTF-8
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-updatedl
Thu, 11 Mar 2021 20:02:52 GMT
content-length
36661
x-amz-cf-id
ddQ8dINqYWQMkB3D0P6cPBcr_ciCGxYDn7TCvXVUjcuE9hTgeTRG_Q==
expires
Thu, 11 Mar 2021 20:11:25 GMT
v2
mb.moatads.com/yi/
230 B
405 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&pcode=reutersheader194883552024&callback=MoatNadoAllJsonpRequest_683333
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.67.84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-67-84.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
4ffc3eca41b802a558acc5507b2a5a48ec9c2f196c7881ff9599245cdc8a049c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"b3e2eb94bb8e03e6765dcb084d4f9b67ed8bee8a"
content-length
230
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame D2DF
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

:method
GET
:authority
z.moatads.com
:scheme
https
:path
/hd09824092/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reuters.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reuters.com/

Response headers

x-amz-id-2
IoJnU2/yYHZWWm/WYr2ikuEebS/ttWSlpTYpDLTQi/gWHiDH3d+3HeNIP4mRsj9x7e9YJMk0JJs=
x-amz-request-id
9BE9585BE1C3B27F
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
accept-ranges
bytes
content-type
text/html
content-length
1374
server
AmazonS3
cache-control
max-age=1971
date
Thu, 11 Mar 2021 20:06:25 GMT
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&t=1615493185847&de=664731757067&d=REUTERS_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=2f1699a-clean&iw=fc997e9&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=reuters.com&bd=reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&ac=1&bq=11&f=0&na=1131118207&cs=0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 20:06:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 11 Mar 2021 20:06:25 GMT
js
www.google-analytics.com/gtm/
84 KB
33 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TBBXQQ&t=gtm2&cid=1843136350.1615493186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
021d5da850cf79fb48ba8f3ddd9936e4ea9f299bc143d890dde8b9aa6e423fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33920
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 20:06:25 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activis...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activi...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&c9=&cs_ak_ss=1
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 20:06:26 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1615493185919&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Thu, 11 Mar 2021 20:06:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/
356 KB
78 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bh9exWOPGIwRshWljrtlEw==
age
9364951
vary
Accept-Encoding
content-length
79698
cf-request-id
08c47ed98300004ea4870c9000000001
x-ms-lease-status
unlocked
last-modified
Mon, 23 Nov 2020 02:33:28 GMT
server
cloudflare
etag
0x8D88F582961DDDE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f098869-501e-00cd-4b85-c1bdae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673c082c4ea4-FRA
expires
Fri, 19 Mar 2021 20:06:25 GMT
ta-pagesocial-sdk.js
tru.am/scripts/
27 KB
10 KB
Script
General
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2026953
x-guploader-uploadid
ABg5-UwRnkq82oCtEnBqftzts9m1RS45TF5Xp59cA9XHYiyKhB93zNCmpbLqtp1kIgbUD9B0SegxEPtrQdJZtAEF6BI
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c47ed985000097a2cf241000000001
last-modified
Wed, 11 Nov 2020 17:32:38 GMT
server
cloudflare
etag
W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R7vUT5IuyOuNj6GsAygU6jhzzaDu2fWxDcW%2FcZR0PLHWeNg0gr%2FLnKAHLoZ0TzMn13GC69vug5vuY9exILz9Kqy%2BM8b0VgQMjqyqsXMcuXMaOBI%3D"}]}
x-goog-generation
1605115958819708
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
27827
cf-ray
62e7673c0f5a97a2-FRA
expires
Tue, 16 Feb 2021 10:03:52 GMT
ads.js
www.reuters.com/
112 B
619 B
Script
General
Full URL
https://www.reuters.com/ads.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7464555aae6d8d87b77f7170fba1698ff64f7454ded58627ca1819246e9a9969

