therecord.media Open in urlscan Pro
2606:4700::6812:621 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04
Effective URL:
https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium...
Submission: On July 02 via api (July 2nd 2021, 12:14:49 am UTC) from SG

Summary HTTP 59 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 59 HTTP transactions. The main IP is 2606:4700::6812:621, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
21	2606:4700::68... 2606:4700::6812:621	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:20e... 2600:9000:20eb:8800:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.196.53.208 18.196.53.208	16509 (AMAZON-02) (AMAZON-02)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	104.82.195.159 104.82.195.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	18

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:621 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:8800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.53.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-53-208.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.82.195.159 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a104-82-195-159.deploy.static.akamaitechnologies.com

b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	therecord.media therecord.media	727 KB
13	6sc.co j.6sc.co c.6sc.co b.6sc.co	17 KB
4	matomo.cloud cdn.matomo.cloud recordedfuture.matomo.cloud	64 KB
3	cloudflare.com cdnjs.cloudflare.com	17 KB
2	facebook.com www.facebook.com	162 B
2	google-analytics.com www.google-analytics.com	19 KB
2	youtube.com www.youtube.com	43 KB
2	facebook.net connect.facebook.net	98 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	jsdelivr.net cdn.jsdelivr.net	25 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	3 KB
1	hubspot.com track.hubspot.com	749 B
1	gravatar.com secure.gravatar.com	3 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-scripts.com js.hs-scripts.com	607 B
59	16

	Domain	Requested by
21	therecord.media	go.recordedfuture.com therecord.media
11	b.6sc.co	therecord.media
3	cdnjs.cloudflare.com	therecord.media
2	www.facebook.com	therecord.media connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	www.youtube.com	therecord.media www.youtube.com
2	cdn.matomo.cloud	therecord.media
2	connect.facebook.net	therecord.media connect.facebook.net
2	www.googletagmanager.com	therecord.media
2	cdn.jsdelivr.net	therecord.media
2	go.recordedfuture.com	1 redirects
1	track.hubspot.com
1	c.6sc.co	j.6sc.co
1	j.6sc.co	go.recordedfuture.com
1	secure.gravatar.com	therecord.media
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	therecord.media
59	19

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
securelist.com
research.checkpoint.com
www.instagram.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
cdn.matomo.cloud Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.matomo.cloud R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Frame ID: 0F13F02C1E55EEF6D0A702B1FFE5B216
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXN... HTTP 307
https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

59
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

1119 kB
Transfer

2901 kB
Size

16
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?url=https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/&text=Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/&title=Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/&title=Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/&t=Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council

Search URL Search Domain Scan URL

URL: https://securelist.com/apt-trends-report-q2-2017/79332/
Title: IndigoZebra

Search URL Search Domain Scan URL

URL: https://twitter.com/Lotemfi
Title: Lotem Finkelstein

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2021/indigozebra-apt-continues-to-attack-central-asia-with-evolving-tools/
Title: we’re sharing

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04?_ud=cb006514-ce7e-41a2-98b5-24adc63fa899&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04 Show response
go.recordedfuture.com/e2t/sc2/ 8 KB
2 KB 42ms
41ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97ff069cb22bf3826d87b15e7cf129bad222ce102f8844852a593ec64fa242a

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:29 GMT
content-type: text/html;charset=utf-8
cf-ray: 6683ac9c4d1d4e9e-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4b98dfc1-0aa7-4646-9780-556130cf3df2
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dFkaVqEOPmuuIqz3RU%2Br0kVX%2FoHTuZEcDvYCcHNg0DDrnBQoI4vkLqXkPXAJ0DHIt%2FbS7h9nwdQ0ClEOi6nbarsBKMv0z9G921S7PRAMoGdYv9acQUqrdO9T8LyTD79dbo4O%2FDrIyXRAr%2FJV7U0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=3c717ed788a129557d4487b6144039f03b94c821-1625184869; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04?_ud=cb006514-ce7e-41a2-98b5-24adc63fa899&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p
https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZ...

55 KB
11 KB

701ms
684ms

Document
text/html

2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df248833efb025de7b400819fe3d7643bb5ec6d04ade78c3e7772b6c4b5b8877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: therecord.media
:scheme: https
:path: /chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=600
link: <https://therecord.media/?p=5206>; rel=shortlink
set-cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; path=/; domain=.therecord.media; secure; HttpOnly wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8; path=/; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-59x78
x-pingback: https://therecord.media/xmlrpc.php
x-styx-req-id: 78c807c5-daca-11eb-9f9d-26b2e6fca046
x-served-by: cache-mdw17322-MDW, cache-bwi5070-BWI
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1625184871.939236,VS0,VE285
pantheon-trace-id: e9a82fbae0c94e6ca6721a6cf02ab9dc
vary: Accept-Encoding, Cookie, Cookie
age: 0
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6683aca13b3d4e6e-FRA
content-encoding: gzip

