therecord.media Open in urlscan Pro
34.73.189.215  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/ekkljm3vIz Page URL
2. https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	ekkljm3vIz t.co/	374 B 581 B	228ms 153ms	Document text/html	104.244.42.69 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/ekkljm3vIz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.69 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers cache-control private,max-age=300 content-encoding gzip content-length 210 content-type text/html; charset=utf-8 date Tue, 21 Mar 2023 15:28:57 GMT expires Tue, 21 Mar 2023 15:33:58 GMT perf 7626143928 server tsa_o strict-transport-security max-age=0 vary Origin x-connection-hash a89cf3fd7fbb219fff2e7c55ce5ba8e719e0da8f8aa54e771abdc9e13399684f x-response-time 128 x-transaction-id ce636e1be4d65f8d x-xss-protection 0
GET H2	200	Primary Request royal-dirkzwager-ransomware-attack-dutch-shipping Show response therecord.media/	41 KB 9 KB	407ms 133ms	Document text/html	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Requested by Host: t.co URL: https://t.co/ekkljm3vIz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Next.js Resource Hash 1a1a22bf5500eed589503fe502e815464cf22c22e0601e82906b92a697f50776 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers cache-control s-maxage=60, stale-while-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Tue, 21 Mar 2023 15:28:58 GMT etag "a38b-04Mbuhf520uzUzohI0EnhKf3QRI" permissions-policy geolocation=(self "https://*.recordedfuture.com/") strict-transport-security max-age=0 traceresponse 00-174e78ce54218b4625e80b85a196852e-34c00c1f515f88ea-00 vary Accept-Encoding x-debug-info eyJyZXRyaWVzIjowfQ== x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y x-platform-processor xgztqld4evaw2suiwyeszt2fga x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u x-powered-by Next.js
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	178ms 97ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-9153858-16 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0daae0f5a59298864f356794c2957cd51eb6a49efec721ea7168ca32dad3b52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44634 x-xss-protection 0 last-modified Tue, 21 Mar 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 21 Mar 2023 15:28:58 GMT
GET H2	200	Shipping_400dc333b1.jpg cms.therecord.media/uploads/	78 KB 78 KB	552ms 242ms	Image image/jpeg	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.therecord.media/uploads/Shipping_400dc333b1.jpg?w=1920 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 30e278279713d67cfe17be0ae66aba84473aa76b84039a5ff1b911a6e34f2bce Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT strict-transport-security max-age=0 last-modified Fri, 17 Mar 2023 15:58:08 GMT traceresponse 00-174e78ce6f70b2d898f4266ddff5d157-9cbffcfb4a474dfc-00 etag "64148e10-13931" vary Accept-Encoding x-platform-cluster r6uchqjqwmfqi-production-vohbr3y content-type image/jpeg x-platform-processor yzs7ggztuurocnodlgeyqu6sde cache-control max-age=300 x-debug-info eyJyZXRyaWVzIjowfQ== accept-ranges bytes content-length 80177 x-platform-router qk5ll65emgqnxbcwb6fko7g64m expires Tue, 21 Mar 2023 15:33:59 GMT
GET H2	200	T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg cms.therecord.media/uploads/	52 KB 53 KB	389ms 122ms	Image image/jpeg	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.therecord.media/uploads/T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg?w=1920 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT strict-transport-security max-age=0 last-modified Mon, 06 Mar 2023 21:07:55 GMT traceresponse 00-174e78ce6f717d482018cc4c06ac3fac-84bf1f02b791a79a-00 etag "6406562b-d16c" vary Accept-Encoding x-platform-cluster r6uchqjqwmfqi-production-vohbr3y content-type image/jpeg x-platform-processor yzs7ggztuurocnodlgeyqu6sde cache-control max-age=300 x-debug-info eyJyZXRyaWVzIjowfQ== accept-ranges bytes content-length 53612 x-platform-router qk5ll65emgqnxbcwb6fko7g64m expires Tue, 21 Mar 2023 15:33:59 GMT
GET H2	200	The_Record_Centered_9b27d79125.svg cms.therecord.media/uploads/	7 KB 3 KB	388ms 122ms	Image image/svg+xml	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding br strict-transport-security max-age=0 last-modified Thu, 12 Jan 2023 17:06:51 GMT traceresponse 00-174e78ce6f71294cad5c1591df3ce341-43499545f3423b0b-00 etag W/"63c03e2b-1c5f" vary Accept-Encoding x-platform-cluster r6uchqjqwmfqi-production-vohbr3y content-type image/svg+xml x-platform-processor yzs7ggztuurocnodlgeyqu6sde cache-control max-age=300 x-debug-info eyJyZXRyaWVzIjowfQ== x-platform-router qk5ll65emgqnxbcwb6fko7g64m expires Tue, 21 Mar 2023 15:33:59 GMT
GET H2	200	1c961ab38b917749.css therecord.media/_next/static/css/	53 KB 10 KB	145ms 143ms	Stylesheet text/css	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/css/1c961ab38b917749.css Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 51fd18749afc27e1809dddc215120cc9d95ef9420f7c7ca446c632ee892c26c6 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5d0f235417fdfc066a6999bf-68a2b373730c9c79-00 etag W/"d26e-187000f2ed4" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type text/css; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	webpack-5752944655d749a0.js Show response therecord.media/_next/static/chunks/	2 KB 948 B	141ms 138ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbaaebe0fd7fa1d5abaaa5b-f5919bcb2cd2b2b2-00 etag W/"673-187000f2ed4" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	framework-5f4595e5518b5600.js Show response therecord.media/_next/static/chunks/	127 KB 41 KB	141ms 138ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbc16c0090f1804d82f991d-d703d40ad3ea7ddd-00 etag