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
browser-expires
Thu, 11 Mar 2021 20:06:26 GMT
server
nginx
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://admin.reuters.com
content-encoding
gzip
access-control-allow-headers
Access-Control-Allow-Origin,charset
content-length
116
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-id
73ETl4PFelUPlxkUpW2BtCAeRl5KSFeDWy9y4gqdccnejJkKZxcwFA==
expires
Thu, 11 Mar 2021 20:11:26 GMT
tinypass.min.js
cdn.tinypass.com/api/
996 KB
230 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b6264eb1b4f29a8a60e3f8c5aff935bc01c8314ba9498db5784960d2b42c9c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
UPDATING
age
332
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08c47ed98700002c360b15c000000001
wn
prod-dash-10-0-139-56
last-modified
Thu, 11 Mar 2021 18:23:06 GMT
server
cloudflare
etag
W/"1019850-1615486986000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=300
cf-ray
62e7673c0ca12c36-FRA
expires
Thu, 11 Mar 2021 20:11:25 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/
468 KB
100 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-149.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f70808f8ae28ac637b036b1f986dbb53318d7feb355bd871a656b0ffb1486813

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
87uZmdSg8UELVSso_.CaFNBBCQA9W7_e
content-encoding
gzip
etag
"165bb426290b182dc81a4410863c2d4e"
age
52
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
101580
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 22:12:32 GMT
server
AmazonS3
date
Thu, 11 Mar 2021 20:06:07 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
tee45flT3BEhQibmcLZPwX7AEGTyEwkPiMrb1H6PzmCDW1L_69GCdg==
globe-bf85b8acf35c083d9f63db7a8d594440.png
www.reuters.com/article/_next/static/images/
2 KB
2 KB
Image
General
Full URL
https://www.reuters.com/article/_next/static/images/globe-bf85b8acf35c083d9f63db7a8d594440.png
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
cd3ce0b21b8b2075e00cc0f2fd121e80341e5ee7e3dddddd616ef9d828bd0f08