Redirect headers

date: Fri, 02 Jul 2021 00:14:30 GMT
location: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
cf-ray: 6683ac9c9d7b4e9e-FRA
link: <https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 52eb3dd3-0cab-4521-ad27-020bd00f4cef
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZAmrQL9PZERngBoe4jY8AxLYsAK1A8OYHg7JN5AWd2fnbQ5IRkwP9RRCvK2HPi%2BEi%2BeTl3YUyRs1ZoV8tdp%2Bc8WdL0kRk3WCbkvoSlohbXuLZg%2Fd5KmQsy3BIe7%2B4ESuQfHRZv92FghdDwpfdyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
therecord.media/wp-includes/css/dist/block-library/ 57 KB
11 KB 24ms
22ms Stylesheet
text/css 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: therecord.media
URL: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141757
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-np279
x-cache: HIT, HIT
content-length: 10961
x-served-by: cache-mdw17350-MDW, cache-bwi5083-BWI
last-modified: Fri, 18 Jun 2021 14:42:50 GMT
server: cloudflare
x-timer: S1624043115.854483,VS0,VE1
etag: W/"60ccb0ea-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca588d74e6e-FRA
x-styx-req-id: 573360ec-d067-11eb-b79d-3aa163f41238
x-cache-hits: 1, 1

GET
H2 200 jquery.mCustomScrollbar.min.css
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/ 42 KB
4 KB 12ms
10ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4245634
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3359
cf-request-id: 0a091afe7c00004a9e9c256000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-a757"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BeAFEBkWOuioaSR34D0Q7ibhoz4Og8ZjZTY2OOpFBD1RpB687CBBQ9a%2F9FUv%2Ft4t%2FAkN5OWvZ3e3yxGrIa2%2BpyJO%2BjWAgFGzn4cxFxvzY5nAi0VE7FIFrTg%2B89HerDUHTNUYX9lUNGsxFZJ4gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6683aca58f5a4ab6-FRA
expires: Wed, 22 Jun 2022 00:14:31 GMT

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
3 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1535030
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3096
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
x-served-by: cache-fra19172-FRA
date: Fri, 02 Jul 2021 00:14:22 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style-v4.css
therecord.media/wp-content/themes/therecordmedia/assets/css/ 448 KB
74 KB 16ms
14ms Stylesheet
text/css 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1d70b9d4aab9d6da396759b4332eab0e18ec46763d2a00f7c814de59bcd76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/css/style-v4.css
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 199771
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jjb4g
x-cache: HIT, HIT
content-length: 75572
x-served-by: cache-mdw17377-MDW, cache-wdc5542-WDC
last-modified: Tue, 29 Jun 2021 16:31:58 GMT
server: cloudflare
x-timer: S1624985100.028449,VS0,VE1
etag: W/"60db4afe-7015b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: 1d10dccbeab54005aa15e2734d9518ea
accept-ranges: bytes
cf-ray: 6683aca588da4e6e-FRA
x-styx-req-id: b97e981f-d8f7-11eb-9cf1-ee94bcaaf0ad
x-cache-hits: 1, 1

GET
H2 200 custom-v8.css
therecord.media/wp-content/themes/therecordmedia/assets/css/ 7 KB
2 KB 23ms
22ms Stylesheet
text/css 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/css/custom-v8.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b45183c579f914987f820ad8afbf8c102bbb43b1d415ea2ceb35bac37fa9572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/css/custom-v8.css
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 199771
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-59x78
x-cache: MISS, HIT
content-length: 1898
x-served-by: cache-mdw17351-MDW, cache-bwi5032-BWI
last-modified: Tue, 29 Jun 2021 16:31:39 GMT
server: cloudflare
x-timer: S1624985100.589549,VS0,VE0
etag: W/"60db4aeb-1c7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: e31e4012037149c18539f2eb32ebdebd
accept-ranges: bytes
cf-ray: 6683aca588dd4e6e-FRA
x-styx-req-id: b97de432-d8f7-11eb-9f9d-26b2e6fca046
x-cache-hits: 0, 2

GET
H2 200 ytprefs.min.css
therecord.media/wp-content/plugins/youtube-embed-plus/styles/ 6 KB
2 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 643504
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jddwf
x-cache: MISS, HIT
content-length: 1475
x-served-by: cache-mdw17354-MDW, cache-bwi5080-BWI
last-modified: Thu, 24 Jun 2021 13:21:22 GMT
server: cloudflare
x-timer: S1624541368.719767,VS0,VE1
etag: W/"60d486d2-178c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca588de4e6e-FRA
x-styx-req-id: 15c16ed3-d4f0-11eb-96bd-9e3dd2e652ce
x-cache-hits: 0, 1

GET
H2 200 jquery.min.js Show response
therecord.media/wp-includes/js/jquery/ 87 KB
35 KB 23ms
21ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-includes/js/jquery/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141409
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-l9tl8
x-cache: MISS, HIT
content-length: 36073
x-served-by: cache-mdw17333-MDW, cache-bwi5023-BWI
last-modified: Fri, 18 Jun 2021 18:56:24 GMT
server: cloudflare
x-timer: S1624043463.565925,VS0,VE1
etag: W/"60ccec58-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca588df4e6e-FRA
x-styx-req-id: 571a5bd0-d067-11eb-a535-dae0d20f481d
x-cache-hits: 0, 1