W/"1fbbb-187000f2ed1" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	main-a054bbf31fb90f6a.js Show response therecord.media/_next/static/chunks/	98 KB 27 KB	143ms 140ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbadea0f46360537a4f10a6-1118df8b005d0e09-00 etag W/"186c8-187000f2ed1" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	_app-2024e4aaf5b4a59e.js Show response therecord.media/_next/static/chunks/pages/	114 KB 36 KB	264ms 262ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbb503a81048645959a1f8f-63a53505e0c52850-00 etag W/"1c769-187000f2ed2" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	735-7645aca2d71731dd.js Show response therecord.media/_next/static/chunks/	937 KB 250 KB	354ms 352ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbe5fac0b8a159d569dc283-ed031e8ca3cc6a8e-00 etag W/"ea276-187000f2ed1" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	%5B%5B...slug%5D%5D-5f74a6930b20b440.js Show response therecord.media/_next/static/chunks/pages/	56 KB 12 KB	210ms 209ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-5f74a6930b20b440.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 66ca4e112daf3c124324358389f02480ca0a7d5209ee903531375a88b7acbcca Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbcbdc6149ba64a43df1802-7e0846266f571a96-00 etag W/"dff5-187000f2ed2" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	_buildManifest.js Show response therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/	1 KB 524 B	143ms 141ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/_buildManifest.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 2c5900bbea56f2a18c8261f9a6c5dda8b8ad7377a526024939596a3b6047208d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbcdfa996e7a61ccb1e08b0-f5b640397eda1349-00 etag W/"43f-187000f2ed5" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	_ssgManifest.js Show response therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/	99 B 220 B	136ms 134ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/_ssgManifest.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce5fbd4ba905a449a756c49b70-b04c0288676e26d1-00 etag W/"63-187000f2ed5" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes content-length 99 x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	_middlewareManifest.js Show response therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/	92 B 184 B	653ms 652ms	Script application/javascript	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/static/vomjVW3KGwH0nzFFbX7mN/_middlewareManifest.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:26:47 GMT traceresponse 00-174e78ce649fcd01e3bbaa5d2c220e9a-c542082875fc2364-00 etag W/"5c-187000f2ed5" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/javascript; charset=UTF-8 x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=31536000, immutable x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes content-length 92 x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	gtm.js Show response www.googletagmanager.com/	142 KB 54 KB	88ms 53ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5324279845b630ba11d8c4994e6bc656ec33ebf8703b55dccbe627f7f3955a71 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54753 x-xss-protection 0 last-modified Tue, 21 Mar 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 21 Mar 2023 15:28:58 GMT
GET H2	200	matomo.js Show response cdn.matomo.cloud/recordedfuture.matomo.cloud/	199 KB 58 KB	95ms 26ms	Script application/javascript	2600:9000:2156:da00:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:da00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 12:01:22 GMT x-amz-version-id T3VVylcW4ZUVSABprJtJmBafSdXY4jAi content-encoding gzip via 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 age 12457 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 07 Feb 2023 02:15:06 GMT server AmazonS3 etag W/"3e98a39e2d8f2b464999b40df3c2172d" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=691200 x-amz-cf-id 2-jjVy0xgMLWszWn_bHLHlIfJq3iQntopb2agCp_FvFBFrDeJrKaIg==
GET H2	200	container_41sBJe2I.js Show response cdn.matomo.cloud/recordedfuture.matomo.cloud/	27 KB 9 KB	96ms 28ms	Script application/javascript	2600:9000:2156:da00:c:7d55:b3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:da00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 12:09:59 GMT x-amz-version-id qfWuDlDjmwmn8lRN4xF2ccxR21WuJHO0 content-encoding gzip via 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 age 11940 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 19 Oct 2022 22:01:49 GMT server AmazonS3 etag W/"839ec9cd752c4e512960109f6ac6b404" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=691200 x-amz-cf-id m0aFWMVTI4L-TnCOYULyulQYs7uSPKNNQlnE_YwDYEj9_xCk3QooBA==
GET H2	200	Inter-Medium.ttf therecord.media/fonts/	307 KB 152 KB	262ms 260ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/fonts/Inter-Medium.ttf Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce67698ac979901bd32b2ba3d0-7f9ae9effe8c864f-00 etag W/"4cd58-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	icomoon.ttf therecord.media/icons/fonts/	5 KB 3 KB	263ms 260ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce676df07fc6b3dcd700fb24b3-9f3532f550e53ca4-00 etag W/"1304-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	Inter-Bold.ttf therecord.media/fonts/	309 KB 154 KB	265ms 263ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/fonts/Inter-Bold.ttf Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce676e488a564135d3949e42be-6e687d0c778e777e-00 etag W/"4d2c4-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	Inter-SemiBold.ttf therecord.media/fonts/	308 KB 153 KB	265ms 263ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/fonts/Inter-SemiBold.ttf Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce676eb8c7be17514ee496e6ce-b8b66daf0cf9fd0a-00 etag W/"4d16c-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	Inter-Regular.ttf therecord.media/fonts/	303 KB 144 KB	351ms 350ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/fonts/Inter-Regular.ttf Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce676ff444b17f8074efa2c7a5-6b876dd78b326211-00 etag W/"4ba44-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	Inter-ExtraBold.ttf therecord.media/fonts/	309 KB 154 KB	351ms 350ms	Font font/ttf	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/fonts/Inter-ExtraBold.ttf Requested by Host: therecord.media URL: https://therecord.media/_next/static/css/1c961ab38b917749.