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
13
x-cacheable
YES: default
x-cache
Miss from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/png
content-length
2127
x-amz-cf-id
oJJTCjAkLhb-UOw2sCgkPgKTx-01eJwpg-cdS9pvc8g_j6bej5SB1g==
en.json
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test/0199937a-8ef8-4a27-8574-28b4bf79ec75/
97 KB
20 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf-test/0199937a-8ef8-4a27-8574-28b4bf79ec75/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1793b12b4989da1a18a0d9a63b4926a891a390ca6b2007f5975c010c55054bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
PTi51uRSXJBTLgNjn8d+eg==
content-length
20497
cf-request-id
08c47ed9ed00002c52ff39b000000001
x-ms-lease-status
unlocked
last-modified
Thu, 04 Feb 2021 12:13:02 GMT
server
cloudflare
etag
0x8D8C90638923D62
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2ef2f7fe-f01e-016e-67b2-16379a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
cf-ray
62e7673cad582c52-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/
237 KB
33 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0eb78606c49fcd41e2032ec6cc6a985041587aaee3ae15b6d3b693a924f08f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
S+ZMnxgVYjuUq3DfMXij3w==
age
6071
vary
Accept-Encoding
content-length
32832
cf-request-id
08c47ed9ed00002c5228b56000000001
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 13:00:03 GMT
server
cloudflare
etag
0x8D8E48D965406A1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3e32c5ec-201e-0041-2e82-16f0f5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673cad5d2c52-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.10.0/
67 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iXlp8PB9nD0YCMZBaEfbOQ==
age
8761339
vary
Accept-Encoding
content-length
14815
cf-request-id
08c47ed9ed00004ea4a91f8000000001
x-ms-lease-status
unlocked
last-modified
Wed, 25 Nov 2020 13:40:17 GMT
server
cloudflare
etag
0x8D89147A5573749
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b7e86ec6-c01e-0026-6902-c74352000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673ca9bb4ea4-FRA
expires
Fri, 19 Mar 2021 20:06:26 GMT
execute
experience.tinypass.com/xbuilder/experience/
2 KB
1 KB
XHR
General
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=TIDovF4cqC
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152307fb2d75c4f4484f258c5d3649401d48318f87439038e1313c71b31fab51
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
08c47eda2300002c36f087f000000001
x-request-id
CqimtpqloI3
pragma
no-cache
wn
prod-exp-10-200-139-187
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
62e7673d0f012c36-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
otFloatingRounded.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/
10 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFloatingRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6d1ab2180874d2f5e4d583cd31a811fb29616fb1cc05b7061bc6e526060882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
BVQP/RmwFbwKyrE6Xaqeeg==
vary
Accept-Encoding
content-length
2835
cf-request-id
08c47eda7900002c5218bb8000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:50 GMT
server
cloudflare
etag
0x8D89735208D12FB
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3f9b5d4b-601e-00ce-60b2-16bea9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673d8f992c52-FRA
expires
Fri, 19 Mar 2021 20:06:26 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/
62 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EmYCDnUevXSilDmkLpibsQ==
age
6538115
vary
Accept-Encoding
content-length
14932
cf-request-id
08c47eda7900002c52588f4000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:51 GMT
server
cloudflare
etag
0x8D8973520EF1BA5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3da6bbe0-901e-0053-423b-dbc4e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673d8f9b2c52-FRA
expires
Fri, 19 Mar 2021 20:06:26 GMT
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0TIfq4DA+dnrjtaD3i6fiw==
age
2030285
vary
Accept-Encoding
content-length
2178
cf-request-id
08c47eda7900002c527a1b6000000001
x-ms-lease-status
unlocked
last-modified
Thu, 03 Dec 2020 02:42:52 GMT
server
cloudflare
etag
0x8D8973521BF3D68
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
037404b3-001e-0159-093a-049b35000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673d8f9e2c52-FRA
expires
Fri, 19 Mar 2021 20:06:26 GMT
js
www.google-analytics.com/gtm/
84 KB
33 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KBK7743&cid=1843136350.1615493186
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21bdd9421779c1eaa39d00d95170aed3d1f9a885d7dc82be51eac6d16f326e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33961
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 20:06:26 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
986 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3019
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 11 Mar 2021 20:16:07 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
BLhIoxLIZyWetgO3v0CD0kSG0tTEH2ghwucc2LMoVysDZw41qfp8TRGpF8iIjrsmiwUrkXoSwq96mTneLpuTLw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 11 Mar 2021 20:06:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
312961195854690
connect.facebook.net/signals/config/
242 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/312961195854690?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
185c3a60a7cf3fc22f76cd7479c43b3e175d6049b5d7562cdd13d8798395753c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
71040
x-fb-rlafr
0
pragma
public
x-fb-debug
YlDnxGPpBhGbPrN0xD8fwdMKYUgU8P5deJAjLgY/4JC45U/f/5hWHlhN+5FVowQOYtGPZHd9MFwfL2TeyQ9nuA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 11 Mar 2021 20:06:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
6059
vary
Accept-Encoding
cf-request-id
08c47edb1d00004ea49a869000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
62e7673e9dcd4ea4-FRA
1615493186;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Farticle_@2Fus-cyber-deepfake-activist_@2Fdeepfake-used-to-attack-activist-couple;;;
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/
817 B
1 KB
Script
General
Full URL
https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/1615493186;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Farticle_@2Fus-cyber-deepfake-activist_@2Fdeepfake-used-to-attack-activist-couple;;;
Requested by
Host: ad.wsod.com
URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.234.224.20 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software
nginx / PHP/5.4.16
Resource Hash
281002dfe1127df2a356fb9d9f233618d406af2a438aaa2d6798bbef3d6cd268