GET
H2 200 jquery-migrate.min.js Show response
therecord.media/wp-includes/js/jquery/ 11 KB
5 KB 24ms
22ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141409
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-5mc9d
x-cache: MISS, HIT
content-length: 4565
x-served-by: cache-mdw17367-MDW, cache-bwi5046-BWI
last-modified: Fri, 18 Jun 2021 18:56:29 GMT
server: cloudflare
x-timer: S1624043462.471725,VS0,VE1
etag: W/"60ccec5d-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca588e04e6e-FRA
x-styx-req-id: 570ce0e8-d067-11eb-878c-ae0a4d7663b5
x-cache-hits: 0, 1

GET
H2 200 modernizr_2.8.3.js Show response
therecord.media/wp-content/themes/therecordmedia/assets/js/ 15 KB
7 KB 22ms
20ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce42c50fe7ec95fff7f081318f1c3e04b9230223f3ca0531d114b013cc8db193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141409
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-k527r
x-cache: HIT, HIT
content-length: 6803
x-served-by: cache-mdw17369-MDW, cache-wdc5539-WDC
last-modified: Fri, 18 Jun 2021 18:56:24 GMT
server: cloudflare
x-timer: S1624043463.559652,VS0,VE1
etag: W/"60ccec58-3c92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca588e14e6e-FRA
x-styx-req-id: 570e3de9-d067-11eb-ae7b-5e65bf8051b7
x-cache-hits: 1, 1

GET
H2 200 ytprefs.min.js Show response
therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ 10 KB
4 KB 22ms
19ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 643577
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-59x78
x-cache: MISS, HIT
content-length: 3544
x-served-by: cache-mdw17357-MDW, cache-bwi5042-BWI
last-modified: Thu, 24 Jun 2021 13:21:22 GMT
server: cloudflare
x-timer: S1624541294.072034,VS0,VE1
etag: W/"60d486d2-26a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca6099c4e6e-FRA
x-styx-req-id: e77377f0-d4ef-11eb-9f9d-26b2e6fca046
x-cache-hits: 0, 1

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 905 B
607 B 19ms
17ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: therecord.media
URL: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d633b52033c369f756f6175a0ecfb5245e4c484ecf8955a333401543f05b84

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6
cf-polished: origSize=1012
x-hubspot-correlation-id: 959ffbb2-446f-4d8a-8cfd-2a2987ceff44
cf-bgj: minify
server: cloudflare
x-trace: 2BA11DD15801E36BB197D8F7301138BB05E737849D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6683aca609311f11-FRA
expires: Fri, 02 Jul 2021 00:15:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9153858-16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdb4b344b778aaa6eafae7ceaeb8e5d8cc3b052e36e5553ef88251c24d48c1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36984
x-xss-protection: 0
expires: Fri, 02 Jul 2021 00:14:31 GMT

GET
H2 200 PrimaryLogo-RGB-Carrot.svg
therecord.media/wp-content/uploads/2021/06/ 5 KB
2 KB 20ms
18ms Image
image/svg+xml 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6429c09d26d4abed1c51691f17eb89c9c1fedf440964890e2a0fe9801e93e653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1157408
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jjb4g
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2110
x-served-by: cache-mdw17377-MDW, cache-wdc5533-WDC
access-control-allow-origin: *
last-modified: Fri, 18 Jun 2021 14:43:58 GMT
server: cloudflare
x-timer: S1624027463.123564,VS0,VE1
etag: W/"60ccb12e-1421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca6099d4e6e-FRA
x-styx-req-id: 9f508062-d043-11eb-9cf1-ee94bcaaf0ad
x-cache-hits: 0, 1

GET
H2 200 afghanistan.jpg
therecord.media/wp-content/uploads/2021/07/ 297 KB
298 KB 15ms
13ms Image
image/jpeg 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/wp-content/uploads/2021/07/afghanistan.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436b3699e0b22f2e94f026d6ca0de5be2a3b2b1c37353b079d744565961a7f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/07/afghanistan.jpg
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 40899
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jjb4g
x-cache: HIT, HIT
cf-bgj: h2pri
content-length: 304175
x-served-by: cache-mdw17334-MDW, cache-bwi5038-BWI
last-modified: Thu, 01 Jul 2021 12:42:27 GMT
server: cloudflare
x-timer: S1625143972.938707,VS0,VE1
etag: "60ddb833-4a42f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
x-styx-req-id: 206f284f-da6b-11eb-9cf1-ee94bcaaf0ad
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: 3c8479f67dab42519b1209b111faa816
accept-ranges: bytes
cf-ray: 6683aca6099e4e6e-FRA
x-cache-hits: 1, 1

GET
H2 200 bundle.js Show response
therecord.media/wp-content/themes/therecordmedia/assets/js/ 513 KB
163 KB 15ms
14ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf788cb29e1fc21fe4402eb35d0b1bb2fc6b4f27e91bd6538e31d50a190bd783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/js/bundle.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141409
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-5mc9d
x-cache: MISS, HIT
content-length: 166917
x-served-by: cache-mdw17370-MDW, cache-bwi5045-BWI
last-modified: Fri, 18 Jun 2021 18:56:24 GMT
server: cloudflare
x-timer: S1624043463.505933,VS0,VE1
etag: W/"60ccec58-80485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca5c94b4e6e-FRA
x-styx-req-id: 570344af-d067-11eb-878c-ae0a4d7663b5
x-cache-hits: 0, 1