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://therecord.media/_next/static/css/1c961ab38b917749.css Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding gzip strict-transport-security max-age=0 last-modified Mon, 20 Mar 2023 17:18:59 GMT traceresponse 00-174e78ce677159e3dd46cd3df3ea00bf-597cf10d7a0f0319-00 etag W/"4d52c-187000807b8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type font/ttf x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0 x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") accept-ranges bytes x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
POST H2	204	matomo.php recordedfuture.matomo.cloud/	0 167 B	127ms 64ms	Ping text/plain	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FDutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack&idsite=2&rec=1&r=605205&h=15&m=28&s=58&url=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&urlref=https%3A%2F%2Ft.co%2F&_id=18d44292d82f23d7&_idn=1&send_image=0&_refts=1679412539&_ref=https%3A%2F%2Ft.co%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=RgQ8Nr&fa_pv=1&fa_fp[0][fa_vid]=NnGYRx&fa_fp[0][fa_fv]=1&pf_net=274&pf_srv=133&pf_tfr=121&pf_dm1=117&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://therecord.media date Tue, 21 Mar 2023 15:28:59 GMT access-control-allow-credentials true server Apache vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
GET H2	200	64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response j.6sc.co/j/	531 B 866 B	559ms 456ms	Script application/json	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 77e1f221ae47b1c3c3e06743bffea6374204459a0a5924014102a05c54f35a9f Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-version-id 0GVJh7ZOXD6_tdQ6CUkTfTmxCowh.G7I date Tue, 21 Mar 2023 15:28:59 GMT last-modified Thu, 16 Mar 2023 19:12:28 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 x-amz-server-side-encryption AES256 etag "a1717bb70faa07a23de6e87b47fd9542" vary Accept-Encoding content-type application/json x-amz-meta-content-type application/json accept-ranges bytes content-length 531 x-amz-cf-id ZhoWeTv7fDgu3OIoDrFy3mh5eXv3OfzNnT28p12B7Yme6E8EVw0iEA==
GET H2	200	6si.min.js Show response j.6sc.co/	33 KB 11 KB	126ms 26ms	Script application/javascript	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: t.co URL: https://t.co/ekkljm3vIz Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 09 Mar 2023 21:36:45 GMT server nginx/1.14.0 (Ubuntu) etag "640a516d-8319" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 10492 expires Tue, 21 Mar 2023 15:28:59 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	51ms 50ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-9153858-16&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 78f0d211c373758204991a5f5ba679b9b84f57b9d6858a083a5b692e442fb896 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:58 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44644 x-xss-protection 0 last-modified Tue, 21 Mar 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 21 Mar 2023 15:28:58 GMT
GET H2	200	configs.php Show response recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/	116 B 291 B	75ms 31ms	Script application/javascript	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=DRxQIN&url=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 2f5f0e2ed7d6b2a0e8b4f6350ca12cf3a25be821a0d607dc3dd25efcae9e4c74 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip server Apache content-length 119 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type application/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	83ms 25ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 21 Mar 2023 15:19:33 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 566 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 21 Mar 2023 17:19:33 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	33ms 31ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1517764668&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1040513478&gjid=1019354289&cid=1239930663.1679412539&tid=UA-9153858-16&_gid=232544407.1679412539&_r=1&gtm=457e33f0&z=919734928 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://therecord.media cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 821 B	124ms 44ms	XHR application/json	185.89.210.101 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 21 Mar 2023 15:28:59 GMT AN-X-Request-Uuid f7c08eee-ddf8-4d86-a765-20a3bfb1f29a Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://therecord.media Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 192.145.127.215; 192.145.127.215; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 201 B	68ms 38ms	XHR text/html	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://therecord.media access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	18 B 306 B	178ms 38ms	XHR text/html	2a02:26f0:280:4::213:784c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:280:4::213:784c Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7c1a5f682648a72bbb85e721f07412653b9c0c71413f677d224e3f06cd2d22fd Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 15:28:59 GMT vary Origin content-type text/html access-control-allow-origin https://therecord.media cache-control max-age=0, no-cache, no-store 6si-ipv6 2001:ac8:24:44::17 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466503_34830156_261452991_13_631_37_0";dur=1 content-length 18 expires Tue, 21 Mar 2023 15:28:59 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	240ms 210ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	details Show response epsilon.6sense.com/v3/company/	724 B 571 B	81ms 30ms	XHR application/json	18.185.166.