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 20:06:26 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
162 B
359 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
62e7673ef9f84e20-FRA
cf-request-id
08c47edb5900004e203e9be000000001
collect
stats.g.doubleclick.net/j/
4 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-24152976-22&cid=1843136350.1615493186&jid=809430107&gjid=1995141839&_gid=853067607.1615493186&_u=aGDAgEAjQAAAAE~&z=185872539
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 11 Mar 2021 20:06:26 GMT
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=1704083572&t=event&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OneTrust%20Cookie%20Consent&ea=Preference%20Center%20Opened%20From%20Function&_u=aGDAgEAjQ~&jid=809430107&gjid=1995141839&cid=1843136350.1615493186&tid=UA-24152976-22&_gid=853067607.1615493186&z=999816640
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 23:19:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74793
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
r_h_lg_rgb_ps_copy.png
cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/cff8cfa8-5e70-4579-becd-d599f7105bb0/766b8b37-94ff-47ad-9200-15ee74d5260a/
5 KB
5 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/cff8cfa8-5e70-4579-becd-d599f7105bb0/766b8b37-94ff-47ad-9200-15ee74d5260a/r_h_lg_rgb_ps_copy.png
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
d1bXiraWLYi1eW3sW0vtzQ==
age
5856
vary
Accept-Encoding
content-length
4900
cf-request-id
08c47edb6400004ea4c6285000000001
x-ms-lease-status
unlocked
last-modified
Fri, 14 Aug 2020 08:28:05 GMT
server
cloudflare
etag
0x8D8402BF7BA7DDC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b8b2d46f-101e-016f-801b-d43667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
62e7673f0eb84ea4-FRA
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de23217d94dd980c407627201620b28a56339c302d074f0dee91db667bf1264a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 11 Mar 2021 20:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
6060
vary
Accept-Encoding
cf-request-id
08c47edb6c00004ea4958e8000000001
x-ms-lease-status
unlocked
last-modified
Tue, 09 Mar 2021 13:15:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
30a6807a-801e-0047-17ef-14078d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
62e7673f1ed14ea4-FRA
knowledge-light-e76d05f89d70cea61820a955651ea70f.woff
www.reuters.com/article/_next/static/fonts/
49 KB
50 KB
Font
General
Full URL
https://www.reuters.com/article/_next/static/fonts/knowledge-light-e76d05f89d70cea61820a955651ea70f.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6

Request headers

Origin
https://www.reuters.com
Referer
https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:03:34 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
231
x-cacheable
YES: default
x-cache
Hit from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff
content-length
50292
x-amz-cf-id
GEtgRBmL3CUt42ClDHdBhzSu0_484iHqkUtl-8LJp4b88orBiwIJGQ==
knowledge-bold-ba054d73a350fc1f77147054141c191c.woff
www.reuters.com/article/_next/static/fonts/
57 KB
58 KB
Font
General
Full URL
https://www.reuters.com/article/_next/static/fonts/knowledge-bold-ba054d73a350fc1f77147054141c191c.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-17.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44

Request headers

Origin
https://www.reuters.com
Referer
https://www.reuters.com/article/_next/static/css/pages/_app.b3cdf4b1.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:03:45 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 18:42:00 GMT
server
nginx
age
165
x-cacheable
YES: default
x-cache
Hit from cloudfront
content-language
en
raptor_app_version
v1.31.4
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
font/woff
content-length
58627
x-amz-cf-id
DgkiqTJ9VkgPxspRZfA73cfNmXk0zKDHimLp5MzZoJyFMQ7MnvnUlg==
ga-audiences
www.google.com/ads/
42 B
111 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-24152976-22&cid=1843136350.1615493186&jid=809430107&_u=aGDAgEAjQAAAAE~&z=672480940
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 20:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-24152976-22&cid=1843136350.1615493186&jid=809430107&_u=aGDAgEAjQAAAAE~&z=672480940
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 20:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.min.js
get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/
32 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6050c108e23812c49d1b8c5836b2c67ecdebee51aa3cbe5c3f44b74200abcffc