GET
H2 200 custom-v2.js Show response
therecord.media/wp-content/themes/therecordmedia/assets/js/ 2 KB
833 B 18ms
18ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75aed36290000a36ae62a29e8f1366e3fd90dd6fedfcc6d4467707862883dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/js/custom-v2.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 977935
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-k527r
x-cache: MISS, HIT
content-length: 596
x-served-by: cache-mdw17335-MDW, cache-bwi5070-BWI
last-modified: Sun, 20 Jun 2021 16:33:59 GMT
server: cloudflare
x-timer: S1624206936.187959,VS0,VE1
etag: W/"60cf6df7-60f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca5c94e4e6e-FRA
x-styx-req-id: 5b211bab-d1e5-11eb-ae7b-5e65bf8051b7
x-cache-hits: 0, 1

GET
H3-29 200 jquery.mCustomScrollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/ 39 KB
11 KB 25ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1190793
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10595
cf-request-id: 0abf302ab200000ea7c1005000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-9cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tkrzfzIBZxiS6PxAP5CzEOwXrVBWmh97RiZyJT8nj0mu4xDoFgclsv%2FAW0Sbbj2fNGq%2FDGN2GGOjBjwwZ5Yhhic65%2FnKHNSIWHMc6lL7py3DteYUCUPEkv3QwHOWxScIKXtQQhjivFhb3gp04g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6683aca618d84abc-FRA
expires: Wed, 22 Jun 2022 00:14:31 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 67 KB
22 KB 8ms
5ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 761105
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 22012
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
x-served-by: cache-fra19172-FRA
date: Fri, 02 Jul 2021 00:14:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.js Show response
therecord.media/wp-content/themes/therecordmedia/assets/js/ 44 KB
13 KB 21ms
18ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19cf2a7fde6cc80fca73c6b0e45590fc553db0ca7b1133ea661b93fc379c2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/themes/therecordmedia/assets/js/main.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1141409
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-np279
x-cache: MISS, HIT
content-length: 13562
x-served-by: cache-mdw17374-MDW, cache-bwi5067-BWI
last-modified: Fri, 18 Jun 2021 18:56:23 GMT
server: cloudflare
x-timer: S1624043463.515417,VS0,VE1
etag: W/"60ccec57-b069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca6099b4e6e-FRA
x-styx-req-id: 570fb616-d067-11eb-b79d-3aa163f41238
x-cache-hits: 0, 1

GET
H2 200 fitvids.min.js Show response
therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 21ms
19ms Script
application/x-javascript 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 643578
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jjb4g
x-cache: MISS, HIT
content-length: 1055
x-served-by: cache-mdw17366-MDW, cache-bwi5059-BWI
last-modified: Thu, 24 Jun 2021 13:21:22 GMT
server: cloudflare
x-timer: S1624541293.161689,VS0,VE1
etag: W/"60d486d2-aaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca609a14e6e-FRA
x-styx-req-id: e77503d6-d4ef-11eb-9cf1-ee94bcaaf0ad
x-cache-hits: 0, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: Xu4uJKklkIjM/0aQwo4J1vodgAUzF9WJq9f25xP0PMDRNahNplHiYbAukEhWBW0P5F+scGe9vaqwLhgKfA6NSA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 02 Jul 2021 00:14:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
34 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bfda6b18001320937e65aba74318d90a2273e16ac9b06d0524accc4154a69d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34927
x-xss-protection: 0
expires: Fri, 02 Jul 2021 00:14:31 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 190 KB
55 KB 36ms
7ms Script
application/javascript 2600:9000:20eb:8800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05d91f851a25aaf50298c4e8fe0d4b6e9de001112170c3bb0bb48367f451a515

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 23:15:45 GMT
content-encoding: gzip
age: 349127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 24 May 2021 01:47:29 GMT
server: AmazonS3
etag: W/"ec4d06881dcf5b43aee140a840e270c6"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=691200
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ZRbiljZYZcUyVlRHkCI7hB4iB1DPlg1YhCIAxq4JKKIbEIiCAnKS6A==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 25 KB
8 KB 42ms
14ms Script
application/javascript 2600:9000:20eb:8800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0fbfd8e87d0c89a61b25d68bc9b9eef5595d98e053bb3ffa76a2b9cee01d21c

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 12:41:07 GMT
content-encoding: gzip
age: 128005
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Apr 2021 14:05:18 GMT
server: AmazonS3
etag: W/"d8402aa123982ee26d817f1e28e38219"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=691200
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: v0OPSBm14u7FgIVKbP-7ZRdUTAZPufuEiZMCtoYN0ROfgt_SH23wGg==

GET
H2 200 icomoon.ttf
therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/ 4 KB
3 KB 24ms
22ms Font
application/x-font-ttf 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/icomoon.ttf?fiuh6y