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.166.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-166-222.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8f5bac49233bf569fd97fc84cee5aa08a1e4c9978965b1c42b44edee47d506a8 Request headers Referer https://therecord.media/ accept-language it-IT,it;q=0.9 Authorization Token edabaa1866fe08952dde1be9ff37302d63145f08 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://therecord.media access-control-allow-credentials true content-length 387
OPTIONS H2	200	details epsilon.6sense.com/v3/company/	0 0	95ms 27ms	Preflight	18.185.166.222 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.166.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-166-222.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://therecord.media Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization access-control-allow-methods OPTIONS,GET access-control-allow-origin https://therecord.media access-control-max-age 1800 date Tue, 21 Mar 2023 15:28:59 GMT server nginx
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	211ms 210ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A24%3A44%3A%3A17%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 23 B	36ms 36ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1517764668&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aEDAAUABAAAAACAAI~&jid=1547221569&gjid=946263324&cid=1239930663.1679412539&tid=UA-9153858-16&_gid=232544407.1679412539&_r=1&_slc=1&gtm=45He33f0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=849555607 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://therecord.media cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 821 B	37ms 36ms	XHR application/json	185.89.210.101 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 21 Mar 2023 15:28:59 GMT AN-X-Request-Uuid 0fafee0e-783d-49ec-885e-6974387a63bb Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://therecord.media Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 192.145.127.215; 192.145.127.215; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	220ms 219ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22541%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	237ms 236ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22542%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	238ms 237ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22542%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	220ms 220ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22543%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0 Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	241ms 241ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%22543%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Requested by Host: therecord.media URL: https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	articles Show response cms.therecord.media/api/	8 KB 9 KB	800ms 557ms	XHR application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2703&filters[date][$lte]=2023-03-17T16%3A10%3A00.000Z&$or[0][showFrom][$null]=true&$or[1][showFrom][$lte]=2023-03-21T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Strapi <strapi.io> Resource Hash 8f04467b170dc6c0fc00a891567472a65d07e23c255714694e9cd979ad8314e4 Security Headers Name Value Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' date Tue, 21 Mar 2023 15:29:00 GMT x-content-type-options nosniff strict-transport-security max-age=0 x-permitted-cross-domain-policies none traceresponse 00-174e78cea28a9ea849bd9d5e3a74bf1b-c2f6bf319baf1516-00 x-powered-by Strapi <strapi.io> x-dns-prefetch-control off x-platform-processor yzs7ggztuurocnodlgeyqu6sde content-length 8621 referrer-policy no-referrer expect-ct max-age=0 vary Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://therecord.media x-download-options noopen x-debug-info eyJyZXRyaWVzIjowfQ== access-control-allow-credentials true x-platform-cluster r6uchqjqwmfqi-production-vohbr3y x-platform-router qk5ll65emgqnxbcwb6fko7g64m
GET H2	200	articles Show response cms.therecord.media/api/	10 KB 10 KB	801ms 559ms	XHR application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2703&filters[date][$gte]=2023-03-17T16%3A10%3A00.000Z&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-03-21T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Strapi <strapi.io> Resource Hash 6fe62b308cb5a719501770e73854d5dc80c486dd110bf18aad48d30e02e389e7 Security Headers Name Value Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' date Tue, 21 Mar 2023 15:29:00 GMT x-content-type-options nosniff strict-transport-security max-age=0 x-permitted-cross-domain-policies none traceresponse 00-174e78cea28b4fa7e05f4e0dc8d0d4cf-a60dc62be863a24c-00 x-powered-by Strapi <strapi.io> x-dns-prefetch-control off x-platform-processor yzs7ggztuurocnodlgeyqu6sde content-length 10235 referrer-policy no-referrer expect-ct max-age=0 vary Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://therecord.media x-download-options noopen x-debug-info eyJyZXRyaWVzIjowfQ== access-control-allow-credentials true x-platform-cluster r6uchqjqwmfqi-production-vohbr3y x-platform-router qk5ll65emgqnxbcwb6fko7g64m