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ipoRfnLhFXqGDUR5Udgjia6u9aioDRhu
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 14:59:04 GMT
server
AmazonS3
age
55321
etag
W/"8f6eb124b1666c72816b23287c967f34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 11 Mar 2021 04:44:40 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
bXyDgScl5PNzS3lb_bKRTUeklxVE4S-vX43yEqHF_uxd8vuVmdstDQ==
/
onetag-geo.s-onetag.com/
24 B
437 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:05:17 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront), 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
age
54069
x-amzn-requestid
77997bc1-1b66-4bca-bd45-595cc77510c8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, PRG50-C1
x-amz-apigw-id
cAa6KFPxCYcF77g=
content-length
24
x-amz-cf-id
Cuw_w_GCM_EU01mUUOVv41PT1tjzRiRPSjzsOSZFQu54UYGiWMgVwQ==
beacon.min.js
signal-beacon.s-onetag.com/
31 KB
10 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc94bad1aadef5522b61de9b30181a783127c65c9ca4e75838f8cf938f01601c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PCkxZaaLjwgg2eFNh_0o6k6jIX16JReX
content-encoding
gzip
etag
W/"408ba20642d0af95570c2b4c4b2ec494"
last-modified
Wed, 10 Mar 2021 11:11:07 GMT
server
AmazonS3
age
32118
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 11 Mar 2021 11:11:09 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
sZuyoUlisiIT3YMNxLoO9Tz8xKAVw7eCflqMVoVeArjjUC8hPLVa7A==
/
qivaiw.com/resources/r/
68 B
422 B
Image
General
Full URL
https://qivaiw.com/resources/r/?m=02&d=20161011&t=2&i=1540511454&w=760&fh=&fw=&ll=&pl=&sq=&rtn=LYNNXMPEGXE883&x30y10&r=LIYXPPGG10FT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.25.85 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
api.addefend.com
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 20:06:26 GMT
Server
ADFCDN/5.2.3
X-Powered-By
AdDefend GmbH
Content-Type
image/png
Cache-Control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
Expires
0
/
onetag-geo.s-onetag.com/
24 B
428 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:05:17 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront), 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
age
54069
x-amzn-requestid
77997bc1-1b66-4bca-bd45-595cc77510c8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, PRG50-C1
x-amz-apigw-id
cAa6KFPxCYcF77g=
content-length
24
x-amz-cf-id
PEIHwsVFr5IlEzAOBsPbwg4myWKzdLm2WJBI3U2ayQkOkbX0k1QkWA==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
829 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-93.fra56.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 07:29:18 GMT
content-encoding
gzip
server
restify
age
45428
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
VTNB05E1EUTQ0RScSpuexQfpt5o9SDlId-OTVErxPgGH7uHHCECg5A==
via
1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
/
expepp.de/rts/resources/r/promotools/
68 B
422 B
Image
General
Full URL
https://expepp.de/rts/resources/r/promotools/?m=02&d=20180526&t=2&i=8306442608&w=854&fh=&fw=&ll=&pl=&sq=2&r=KDMCE883.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.25.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
api.addefend.com
Software
ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer
https://www.reuters.com/article/us-cyber-deepfake-activist/deepfake-used-to-attack-activist-couple
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 20:06:26 GMT
Server
ADFCDN/5.2.3
X-Powered-By
AdDefend GmbH
Content-Type
image/png
Cache-Control
max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68
Expires
0
/
onetag-geo.s-onetag.com/
24 B
427 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:05:17 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront), 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
age
54070
x-amzn-requestid
77997bc1-1b66-4bca-bd45-595cc77510c8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, PRG50-C1
x-amz-apigw-id
cAa6KFPxCYcF77g=
content-length
24
x-amz-cf-id
Ug_oyin2IOLs6EiDd_6CALzNsquSLiRJfrYRg__TS5OnZu2mhjuzqA==
/
onetag-geo.s-onetag.com/
24 B
427 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:05:17 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront), 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
age
54070
x-amzn-requestid
77997bc1-1b66-4bca-bd45-595cc77510c8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, PRG50-C1
x-amz-apigw-id
cAa6KFPxCYcF77g=
content-length
24
x-amz-cf-id
RwjaFwQA0CmtPAZUSVlLWcmBelbo9SGRmsAQamIMM4hkzjR1YOyAJg==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
829 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-93.fra56.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 07:29:18 GMT
content-encoding
gzip
server
restify
age
45429
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
kacxsteCd-35bWCjBQlDAPF_PdSORVqZxYo5hLllA6HO7W1OLl24Ew==
via
1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)
/
onetag-geo.s-onetag.com/
24 B
426 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:05:17 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront), 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
age
54070
x-amzn-requestid
77997bc1-1b66-4bca-bd45-595cc77510c8
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, PRG50-C1
x-amz-apigw-id
cAa6KFPxCYcF77g=
content-length
24
x-amz-cf-id
nV0FiMhz5n2AaZFHYpkps61cMAD3LpV4lKeWrZIq_v8dxs6EmV_Y9A==
metrics
connect-metrics-collector.s-onetag.com/
0
73 B
Other
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 Mar 2021 20:06:37 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/
0
72 B
Other
General
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 11 Mar 2021 20:06:37 GMT
content-length
0
vary
Origin