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6db13132ef5e4dc98723529dedf677f84b4993b7db70339cb1de93a910ffce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://therecord.media
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
:path: /wp-content/themes/therecordmedia/assets/fonts/custom/icomoon.ttf?fiuh6y
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: therecord.media
referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://therecord.media
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1157408
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-jjb4g
x-cache: HIT, MISS
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2549
x-served-by: cache-mdw17349-MDW, cache-wdc5541-WDC
access-control-allow-origin: *
last-modified: Fri, 18 Jun 2021 14:42:44 GMT
server: cloudflare
x-timer: S1624027463.309480,VS0,VE20
etag: W/"60ccb0e4-107c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-ttf
via: 1.1 varnish, 1.1 varnish
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 6683aca609a44e6e-FRA
x-styx-req-id: a74dac77-d043-11eb-9cf1-ee94bcaaf0ad
x-cache-hits: 1, 0

GET
H2 200 gudea-400-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/ 8 KB
8 KB 22ms
21ms Font
font/woff2 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-400-latin.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23ec5c633f64e45cdb8119ea2bd55f81bd2bf4a46131cc6e7aa415024db18f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://therecord.media
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
:path: /wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-400-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: therecord.media
referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://therecord.media
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 199771
x-pantheon-styx-hostname: styx-fe2-a-58bcd5f458-8c4hq
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7856
x-served-by: cache-mdw17376-MDW, cache-bwi5079-BWI
last-modified: Tue, 29 Jun 2021 16:31:50 GMT
server: cloudflare
x-timer: S1624985101.917638,VS0,VE1
etag: "60db4af6-1eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: 098d51a241e94cffa42f95d279354978
accept-ranges: bytes
cf-ray: 6683aca609a74e6e-FRA
x-styx-req-id: b9b4745a-d8f7-11eb-b1f5-0299d1aefdeb
x-cache-hits: 0, 1

GET
H2 200 oswald-400-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/ 24 KB
24 KB 17ms
17ms Font
font/woff2 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://therecord.media
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
:path: /wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: therecord.media
referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://therecord.media
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 199770
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-l9tl8
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24064
x-served-by: cache-mdw17344-MDW, cache-bwi5063-BWI
last-modified: Tue, 29 Jun 2021 16:31:50 GMT
server: cloudflare
x-timer: S1624985101.951786,VS0,VE0
etag: "60db4af6-5e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: abb67d84a2d74f03ade28638db064bab
accept-ranges: bytes
cf-ray: 6683aca609a84e6e-FRA
x-styx-req-id: b9b30e93-d8f7-11eb-a535-dae0d20f481d
x-cache-hits: 0, 2

GET
H2 200 oswald-700-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/ 24 KB
24 KB 17ms
17ms Font
font/woff2 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-700-latin.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://therecord.media
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
:path: /wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-700-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: therecord.media
referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://therecord.media
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 199770
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-5mc9d
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24064
x-served-by: cache-mdw17368-MDW, cache-bwi5021-BWI
last-modified: Tue, 29 Jun 2021 16:31:39 GMT
server: cloudflare
x-timer: S1624985102.703693,VS0,VE0
etag: "60db4aeb-5e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: 424c6024d42a462786d6cf82ebe6d1dd
accept-ranges: bytes
cf-ray: 6683aca609a94e6e-FRA
x-styx-req-id: b9b2e2f0-d8f7-11eb-878c-ae0a4d7663b5
x-cache-hits: 0, 3

GET
H2 200 gudea-700-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/ 8 KB
8 KB 22ms
21ms Font
font/woff2 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-700-latin.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d3367b895674ec706b02be65ae0ee7416f158836f88ddc1d3e469e3bdd6cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
origin: https://therecord.media
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
:path: /wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-700-latin.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: therecord.media
referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://therecord.media
Referer: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 199770
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-l9tl8
x-cache: MISS, HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7932
x-served-by: cache-mdw17370-MDW, cache-bwi5036-BWI
last-modified: Tue, 29 Jun 2021 16:31:50 GMT
server: cloudflare
x-timer: S1624985101.957531,VS0,VE1
etag: "60db4af6-1efc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: a0154d52e2e149f7b036e069f24e40f0
accept-ranges: bytes
cf-ray: 6683aca609aa4e6e-FRA
x-styx-req-id: b9b94ace-d8f7-11eb-a535-dae0d20f481d
x-cache-hits: 0, 2

GET
H2 200 BoxCaon-IndigoZebra-attack.png
therecord.media/wp-content/uploads/2021/07/ 30 KB
31 KB 15ms
15ms Image
image/png 2606:4700::6812:621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/wp-content/uploads/2021/07/BoxCaon-IndigoZebra-attack.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7f956e7c0ec5ec9f51d5e979b52462f15a0c2df9c465838c2d13a905914766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:path: /wp-content/uploads/2021/07/BoxCaon-IndigoZebra-attack.png
pragma: no-cache
cookie: SSESS7e8f56d238e846ac39db66ecda931426=47413bd412ba402035ae728104ca1e73; wordpress_google_apps_login=5faaad20804fff5b7fdbf9f8ab85c1a8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: therecord.media
referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 40899
x-pantheon-styx-hostname: styx-fe2-b-64744c95b6-l67tl
x-cache: HIT, MISS
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 31117
x-served-by: cache-mdw17346-MDW, cache-bwi5076-BWI
last-modified: Thu, 01 Jul 2021 12:42:36 GMT
server: cloudflare
x-timer: S1625143972.058832,VS0,VE19
etag: "60ddb83c-798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-styx-req-id: 207a14c6-da6b-11eb-8f99-12b3877e0091
expires: Sun, 03 Jul 2022 00:14:31 GMT
cache-control: public, max-age=31622400
pantheon-trace-id: f540b83c7c594841beb7388b206b09ae
accept-ranges: bytes
cf-ray: 6683aca65a424e6e-FRA
x-cache-hits: 1, 0