GET H2	200	articles Show response cms.therecord.media/api/	198 KB 199 KB	530ms 288ms	XHR application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[isBrief][$eq]=true&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-03-21T00%3A00%3A00.000Z&sort[0]=date%3Adesc Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Strapi <strapi.io> Resource Hash 396270f4f61ce14f8e0671e9e55fe4e3ce53f4b6cf4f4325c9d58d2c4cff3c08 Security Headers Name Value Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' date Tue, 21 Mar 2023 15:29:00 GMT x-content-type-options nosniff strict-transport-security max-age=0 x-permitted-cross-domain-policies none traceresponse 00-174e78cea28b0ac2bc87cb276c6b3c69-8b7d0090602e858f-00 x-powered-by Strapi <strapi.io> x-dns-prefetch-control off x-platform-processor yzs7ggztuurocnodlgeyqu6sde content-length 202776 referrer-policy no-referrer expect-ct max-age=0 vary Origin x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://therecord.media x-download-options noopen x-debug-info eyJyZXRyaWVzIjowfQ== access-control-allow-credentials true x-platform-cluster r6uchqjqwmfqi-production-vohbr3y x-platform-router qk5ll65emgqnxbcwb6fko7g64m
GET H2	200	research Show response www.recordedfuture.com/feed/	221 KB 61 KB	1047ms 994ms	Fetch text/xml	104.18.7.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.recordedfuture.com/feed/research Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.7.66 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e21484841f1dfe41dc30d43047d80b27626c9d4cf372af50146eb2a4c6f7a4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept application/rss+xml Referer https://therecord.media/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=31536000; includeSubDomains x-platform-server i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0 x-content-type-options nosniff cf-cache-status DYNAMIC age 0 traceresponse 00-174e78ceae406fb8539c35c2ec02b992-b60beb9cf75bc1a8-00 x-cache MISS foo bar content-length 62368 x-served-by cache-mxp6950-MXP server cloudflare vary Accept-Encoding content-type text/xml access-control-allow-origin * x-debug-info eyJyZXRyaWVzIjowfQ== accept-ranges bytes cf-ray 7ab73a552eab3747-MXP x-cache-hits 0
GET H2	200	/ Show response c.6sc.co/	47 B 242 B	33ms 32ms	XHR text/plain	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash 98cff0b22ea60403dd8a9d80c8d9cae2757aa26c134677750db21c59a49b91ea Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/plain access-control-allow-origin https://therecord.media access-control-allow-credentials true access-control-allow-headers * content-length 47
GET H2	200	/ Show response ipv6.6sc.co/	18 B 306 B	38ms 38ms	XHR text/html	2a02:26f0:280:4::213:784c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:280:4::213:784c Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7c1a5f682648a72bbb85e721f07412653b9c0c71413f677d224e3f06cd2d22fd Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 21 Mar 2023 15:28:59 GMT vary Origin content-type text/html access-control-allow-origin https://therecord.media cache-control max-age=0, no-cache, no-store 6si-ipv6 2001:ac8:24:44::17 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466503_34830156_261453840_10_610_37_0";dur=1 content-length 18 expires Tue, 21 Mar 2023 15:28:59 GMT
GET H2	200	index.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	26 KB 9 KB	171ms 168ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/index.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 8f1dbf3d92b93879bc127c9c8cbd86f104b536255331b7f2e452354611b4f384 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f56a9e10ecdee747e12ad7-fbb902b63f730ad0-00 etag "66ef-16n1CwJnJAm6uwVM40U/eUP5w54" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	leadership.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	171ms 168ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/leadership.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash fc0fac17cecfc6669ee02bdff528b6dffb18d2e21e291863664c66637f23be79 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f67bed27fcbb93daf1fd99-e11dc7a85bff9793-00 etag "1bd6-HlnTILY1K9DqbunIbd0M+rLq32I" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	cybercrime.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	175ms 173ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/cybercrime.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 5da033668e4fddc003d37ce34bca31cae24b12e25961cc7c5c5383ba17e42b10 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f65086beeee746bd7f605c-535805cdcb8996bc-00 etag "1bd6-ODuJZ/oldmnyyG+bPnDjAHZF9Jo" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	nation-state.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	178ms 176ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/nation-state.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 6c5c2ba0e4082d03d584c24dee4e5162abe99e0974ed790444f319e291e72b94 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f757069ab956f49a0ca28f-ad2813f66ddc0f4d-00 etag "1bdf-XboCaCEZq0FQrSH9eKHaIwrVJWg" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") content-length 1867 x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	people.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	177ms 175ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/people.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 1808892bccc30c97e699ea454b92722d96f037fa4a9214625bfeb738ad9f5b63 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f98e190f4e5b1d41b5cca5-6d46979d72602ba2-00 etag "1bc2-QR65Nufttwg3Oh44ekKfTYgoops" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	technology.