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| analytics object| dataLayer function| gtag function| setImmediate function| clearImmediate object| __MHS_P__reutersheader194883552024 function| __MHS_E__reutersheader194883552024 object| moatPrebidApi object| bootstrap object| webpackJsonp_N_E number| _N_E function| __cmp object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| PHIDJdd object| zkwhh6c6Flags string| zkwhhcdfRnd function| PHIDJTrkFailed object| zkwhhd358tc boolean| zkwhhbe8sdl boolean| zkwhhbe8sdln string| zkwhhd358genat string| zkwhhd358sthash string| zkwhhd358Domain boolean| zkwhh544forceimp object| zkwhhsc object| google_tag_manager function| postscribe object| google_tag_manager_external boolean| zkwhh4b8Body object| __NEXT_P object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __SSG_MANIFEST_CB object| next string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| _comscore function| getValuesGWIQ object| _elqQ object| article_date object| author object| content_channel object| keywords object| tp object| markit_script function| jsonFeed object| __core-js_shared__ object| core object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| __BUILD_MANIFEST object| __SSG_MANIFEST undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_683333 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedreutersheader194883552024 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE function| __tcfapi object| otStubData function| __NEXT_PRELOADREADY object| __NEXT_REDUX_STORE__ object| $jscomp function| MIIScriptCtrl object| gwiq object| TRUE_ANTHEM object| google_optimize number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage string| __tpVersion object| jQuery11240552700908695922 object| SWG object| e number| abp object| otIabModule object| Optanon object| OneTrust function| _fbq function| fbq function| Tracktor function| normalize object| PianoESPConfig function| fpv function| gL function| gRF function| modEnc function| gSWHD function| gMDL object| mdjs object| mdNode undefined| scripts object| _mdSct function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| __otccpaooLocation object| mdTargets function| getCookie string| url object| script object| __connect boolean| zkwhh4c9Detect object| zkwhh5d6Mobile object| zkwhhd3581 object| zkwhhd358o1 object| zkwhhd358o2 object| zkwhhd358o3 object| zkwhhd3582 number| zkwhhd358d3 object| zkwhhd3584 object| zkwhhd3585 boolean| zkwhh6c2ij boolean| zkwhh40cTrack