GET
H3-29 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 854163
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1046
cf-request-id: 0ad340bd0b00002c2655804000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DTngpda%2F0Sc0BltvwMHyxL7nrwimJN98s15duS8hbzcZd0rMUal74VlxVu2HfZfn2kCxIn%2Bjer92VhPKCR07Rqy9CJYRy52sdGEFeQ79fAcDSfKPEAiea53yL%2FP7%2BgxG9EHX0TshhZjRA5yLkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6683aca699944abc-FRA
expires: Wed, 22 Jun 2022 00:14:31 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97ccbde9d9264f2d73e8ec68b54c2dd4465d6055a49929acef4a6c9edc48f0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 02 Jul 2021 00:14:31 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1625184600000/ 63 KB
19 KB 16ms
16ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1625184600000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd9ef4e5f96881b0e06393b01a1be3d5bc305fcd5db934f11cbf624f597a59a

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 241
x-amz-server-side-encryption: AES256
x-amz-request-id: HX33HD66D0AY0F0V
x-amz-id-2: Po9AqX/MQiqHrkd3XqeNZxooZkEZVnD8UsKS95A7h0hc0cKTC5xIThhjpxRYfS8dXu4rvlpcJzo=
last-modified: Wed, 12 May 2021 18:57:36 GMT
server: cloudflare
etag: W/"8b75207fa99f9374d95a48051c8d7d92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 6683aca69e354e8b-FRA
expires: Fri, 02 Jul 2021 00:15:30 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
14 KB 14ms
14ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792599204b3470d68b161c0b0563d0fd34d94378a0fc469b8237480266bb08a3

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 241
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: FHG0M1M299WXHNR2
x-amz-id-2: BV+r1E/bhhVdWbFYuDZvkNeibDw362x8Z0ubQ71ACXvx7fK6VDBm4c+Fgqu8OaSAJOcOixj7vQw=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:24:50 GMT
server: cloudflare
etag: W/"5866c0147754cfe58ba0160535a2c32e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: PzGKeZbJ72n93.Md6jSBqpQ8wMZpeNuX
access-control-allow-origin: https://therecord.media
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6683aca69f214ebc-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 02 Jul 2021 00:15:30 GMT

GET
H3-29 200 781647205981775 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/781647205981775?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a99c1c0c3e8eef34ce28c1f536d467da8ced4c5fa2c64851381765ca1c29e18c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75594
x-xss-protection: 0
pragma: public
x-fb-debug: Ip/w3EjV29PrzQv3A/ZCBc0D5yMOqdpcRhTD6dXnsgtbx/RKGAp/ttDtKd5f9lAekBuThIrtWSFr+ZFLG/YIOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 02 Jul 2021 00:14:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Response matomo.php
recordedfuture.matomo.cloud/ 0
246 B 169ms
64ms Ping
text/plain 18.196.53.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FChinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=308030&h=2&m=14&s=31&url=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&_id=5ee0c71e47a177b5&_idn=1&_rcn=hs_email&_refts=1625184871&send_image=0&cookie=1&res=1600x1200&pv_id=p8hmjQ&fa_pv=1&fa_fp[0][fa_vid]=8KtiHl&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=JGmLpe&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=RlCkG0&fa_fp[3][fa_fv]=1&pf_net=17&pf_srv=684&pf_tfr=90&pf_dm1=177
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.53.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-53-208.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin: https://therecord.media
Date: Fri, 02 Jul 2021 00:14:31 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 5fcff613fdfb0dbe15ddb3c49d4f54cd
secure.gravatar.com/avatar/ 3 KB
3 KB 19ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g
Requested by: Host: therecord.media
URL: https://therecord.media/chinese-cyberspies-targeted-the-afghan-national-security-council/?utm_source=hs_email&utm_medium=email&utm_content=137667355&_hsmi=137667355&_hsenc=p2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f9dbfba2249f983c34ca80b4b4bbae5e4a0931683fdce8b2d5da86d90839960c

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 02 Jul 2021 00:14:31 GMT
last-modified: Fri, 05 Mar 2021 15:49:20 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="5fcff613fdfb0dbe15ddb3c49d4f54cd.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g>; rel="canonical"
content-length: 3268
expires: Fri, 02 Jul 2021 00:19:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1986
date: Thu, 01 Jul 2021 23:41:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 01:41:25 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 23 KB
8 KB 80ms
26ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 7764
Pragma: no-cache
Last-Modified: Wed, 17 Mar 2021 01:04:50 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "605155b2-5d6b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 02 Jul 2021 00:14:31 GMT