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	176ms 174ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/technology.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 392a8139ce7483d75eb38d9820cdade97f9f05f4fcc7dda42b3cf708c597402b Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95fd268274a0d21ad2866c1f-1a52ff3bdf0fbbb0-00 etag "1bd6-MYXggvEpXX3+Z1eksvasUWOuPLE" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") content-length 1875 x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	about.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	35 KB 7 KB	179ms 178ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/about.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 44b414ea81a8b2afe2709f086c5dfa2721fd7818e2a8695aebdc1cc059899b51 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95fc66d5f65f7eda8963c666-9da43ec41104793d-00 etag "8d2b-siPJbQG8a7diMriXqY8mmVSY8sI" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	podcast.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	116 KB 24 KB	170ms 169ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/podcast.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash e4661cdb8cf052d1e8ef80da2758237f8126f37fa7824c817f17973429eef866 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f9e16ac5b05d7a16ecc0c3-08fa7a0131bd4210-00 etag "1d056-jqwQMPA28yTAzBDtgB7SY3keu5E" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	contact.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	8 KB 2 KB	178ms 177ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/contact.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 129cf45ceedb72e0496ab5963052ba610a622d506c51b230413244733b1631c5 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95f9f738fa32d83dea8cd8d0-d638ed02fb0e0fc8-00 etag "1ee6-7nCcr0aGWlATyv30FVtENSLkFQ8" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") content-length 2141 x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	subscribe.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	8 KB 2 KB	174ms 173ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/subscribe.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 86a75b185c3734bc3ca89241bc24d82028326fc632f58da72c4800122754e680 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce95fa1e7bc7734b3223165cbe-b2278a7634b15e65-00 etag "1eaf-imH9KrInA2vRTKknbNcxNYSVwRU" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	jonathan-greig.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/author/	8 KB 2 KB	254ms 253ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/author/jonathan-greig.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash b046efe3621f60248d6414adfabb709fefc436f16671df8185089a1e3d1e0d20 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce9d7eb982c719a259e5e682b1-7d7d0912ae93485a-00 etag "21fb-j9Swo1LS9UeekF09XG6YsHvu/8o" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	Congressman-says-he-was-target-of-%E2%80%98wrongful%E2%80%99-data-searches-by-FBI.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/	18 KB 5 KB	257ms 257ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/Congressman-says-he-was-target-of-%E2%80%98wrongful%E2%80%99-data-searches-by-FBI.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash d5bf1898c7109d81badad20e4eb1f4dc3d42ad683248f60eb36d10e447306950 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce9d80160ee8cb53fca3dd1017-d5f039ff56c37d86-00 etag "470d-A5BqfRYh4pkjNNAUOAeic/ze1Q0" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	industry.json Show response therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/	7 KB 2 KB	252ms 252ms	Fetch application/json	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://therecord.media/_next/data/vomjVW3KGwH0nzFFbX7mN/news/industry.json Requested by Host: therecord.media URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 404690a00086747f5cd64f50d4fc0522519963b8721e3be9b03c45410947cf79 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding gzip strict-transport-security max-age=0 traceresponse 00-174e78ce9d7fe2b1caecfc8017cab003-73fca5374dc5188b-00 etag "1bd1-u/o7c/ajk1dt9lU02Cxb9zIipx0" vary Accept-Encoding x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type application/json x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control s-maxage=60, stale-while-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	252628.js Show response js.hs-scripts.com/	1 KB 865 B	81ms 32ms	Script application/javascript	2606:4700::6811:d4cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/252628.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3871bd3cd3bcad4b0b5045e2ba61d7a3dc3edcee2b7c158e09405c26e8305f3b Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:28:59 GMT content-encoding br cf-cache-status HIT x-hubspot-correlation-id ad679c60-418d-45ba-88da-2859fa67ccfa age 56 cf-polished origSize=1482 cf-bgj minify last-modified Tue, 21 Mar 2023 15:28:03 GMT server cloudflare x-trace 2B4618091B826A487459D8ECBC76B94104D95B0635000000000000000000 access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://go.recordedfuture.com cache-control public, max-age=60 access-control-allow-credentials true cf-ray 7ab73a568ed9bb19-MXP expires Tue, 21 Mar 2023 15:29:59 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	29ms 29ms	Image image/gif	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=1517764668&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=1239930663.1679412539&tid=UA-9153858-16&_gid=232544407.1679412539&gtm=45He33f0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=1726651032 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Mon, 20 Mar 2023 20:16:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 69177 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	leadflows.js Show response js.hsleadflows.net/	545 KB 87 KB	121ms 36ms	Script application/javascript	2606:4700::6811:e7cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/252628.