10 Cookies

Domain/Path Name / Value
.reuters.com/ Name: xbc
Value: %7Bjzx%7DvxutxhIrukoy1EGq2U1UskO-fSSVrUSGZuJlwP--2opd4s64tjU07dr9Ra5vnu7LhCH1pLKx2uU0AbrFS99WD7WNt8ytTJxmHU5nsS8kiFnYV3Ikdm5B-cEsJxRI6edz6kD_mXC6gcIk83tR1PWZnSlHM_Mj_daBoyQ002Hpeh31rw1c6P4KgQA2r9VGBBLl9_dsCnXF64joKENG0sJ4cxGx4QBlURe79V6Onv113v8
.reuters.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-2021-03-11-21-06-26-066-AOLZgIteH91l1vbn-d16c9b63c3b3140b59dab3f38435272b%22%2C%22domain%22%3A%22.reuters.com%22%2C%22time%22%3A1615493186240%7D
www.reuters.com/ Name: i18next
Value: en
.reuters.com/ Name: __pat
Value: -18000000
www.reuters.com/ Name: usprivacy
Value: 1---
.reuters.com/ Name: _gat
Value: 1
www.reuters.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Mar+11+2021+21%3A06%3A26+GMT%2B0100+(Central+European+Standard+Time)&version=6.10.0&hosts=&landingPath=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-deepfake-activist%2Fdeepfake-used-to-attack-activist-couple&groups=1%3A1%2CBG33%3A0%2C4%3A0%2C3%3A0%2C2%3A0%2CSTACK42%3A0
.reuters.com/ Name: __tbc
Value: %7Bjzx%7Dyo9xUxAKwg32SeQvuAZGbfmlG7sS5XUZzPaKHV1ZKr8pyMEl20jPHeEY89J9r8Xkdnmv76XznAar1fAu8ny6KQ-JI7odpfjH2UPBEss6oky5lNRbVhWE0N4xne1cc4_tHzyVzbU0qDL8Htc3rl51Vg
.reuters.com/ Name: _gid
Value: GA1.2.853067607.1615493186
.reuters.com/ Name: _ga
Value: GA1.2.1843136350.1615493186

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js(Line 1)
Message:
Init Bootstrap with config [object Object]
console-api log URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js(Line 1)
Message:
MOAT init script
console-api log URL: https://www.reuters.com/article/_next/static/chunks/main-37e54b5e39d310aabe58.js(Line 1)
Message:
Load polyfills
console-api log (Line 1)
Message:
comscore new global fired
console-api log URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js(Line 1)
Message:
IAS setup complete
console-api log URL: https://www.reuters.com/article/_next/static/scripts/bootstrap-6ac4744049a0a323af982baa2b4cf2b1.js(Line 1)
Message:
MOAT setup complete
console-api log URL: https://www.reuters.com/article/_next/static/chunks/pages/ArticlePage-202a909ca8e343de60b8.js(Line 1)
Message:
false
console-api log (Line 1)
Message:
Blocking Ads: No