GET
H/1.1 200
OK configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
361 B 91ms
35ms Script
application/javascript 18.196.53.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=vYpRFI&url=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.53.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-53-208.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: f0f9f73838a7de8323556c2bb06dd1b7b53e9f80bd72a4b1a147a7bf69b4fe88

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:31 GMT
Content-Encoding: gzip
Server: Apache
Content-Length: 119
Vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
Content-Type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=781647205981775&ev=PageView&dl=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&rl=&if=false&ts=1625184871525&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625184871524.1373106116&it=1625184871461&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 02 Jul 2021 00:14:31 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/7acefd5d/www-widgetapi.vflset/ 125 KB
42 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7acefd5d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c42175610795bd8f0848c1d6bd5986c4f779c7b7bb007aa63760e2e55c97dcea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 18:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 00:20:32 GMT
server: sffe
age: 19905
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42727
x-xss-protection: 0
expires: Fri, 01 Jul 2022 18:42:46 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1513797266&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&ul=en-us&de=UTF-8&dt=Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1121712513&gjid=785503084&cid=1198469364.1625184872&tid=UA-9153858-16&_gid=1411432107.1625184872&_r=1&gtm=2ou6u0&z=1358253593

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 00:14:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
371 B 91ms
30ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2b52f0c156f09f0913ecb37af43364f8a682c2f5b39356198ec8b4e31d0c0ae3

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:31 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://therecord.media
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 262ms
188ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=8dc88f28-0c21-4c27-8fc7-961d1401ae68&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A31%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:31 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
749 B 39ms
39ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F&pu=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&t=Chinese+cyberspies+targeted+the+Afghan+National+Security+Council+-+The+Record+by+Recorded+Future&cts=1625184871893&vi=378788b2289c6738697e2d76154153f5&nc=true&u=156209188.378788b2289c6738697e2d76154153f5.1625184871889.1625184871889.1625184871889.1&b=156209188.1.1625184871890&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 00:14:31 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 62ec5672-d28e-492e-983c-03afc620aa15
cf-ray: 6683aca95f4c1e47-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ulS4xnlp7iPeReGq808hPEaZ3MnfmzxqWRclgVAk7grGlyRtIPJiYc04QmCx%2Fhi9eYQlBTFkxbpXCUziKD3D24YOTsWLKRESq475Zd55sZXIzZQR8QeinoEZG7%2FWlCie3q4uhUyeeWsqDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 15ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycR0As6vrbR8jaz1h

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 02 Jul 2021 00:14:32 GMT
content-type: text/plain
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 187ms
186ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb100210090000675ade6044020000dc2a1200&session=8dc88f28-0c21-4c27-8fc7-961d1401ae68&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A31%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:32 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
196ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A32%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:33 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 192ms
191ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A33%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:34 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 193ms
193ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A34%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:35 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 190ms
190ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A35%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:36 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
193ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A36%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226008%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:37 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 187ms
187ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227009%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 193ms
193ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A38%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%228009%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 186ms
186ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A39%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229010%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:40 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 187ms
187ms Image
image/gif 104.82.195.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=3eac76df-0403-4f36-85a5-94d62716dcf2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2002%20Jul%202021%2000%3A14%3A40%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%2210012%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Chinese%20cyberspies%20targeted%20the%20Afghan%20National%20Security%20Council%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fchinese-cyberspies-targeted-the-afghan-national-security-council%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D137667355%26_hsmi%3D137667355%26_hsenc%3Dp2ANqtz-8Z2sxvNXchmTiE3YZZP13hylUk5qk0D1dUuA8FC81l6jY7uPtSCSu_b0YUKZFS4ppWF1rKc_21y_aFwMDopLKesZy3UA&pageViewId=91dcffbb-bd01-4d12-82a5-f022805f5b95

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.82.195.159 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-82-195-159.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:14:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-19 19:26:26	Name: __hssc Value: 156209188.1.1625184871890
.therecord.media/	1970-01-20 04:48:00	Name: hubspotutk Value: 378788b2289c6738697e2d76154153f5
.therecord.media/	1970-01-20 04:48:00	Name: __hstc Value: 156209188.378788b2289c6738697e2d76154153f5.1625184871889.1625184871889.1625184871889.1
therecord.media/	1970-01-20 12:57:36	Name: _gd_visitor Value: fe111e5c-d8b0-485b-8fd1-6521fe1f0722
therecord.media/	1970-01-20 12:57:36	Name: _gd_svisitor Value: 36bb100210090000675ade6044020000dc2a1200
therecord.media/	1970-01-19 19:26:39	Name: _gd_session Value: 8dc88f28-0c21-4c27-8fc7-961d1401ae68
.therecord.media/	1970-01-19 21:36:00	Name: _fbp Value: fb.1.1625184871524.1373106116
.therecord.media/	1970-01-19 23:49:12	Name: _pk_ref.2.de70 Value: %5B%22hs_email%22%2C%22%22%2C1625184871%2C%22%22%5D
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
therecord.media/	1969-12-31 23:59:59	Name: wordpress_google_apps_login Value: 5faaad20804fff5b7fdbf9f8ab85c1a8
.therecord.media/	1970-01-19 19:26:24	Name: _gat_gtag_UA_9153858_16 Value: 1
.therecord.media/	1970-01-20 12:57:36	Name: _ga Value: GA1.2.1198469364.1625184872
.therecord.media/	1970-01-19 19:26:26	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-19 19:27:51	Name: _gid Value: GA1.2.1411432107.1625184872
.therecord.media/	1970-01-20 04:52:20	Name: _pk_id.2.de70 Value: 5ee0c71e47a177b5.1625184871.
.therecord.media/	1969-12-31 23:59:59	Name: SSESS7e8f56d238e846ac39db66ecda931426 Value: 47413bd412ba402035ae728104ca1e73

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/sc2/MmZ-8yklNftW6qmPDC6jS2TxW6vsmD78kmNfkVrTRf_5hpbXNdBzP8T04(Line 13) Message: toS
console-api	log	URL: https://therecord.media/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js(Line 2) Message: YT API ready 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.jsdelivr.net
cdn.matomo.cloud
cdnjs.cloudflare.com
connect.facebook.net
go.recordedfuture.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
recordedfuture.matomo.cloud
secure.gravatar.com
therecord.media
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.111.233.140
104.82.195.159
18.196.53.208
2600:9000:20eb:8800:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700::6810:125e
2606:4700::6811:46b0
2606:4700::6811:d2cc
2606:4700::6812:14bf
2606:4700::6812:621
2606:4700::6813:9a53
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:82f::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a04:fa87:fffe::c000:4902
00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05d91f851a25aaf50298c4e8fe0d4b6e9de001112170c3bb0bb48367f451a515
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
2b52f0c156f09f0913ecb37af43364f8a682c2f5b39356198ec8b4e31d0c0ae3
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266
3b45183c579f914987f820ad8afbf8c102bbb43b1d415ea2ceb35bac37fa9572
436b3699e0b22f2e94f026d6ca0de5be2a3b2b1c37353b079d744565961a7f59
4a6db13132ef5e4dc98723529dedf677f84b4993b7db70339cb1de93a910ffce
4b7f956e7c0ec5ec9f51d5e979b52462f15a0c2df9c465838c2d13a905914766
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5bfda6b18001320937e65aba74318d90a2273e16ac9b06d0524accc4154a69d6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6429c09d26d4abed1c51691f17eb89c9c1fedf440964890e2a0fe9801e93e653
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75aed36290000a36ae62a29e8f1366e3fd90dd6fedfcc6d4467707862883dda4
792599204b3470d68b161c0b0563d0fd34d94378a0fc469b8237480266bb08a3
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8fd9ef4e5f96881b0e06393b01a1be3d5bc305fcd5db934f11cbf624f597a59a
97ccbde9d9264f2d73e8ec68b54c2dd4465d6055a49929acef4a6c9edc48f0e6
a99c1c0c3e8eef34ce28c1f536d467da8ced4c5fa2c64851381765ca1c29e18c
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
b0fbfd8e87d0c89a61b25d68bc9b9eef5595d98e053bb3ffa76a2b9cee01d21c
bc1d70b9d4aab9d6da396759b4332eab0e18ec46763d2a00f7c814de59bcd76b
bf788cb29e1fc21fe4402eb35d0b1bb2fc6b4f27e91bd6538e31d50a190bd783
c42175610795bd8f0848c1d6bd5986c4f779c7b7bb007aa63760e2e55c97dcea
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
ce42c50fe7ec95fff7f081318f1c3e04b9230223f3ca0531d114b013cc8db193
d19cf2a7fde6cc80fca73c6b0e45590fc553db0ca7b1133ea661b93fc379c2bb
d8d633b52033c369f756f6175a0ecfb5245e4c484ecf8955a333401543f05b84
da1b60970149580c709bbc357622d24e7029d658e852e74ef1d861ffb22ad219
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df248833efb025de7b400819fe3d7643bb5ec6d04ade78c3e7772b6c4b5b8877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3367b895674ec706b02be65ae0ee7416f158836f88ddc1d3e469e3bdd6cd4
e97ff069cb22bf3826d87b15e7cf129bad222ce102f8844852a593ec64fa242a
f0f9f73838a7de8323556c2bb06dd1b7b53e9f80bd72a4b1a147a7bf69b4fe88
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f23ec5c633f64e45cdb8119ea2bd55f81bd2bf4a46131cc6e7aa415024db18f1
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
f9dbfba2249f983c34ca80b4b4bbae5e4a0931683fdce8b2d5da86d90839960c
fdb4b344b778aaa6eafae7ceaeb8e5d8cc3b052e36e5553ef88251c24d48c1e3

therecord.media Open in urlscan Pro 2606:4700::6812:621 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

83 %IPv6

16 Domains

19 Subdomains

18 IPs

4 Countries

1119 kBTransfer

2901 kBSize

16 Cookies

11 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700::6812:621 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

83 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

1119 kB
Transfer

2901 kB
Size

16
Cookies

59 HTTP transactions
0 data transactions