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860 Request headers Referer https://therecord.media/ Origin https://therecord.media accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT x-amz-version-id waE9SUXeTvXi6sWFWRT4B49N3dJ8yImu via 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-amz-cf-pop IAD12-P3 age 73077 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js&cfRay=7ab0423d6950374e-IAD x-cache Hit from cloudfront cache-tag staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod x-amz-replication-status COMPLETED last-modified Thu, 02 Mar 2023 09:43:53 UTC server cloudflare etag W/"15b55a577dac25b07b6c519f5d1a3aec" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-hs-cache-status HIT cache-control s-maxage=86400, max-age=0 cf-ray 7ab73a574c9c59ad-MXP x-amz-cf-id I3zRfWhE8xlMNO7tVMypp4AOQI8t-e9oo4p0sHIYAE8r3Gx_UQkWbQ== x-hs-target-asset lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js
GET H2	200	252628.js Show response js.hs-analytics.net/analytics/1679412300000/	66 KB 21 KB	118ms 33ms	Script text/javascript	2606:4700::6811:43b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1679412300000/252628.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/252628.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 787c1f2bc9bb5fdc961e3fb8ae2f7a7c08475266250a2c7b7e185a20ce080298 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id C60196561Q9SFHGX age 226 x-amz-server-side-encryption AES256 x-amz-id-2 GlZXueDAYSi4uYg6IhZQpL3i6a6LBwUM4br6vuNnwqsx1bm6oPrLgBY4nwDfHPijqO4uw+hNnwI= last-modified Wed, 08 Mar 2023 04:01:20 GMT server cloudflare etag W/"00b259d999eaf5f203484d786efc0350" vary origin, Accept-Encoding content-type text/javascript cache-control max-age=300, public access-control-allow-credentials false cf-ray 7ab73a574da8ba83-MXP expires Tue, 21 Mar 2023 15:30:14 GMT
GET H2	200	252628.js Show response js.hs-banner.com/	60 KB 16 KB	128ms 44ms	Script text/javascript	2606:4700:4400::6812:21ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/252628.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/252628.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c14a3581f43637c3a38bf2dc63eb6bd1db03f379531e0c933046757027da5996 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT x-amz-version-id G0bbSlSfRykjiDD0m1m7bWMeF3mCkT4v content-encoding br cf-cache-status HIT x-amz-request-id H7MXSXMWZ15JBYY1 age 150 x-amz-server-side-encryption AES256 x-amz-id-2 +Q/TD862KGHNmtlAszCmWrCoA8bhi4kT2MOiC2kw+0+WAm647MKM51dv8mDxKOfH+wlGQ7tGy2k= last-modified Wed, 08 Mar 2023 04:01:20 GMT server cloudflare etag W/"07e17ba34d46098d956efa1591721142" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://go.recordedfuture.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7ab73a574f9a59b9-MXP expires Tue, 21 Mar 2023 15:31:30 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 894 B	218ms 174ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=252628&r=https%3A%2F%2Ft.co%2F&pu=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&t=Dutch+shipping+giant+Royal+Dirkzwager+confirms+Play+ransomware+attack&cts=1679412540083&vi=2f002ab1fa98a587fc3139dbb0cc38bc&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 4a68b7a5-f40c-4876-bd02-83ee23c9848e p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYdECId25Nta5Oetso5EdWovZKH6rBEg8EfPlO21KBqLpItFv9D1FEV0lKSKKSL%2FlVYn%2BYrp2mufy7JdFXr19ITdVncQCm7iLjQra%2BUODOsBnjm2oBTm1vSlWsBsxYmOPEDzz7jasESuLQHHvipT"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7ab73a57d8c559b9-MXP x-robots-tag none
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	237ms 237ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A28%3A59%20GMT%22%2C%22timeSpent%22%3A%221011%22%2C%22totalTimeSpent%22%3A%221011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	2 KB 2 KB	327ms 272ms	XHR application/json	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=2f002ab1fa98a587fc3139dbb0cc38bc&__hstc=156209188.2f002ab1fa98a587fc3139dbb0cc38bc.1679412540081.1679412540081.1679412540081.1&__hssc=156209188.1.1679412540082&referrer=https%3A%2F%2Ft.co%2F&currentUrl=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 074896918ab1675fcff4e0c65a455412c9218b29aad9b573a70492f6e3cd1a45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id cf73fc89-ddfc-4ffa-8625-13138173de25 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://therecord.media report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLDVLAtYxzq2TlzIzLkueNkR7DpWKIN1H%2Fvs%2FjBbemaUEjwBcvv%2B3S9xHL%2BHCS%2FETPGZPgHBKxfoG3SST07juQtMahIukSPCAKNJel2JiIa3CP%2F1vGB3H7JcA2qc60s3k0%2BfWdhQIXaBmH%2BfFsRo"}],"group":"cf-nel","max_age":604800} access-control-max-age 180 access-control-allow-credentials false cache-control max-age=0, no-cache, no-store x-robots-tag none access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 7ab73a58cae7bae8-MXP
GET H2	200	__ptq.gif track.hubspot.com/	45 B 362 B	199ms 197ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=252628&r=https%3A%2F%2Ft.co%2F&pu=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&t=Dutch+shipping+giant+Royal+Dirkzwager+confirms+Play+ransomware+attack&cts=1679412540552&vi=2f002ab1fa98a587fc3139dbb0cc38bc&nc=true&u=156209188.2f002ab1fa98a587fc3139dbb0cc38bc.1679412540081.1679412540081.1679412540081.1&b=156209188.1.1679412540082&pt=0&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id a58541d7-40af-493e-a365-7d2eb19fd50a p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vvxI%2BAXCgXfS66ggC11hMVFqt7koAv6fzQan4BWDXhmvABHkZqO9mRHXxts51MVAckPqi6ao%2B%2Bcf3k73oooI3Vxe8G%2B1q7ASnliBpGVlg2%2F4FpEBTJxWmvuXCHZjN%2BCFRnYgG%2Fw5QEBl9pOG6wl"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7ab73a5a8ef159b9-MXP x-robots-tag none