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.wsod.com
cdn.adsafeprotected.com
cdn.cookielaw.org
cdn.segment.com
cdn.tinypass.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
expepp.de
experience.tinypass.com
geolocation.onetrust.com
get.s-onetag.com
gwiqcdn.globalwebindex.net
mb.moatads.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
px.moatads.com
qivaiw.com
sb.scorecardresearch.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
stats.g.doubleclick.net
tru.am
usasync01.admantx.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.reuters.com
z.moatads.com
104.108.145.172
13.226.158.149
13.226.159.17
13.226.159.33
13.226.159.80
13.32.21.93
136.243.25.122
136.243.25.85
209.234.224.20
23.37.53.17
2406:da00:ff00::b849:d716
2606:4700:10::6814:b944
2606:4700:20::681a:274
2606:4700::6810:9440
2606:4700::6811:b9b1
2a00:1450:4001:801::200e
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:400c:c1b::9a
2a03:2880:f02d:12:face:b00c:0:3
3.10.67.84
35.201.93.216
65.9.58.24
65.9.96.69
99.83.181.31
021d5da850cf79fb48ba8f3ddd9936e4ea9f299bc143d890dde8b9aa6e423fcd
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af
0ad092aad6edc5a35ceae773fdaa5bdbac93698c70ff67b229f657c5b5697665
0d6d1ab2180874d2f5e4d583cd31a811fb29616fb1cc05b7061bc6e526060882
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
142c96e3a6e08865a80eb37537f9688fd449c0d9655dabcea8488f0e4844bfd8
152307fb2d75c4f4484f258c5d3649401d48318f87439038e1313c71b31fab51
185c3a60a7cf3fc22f76cd7479c43b3e175d6049b5d7562cdd13d8798395753c
18b521e6f94f2e8ddb61a588cccc3a4e7e9674781309d5bec9d0d53e79c66a17
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
21bdd9421779c1eaa39d00d95170aed3d1f9a885d7dc82be51eac6d16f326e59
22fa457de95d295332c16161fc697a73f1c5b55fcc75a3d64563bcf4e8116953
281002dfe1127df2a356fb9d9f233618d406af2a438aaa2d6798bbef3d6cd268
2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058
2efd93040e41e6d1117fb6d003ac31681047db53240098e8175ecca6985005f2
43a71c26c4a035e0a3ff30e4527c3712a4c1c75a170fbe5e20ce009c173a16af
45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6
4933f2c8117d9a8e6a2f2d0fef4922779275694a111f4470c4a278375f2a7efb
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4fe04752843efe8b29178b77414555295dca770cd0f7872fdc708d85d34ec3a5
4ffc3eca41b802a558acc5507b2a5a48ec9c2f196c7881ff9599245cdc8a049c
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
6050c108e23812c49d1b8c5836b2c67ecdebee51aa3cbe5c3f44b74200abcffc
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
60fff15e2cccdc15a2846afa6815b0c0c8797a66056dd794ee897115ad4a1630
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53
6f23d93c9b8e3ca26f6fcc6be6a8d087e43a3f5795daa3c61017071642f66f3c
7464555aae6d8d87b77f7170fba1698ff64f7454ded58627ca1819246e9a9969
75ca2415b9c5b0c3e440d95294182509b9dca7843380ac0e5fb2fdae1613adde
778754c715bf3fa9f2f9721caf738a214abb29affd1c74b10c64bee132f6289b
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b9dcdc47d57621c246b26131d859067c63b33212211b59d0836d3e63fd08cab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c228c97b2fc5c7872a0fd367813e47f02b7ec0ab802683d9b7a04d92e437ae8
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
92b6264eb1b4f29a8a60e3f8c5aff935bc01c8314ba9498db5784960d2b42c9c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
b075a90790a5332d8ae79654f18935a9cd690c84b65ee355646639ae0eb17e05
bd1dc64fac45e75fffefbd76f176c6ea118ab79b88b3efddc5642d4e7c76d4fe
bd4abcdfbc6f184a42e868c80bc92fe49af52d777c0ebc5a7ebbc43e22db31bf
c1793b12b4989da1a18a0d9a63b4926a891a390ca6b2007f5975c010c55054bc
cc94bad1aadef5522b61de9b30181a783127c65c9ca4e75838f8cf938f01601c
cd3ce0b21b8b2075e00cc0f2fd121e80341e5ee7e3dddddd616ef9d828bd0f08
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0eb78606c49fcd41e2032ec6cc6a985041587aaee3ae15b6d3b693a924f08f2
d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
de23217d94dd980c407627201620b28a56339c302d074f0dee91db667bf1264a
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb199f1ad937a5ee84b011e2b16c83687a13a30bdcf641edde15134aeb138388
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50
f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44
f70808f8ae28ac637b036b1f986dbb53318d7feb355bd871a656b0ffb1486813
ff5f9e2db7793f67bfc6158b3ea94c6958f3b8120743f2fe907aa23a7b0ca00b