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	image therecord.media/_next/	142 KB 142 KB	152ms 152ms	Image image/webp	34.73.189.215 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Firs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.jpg&w=1920&q=75 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.73.189.215 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 215.189.73.34.bc.googleusercontent.com Software / Resource Hash 381f3dd72c9446985a766fdabd9ffec6de323e1ef52c3961f6fe54e5c2226c76 Security Headers Name Value Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox; Strict-Transport-Security max-age=0 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/royal-dirkzwager-ransomware-attack-dutch-shipping User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy script-src 'none'; frame-src 'none'; sandbox; date Tue, 21 Mar 2023 15:29:00 GMT strict-transport-security max-age=0 traceresponse 00-174e78ced9fcfb73e5c65f4be6872f4e-85a7bf4eff2bf74e-00 etag OB891yyURphadm-avZ-+xt4yPh71LDlh9v5U5cIibHY= vary Accept x-platform-cluster 6l7w2dvltmj6g-production-vohbr3y content-type image/webp x-nextjs-cache HIT x-platform-processor xgztqld4evaw2suiwyeszt2fga cache-control public, max-age=0, must-revalidate x-debug-info eyJyZXRyaWVzIjowfQ== permissions-policy geolocation=(self "https://*.recordedfuture.com/") content-disposition inline; filename="irs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.webp" x-platform-router pzzg6kk2mvryq2jfoxqht4lu3u
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	526ms 526ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A00%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:01 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	iphone-cd1.jpg go.recordedfuture.com/hubfs/	83 KB 85 KB	153ms 54ms	Image image/webp	2606:2c40::c73c:6702 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://go.recordedfuture.com/hubfs/iphone-cd1.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-meta-cache-tag F-99167145604,P-252628,FLS-ALL age 100066 x-amz-request-id TESCNPFSF202WNWM x-amz-server-side-encryption AES256 edge-cache-tag F-99167145604,P-252628,FLS-ALL x-amz-replication-status COMPLETED x-hs-https-only worker content-disposition inline; filename="iphone-cd1.webp" x-hs-cf-lambda us-east-1.enforceAclForReadsProd 15 cf-bgj imgq:85,h2pri etag "f5c3d1b581a50e5c3637310137a43f0e" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * x-amz-meta-created-unix-time-millis 1674144065940 cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-robots-tag all x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 15 date Tue, 21 Mar 2023 15:29:01 GMT strict-transport-security max-age=31536000 via 1.1 fbc8210d21f6d43d0666226a15960b78.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx x-amz-cf-pop MXP63-P3 x-hs-alternate-content-type text/plain cf-polished qual=85, origFmt=jpeg, origSize=229013 x-cache RefreshHit from cloudfront cache-tag F-99167145604,P-252628,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 85082 x-amz-id-2 H3sidM8Otj+1W1t2dJz+plSpPp88nnmzwBTk38UyQdFJlM3ehsdFXcsTURqTU/Zkz5hawUi8O9U= last-modified Thu, 19 Jan 2023 16:01:07 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccbYJ7HJS23J1bYE40Gqe5NPtvTt7EU3RGTpV7xLhNsq6EYGkAa1Vlv%2FQjmktqDCGJQeZe5I8mpy268tzdO7FN1mSIGz0iY5G1nkSAhHqcjq%2Fqu4C%2BH9NtfEPjPRMpBoQ%2FlEueLjsOmvm%2FxfPmtf7cZTkA%3D%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7ab73a615fedba8c-MXP x-amz-cf-id StOsirrXAATv4E0bT50uLcrSygOo4Dma4Vj3H9SJ9pjiaBb2-C_g4A==
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	260ms 260ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A01%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223013%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:02 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 02:04:22 GMT server nginx/1.14.0 (Ubuntu) etag "63f03226-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	204ms 203ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A02%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224015%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:03 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	241ms 240ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225016%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:04 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	212ms 212ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=b4641102d33c00003bcd1964ca010000dfa93500&visitor=a7cc9c57-0ac3-446b-8bb3-dbe5c8ff5832&session=13f42835-f01e-4c43-8fff-6deb8ef4b0a0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2021%20Mar%202023%2015%3A29%3A04%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226017%22%7D&isIframe=false&m=%7B%22description%22%3A%22Dutch%20maritime%20logistics%20company%20Royal%20Dirkzwager%20has%20confirmed%20that%20it%20was%20hit%20with%20ransomware%20from%20the%20Play%20group%2C%20the%20latest%20in%20a%20string%20of%20attacks%20targeting%20the%20shipping%20industry.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Dutch%20shipping%20giant%20Royal%20Dirkzwager%20confirms%20Play%20ransomware%20attack%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Froyal-dirkzwager-ransomware-attack-dutch-shipping&pageViewId=ea9f0b4c-f5ba-4df3-8840-1b77b7ba3726&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://therecord.media/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 15:29:05 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT