therecord.media Open in urlscan Pro
2606:4700:4400::6812:20b5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
Submission: On February 21 via api (February 21st 2024, 2:12:34 am UTC) from TR — Scanned from DE

Summary HTTP 104 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 24 domains to perform 104 HTTP transactions. The main IP is 2606:4700:4400::6812:20b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 346379.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:440... 2606:4700:4400::6812:20b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26db:400:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:440... 2606:4700:4400::ac40:9b4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.144.145 172.64.144.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
8	23.62.98.119 23.62.98.119	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:710... 2a02:26f0:7100::210:180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
104	33

40 2606:4700:4400::6812:20b5 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9b4b (United States)

ASN13335 (CLOUDFLARENET, US)

cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.145 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.62.98.119 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-98-119.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	therecord.media therecord.media — Cisco Umbrella Rank: 346379 cms.therecord.media — Cisco Umbrella Rank: 781932	2 MB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	1 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 6461 c.6sc.co — Cisco Umbrella Rank: 9771 ipv6.6sc.co — Cisco Umbrella Rank: 6648 b.6sc.co — Cisco Umbrella Rank: 4424	27 KB
6	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 5300 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5203 track.hubspot.com — Cisco Umbrella Rank: 2726 forms.hubspot.com — Cisco Umbrella Rank: 6022	30 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 18864 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 965510	67 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 230	40 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 271 stats.g.doubleclick.net — Cisco Umbrella Rank: 113	1 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 11323	718 B
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 480546 go.recordedfuture.com — Cisco Umbrella Rank: 783132	157 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	163 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2400	20 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 5653	1 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 523	700 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2616	17 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2608	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5757	88 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5654	408 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 935	725 B
1	t.co t.co — Cisco Umbrella Rank: 641	376 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2825	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 916	15 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 218	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	53 KB
104	24

	Domain	Requested by
37	therecord.media	therecord.media
10	www.youtube.com	therecord.media www.youtube.com cdn.matomo.cloud
6	cms.therecord.media	therecord.media
5	b.6sc.co
4	jnn-pa.googleapis.com	www.youtube.com
3	track.hubspot.com
2	epsilon.6sense.com	j.6sc.co
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	cdn.matomo.cloud	therecord.media
2	www.googletagmanager.com	therecord.media www.googletagmanager.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	therecord.media
1	www.recordedfuture.com	therecord.media
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
104	37

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
www.justice.gov
home.treasury.gov
analyst1.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.recordedfuture.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
Frame ID: 116854D38F93FDC374973A6B8034EA63
Requests: 83 HTTP requests in this frame

Frame: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
Frame ID: 086D50C041E097258C42F4EE02CE8253
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US indicts two Russian nationals in LockBit ransomware case

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

104
Requests

98 %
HTTPS

75 %
IPv6

24
Domains

37
Subdomains

33
IPs

4
Countries

4361 kB
Transfer

10515 kB
Size

24
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%20https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord&title=US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord&t=US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform?mtm_campaign=ad-unit-record&__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant
Title: unsealed indictments on Tuesday

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/news/press-releases/jy2114
Title: announced sanctions

Search URL Search Domain Scan URL

URL: https://analyst1.com/ransomware-diaries-volume-2/
Title: cast doubts on his retirement

Search URL Search Domain Scan URL

URL: https://twitter.com/jredd66

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/navigating-2024s-geopolitical-fault-lines?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Navigating 2024's Geopolitical Fault LinesNavigating 2024's Geopolitical Fault Lines

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russia-aligned-tag-70-targets-european-government-and-military-mail?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage CampaignRussia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/patterns-targets-ransomware-exploitation-vulnerabilities-2017-2023?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017–2023Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017–2023

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/leaks-and-revelations-irgc-networks-cyber-companies?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Leaks and Revelations: A Web of IRGC Networks and Cyber CompaniesLeaks and Revelations: A Web of IRGC Networks and Cyber Companies

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/flying-under-the-radar-abusing-github-malicious-infrastructure?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Flying Under the Radar: Abusing GitHub for Malicious InfrastructureFlying Under the Radar: Abusing GitHub for Malicious Infrastructure

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&__hsfp=4158071004
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lockbit-ransomware-indictments-us-doj-bassterlord Show response
therecord.media/ 49 KB
10 KB 148ms
121ms Document
text/html 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

32b0329ca5256c298725ea867c29d1446ce8e8277fb828c6c4dc2dc74b09c98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 21
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 858b76efda211db3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 02:12:28 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-17b5a9693ff9be9042d433d101b7ea21-e6e0cbd6ef85d8e4-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 15, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230044-FRA

GET
H2 200 merrick_garland_lockbit_announcement_36d3066916.png
cms.therecord.media/uploads/ 299 KB
300 KB 130ms
121ms Image
image/png 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/merrick_garland_lockbit_announcement_36d3066916.png?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fcb0d86b109bc23b104239673c6ca04312c6be43af34aa6cff567a836fe7292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17b5beeab7b23c04172843f782204aea-6127dde3fb7976a7-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 306166
last-modified: Tue, 20 Feb 2024 18:17:29 GMT
server: cloudflare
etag: "65d4ecb9-4abf6"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 858b76f0aa801db3-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Wed, 21 Feb 2024 02:17:28 GMT

GET
H2 200 Headshot_9468680de9.JPG
cms.therecord.media/uploads/ 769 KB
770 KB 135ms
126ms Image
image/jpeg 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/Headshot_9468680de9.JPG?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff48d94e30cb5c2f87212c4b3cd7783d22d26e83ba1787243e2591df0d5c3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-17b5beeab7ec6e87da72afdbd5d4053e-748c061480f87b20-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 787342
last-modified: Wed, 30 Aug 2023 17:29:22 GMT
server: cloudflare
etag: "64ef7c72-c038e"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 858b76f0aa811db3-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Wed, 21 Feb 2024 02:17:28 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
3 KB 133ms
124ms Image
image/svg+xml 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
traceresponse: 00-17b5beeab7d586f826ad0bef2ba3e108-050d4d6b1bfa6a93-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
server: cloudflare
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 858b76f0aa821db3-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Wed, 21 Feb 2024 02:17:28 GMT

GET
H2 200 1e6a3daf2771c259.css
therecord.media/_next/static/css/ 62 KB
12 KB 22ms
21ms Stylesheet
text/css 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad25f126714ad3bf7e1fd834e9be185170945da0fade5439befddc33777c5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 45028
traceresponse: 00-17b595f6d29245b058a204b98c9724bb-a3845767c5fabd96-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200157-IAD, cache-fra-eddf8230044-FRA
last-modified: Tue, 20 Feb 2024 13:41:38 GMT
server: cloudflare
etag: W/"f959-18dc6c029cc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0aa771db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 6

GET
H2 200 ef46db3751d8e999.css
therecord.media/_next/static/css/ 0
236 B 21ms
21ms Stylesheet
text/css 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3676666
traceresponse: 00-17a8af022709e0dfc034298cdcda181c-ff3f23f06584d27c-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230044-FRA
last-modified: Thu, 21 Dec 2023 10:23:06 GMT
server: cloudflare
etag: W/"0-18c8be67aa2"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 858b76f0aa781db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 12707, 11

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 8ms
8ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 13 Feb 2024 18:12:13 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65cbb0fd-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 858b76f0aa791db3-FRA
expires: Fri, 23 Feb 2024 02:12:28 GMT

GET
H2 200 -jKykhKKMZw Show response
www.youtube.com/embed/ Frame 086D 92 KB
41 KB 80ms
59ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c4b8801f2ab8dc2eba09fc407eae4695abc02a98318f42d02a7868755b1f08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 02:12:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/ 92 B
441 B 26ms
25ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 45028
traceresponse: 00-17b595f6f04101fbbf7863a66aaa1ed6-2ea99e49814aec20-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200053-IAD, cache-fra-eddf8230033-FRA
last-modified: Tue, 20 Feb 2024 13:41:38 GMT
server: cloudflare
etag: W/"5c-18dc6c029b9"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca911db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 8

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/ 99 B
366 B 27ms
26ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 45025
traceresponse: 00-17b595f6f14555ccab8fa2e572ea62be-a6041cfacdf9b081-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000080-IAD, cache-fra-eddf8230068-FRA
last-modified: Tue, 20 Feb 2024 13:41:38 GMT
server: cloudflare
etag: W/"63-18dc6c029b9"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjoyfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca921db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 9, 4

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/ 1 KB
640 B 28ms
26ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/cFEdEFp7CqqQ44peb6t4W/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38276405d056497d09d1df6f16ebb6455ecbb87fe33897dffba1e65c125215d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 45027
traceresponse: 00-17b595f72cfa3c16bddc518cf65a06ef-b23caf46ee96cd8a-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000135-IAD, cache-fra-eddf8230116-FRA
last-modified: Tue, 20 Feb 2024 13:41:38 GMT
server: cloudflare
etag: W/"4f7-18dc6c029b9"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca941db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7, 8

GET
H2 200 %5B%5B...slug%5D%5D-2d98e382dac98dbf.js Show response
therecord.media/_next/static/chunks/pages/ 81 KB
18 KB 34ms
33ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-2d98e382dac98dbf.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79de82940b7430a25fecc4895292dee4da05a84b39e65730671d51a42926b1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50165
traceresponse: 00-17b5914a9646df023acdc56e98fd9c3c-3f0cfc620d5b067a-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100158-IAD, cache-fra-eddf8230112-FRA
last-modified: Tue, 20 Feb 2024 12:16:08 GMT
server: cloudflare
etag: W/"14521-18dc671e24c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca961db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 21, 7

GET
H2 200 556-d088a057c0e74b61.js Show response
therecord.media/_next/static/chunks/ 461 KB
109 KB 25ms
24ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/556-d088a057c0e74b61.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e64d51c77876ee305e0d82fbe2580f42b2420a2b9ed3e90f75967f12491298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50165
traceresponse: 00-17b5914a966301e7a6997c95351e1ef2-c240add12ce50aa1-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-eddf8230044-FRA
last-modified: Tue, 20 Feb 2024 12:16:08 GMT
server: cloudflare
etag: W/"7340b-18dc671e24a"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca971db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 20, 1

GET
H2 200 203-29dcc45d0f2c9003.js Show response
therecord.media/_next/static/chunks/ 512 KB
147 KB 34ms
33ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/203-29dcc45d0f2c9003.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0f92757e0a75ad0e3e660ae218d3f9b390ebfb39a6563ef2bdd38b08c9a28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50165
traceresponse: 00-17b5914a94d4473d6e969d446668810b-c680a7446500960d-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100042-IAD, cache-fra-eddf8230114-FRA
last-modified: Tue, 20 Feb 2024 12:16:08 GMT
server: cloudflare
etag: W/"8019a-18dc671e249"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca981db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 22, 1

GET
H2 200 _app-a8dc4813b2280651.js Show response
therecord.media/_next/static/chunks/pages/ 115 KB
38 KB 34ms
34ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-a8dc4813b2280651.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33827dad44cb9dbaba81212f22a069edd8ceabf83dbb1345d1a52298a08913ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 2545939
traceresponse: 00-17acb365ca1ebe7292a57e4583c8220e-611cdced83411f77-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200120-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 18 Jan 2024 15:17:58 GMT
server: cloudflare
etag: W/"1ca6c-18d1d268056"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca991db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2153, 4

GET
H2 200 main-d977f1d2acb21ba7.js Show response
therecord.media/_next/static/chunks/ 101 KB
28 KB 33ms
32ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c6a05bd0d89aa91521b0ebe9a14e367f6c41ebd64f585fbee07ba3a2124e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1172666
traceresponse: 00-17b194621c8909ce8e17720dc6e79e33-a0ecc3d9c0b701e2-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000030-IAD, cache-fra-eddf8230118-FRA
last-modified: Wed, 07 Feb 2024 12:27:46 GMT
server: cloudflare
etag: W/"193e5-18d8389dd46"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca9a1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1, 1

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 28ms
27ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 6705553
traceresponse: 00-179dec406f8f7452bf62a7be55be4419-6d3b59ac4bb99f0f-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 28 Nov 2023 09:14:58 GMT
server: cloudflare
etag: W/"1fbbb-18c1535d276"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca9b1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 27683, 4

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3679891
traceresponse: 00-17a8ac132bb569935edcef7a506d1777-875e86cfa633821d-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230025-FRA
last-modified: Thu, 21 Dec 2023 10:23:06 GMT
server: cloudflare
etag: W/"673-18c8be67aa1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0ca9c1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11069, 3

GET
H2 200 x-social-media-logo-icon.svg
therecord.media/icons/svg/ 515 B
711 B 134ms
134ms Image
image/svg+xml 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/icons/svg/x-social-media-logo-icon.svg

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3107d855114d1d82f38a7815a45fce788901a46c513a32836a8a8fb3c3087b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeab96ae9a3af42d32584cb392c-e9f248edc3ebbf20-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200142-IAD, cache-fra-eddf8230033-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"203-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0da9e1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 x-social-media-black-icon.svg
therecord.media/icons/svg/ 456 B
463 B 179ms
179ms Image
image/svg+xml 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/icons/svg/x-social-media-black-icon.svg

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8837339f39b4de89bcdc5b4705e44d0007a8728881c70d1010f9973dff06306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeabc144a4fa8fc63e097687b5b-fa6e789e6ecb12bf-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200098-IAD, cache-fra-eddf8230025-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"1c8-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0da9f1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
151 KB 227ms
226ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeaba076ed84e315e4c79a0b7ba-fcbc8983c4ea4e72-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230022-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"4d16c-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa01db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 155ms
155ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeaba46aa329e741b59820fb7d8-11a395212b7b4e54-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230118-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"1304-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa11db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
149 KB 207ms
206ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeab9711b2dfb2042b5cdb828d6-89fa66ae3841e028-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"4cd58-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa21db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
151 KB 317ms
316ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeabe8f1840e28dcbd04991e0a5-99da0699eeab3903-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230116-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"4d2c4-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa31db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
140 KB 256ms
256ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeabcbb8be3508ba59fed083c43-5e338abd80a438fd-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-eddf8230068-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"4ba44-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa41db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
150 KB 179ms
179ms Font
font/ttf 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1e6a3daf2771c259.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/1e6a3daf2771c259.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeab93db8baec6e27b54f93f720-732fdcf48dca9f88-01
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200106-IAD, cache-fra-eddf8230044-FRA
last-modified: Tue, 20 Feb 2024 13:37:06 GMT
server: cloudflare
etag: W/"4d52c-18dc6bbffd0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f0daa51db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 086D 366 KB
47 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:40:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48183
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 19 Feb 2025 23:40:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 086D 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 08:50:21 GMT
x-content-type-options: nosniff
age: 62528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 08:50:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 086D 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 61395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 086D 53 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 581997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16886
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:32:31 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 086D 318 KB
95 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96927
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Feb 2025 00:21:51 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 086D 2 MB
778 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795740
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:32:31 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 086D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

14ms
14ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63640583392ffa2f12bb5761ec77cad09eb6bcaab2efd61f1f88622d4c7ba61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Feb 2024 02:12:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 086D 29 B
494 B 33ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:15 GMT
x-content-type-options: nosniff
age: 14
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 02:27:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 40ms
14ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 21 Feb 2024 02:12:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 086D 87 KB
40 KB 26ms
26ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0d3291019e52d9c4fe5d30d6807501b2f779210dd396f65f22386648c1b7df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40803
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 086D 118 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 581957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34032
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:33:12 GMT

GET
H2 200 hOSL3wzhZnRWQZflrkUXLpKtCz5jphagNS89mbfJREc.js Show response
www.google.com/js/th/ Frame 086D 51 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/hOSL3wzhZnRWQZflrkUXLpKtCz5jphagNS89mbfJREc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e48bdf0ce16674564197e5ae45172e92ad0b3e63a616a0352f3d99b7c94447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19938
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 13:03:34 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/-jKykhKKMZw/ Frame 086D 52 KB
53 KB 42ms
7ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-jKykhKKMZw/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34bba002b1ad2b3fa7ac4c1586018372d7aec41ed52f1a4f9378d462242c1bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:10:53 GMT
x-content-type-options: nosniff
age: 96
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53369
x-xss-protection: 0
server: sffe
etag: "1708392345"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Feb 2024 02:15:53 GMT

GET
DATA 200
OK truncated
/ Frame 086D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZR592efblWc8IpqTaAi0PXNwSEpzaNjMJh-H17hzg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 086D 2 KB
3 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZR592efblWc8IpqTaAi0PXNwSEpzaNjMJh-H17hzg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df4be602c6f68df8c9b8317170b8a889998686cb6d2124a26d58ca14069061e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:04:17 GMT
x-content-type-options: nosniff
age: 4092
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2507
x-xss-protection: 0
server: fife
etag: "v14b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:04:17 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 086D 4 KB
2 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 02:12:29 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 086D 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?WZRxkA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 21 Feb 2024 02:12:29 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 086D 90 B
134 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb72528588e7cf23b4a364611ea24f2648d9ee020f6d0b80f70aad410766b991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame 086D 50 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 21 Feb 2024 21:05:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
70 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1ca1c8241e63cc04e65572203feb8ab60a37143447c39c4a14212edfdb7da0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71698
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 00:04:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 02:12:29 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 200 KB
58 KB 54ms
15ms Script
application/javascript 2600:9000:26db:400:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

80674df4167d5260cbac3f8a6499ae381e36025aea6ad5c8eba25c5eb668e007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:51:51 GMT
x-amz-version-id: QfdzVVzV2PDU.VOb.rnFlksIOW4Ar9_.
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 4839
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 18 Feb 2024 22:08:51 GMT
server: CloudFront
etag: W/"e028b9b74436105242fb4d41d01c0779"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: b7mLSybqe7MeFUbe6Fp8Ndqul1aumbj_hPsnrk3zGweTtqdXUOM1WA==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 69ms
30ms Script
application/javascript 2600:9000:26db:400:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js

Requested by

Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3303db9454ead61f24fc598ad2a9d64aebd739493d1a07fffe1d1ead71b9419c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:51:51 GMT
x-amz-version-id: o_2NXjn2uS2BFeIRnGhjZvkcVYClttC5
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 4839
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 19 Nov 2023 19:34:49 GMT
server: CloudFront
etag: W/"82547c1828a7d2e514c0b90201df744b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: dkrugUCnv4A53pymv0hG3gNWHa5pyOHAv-GbTzc5gCRD7lQY13cx4A==

GET
H2 200 articles Show response
cms.therecord.media/api/ 12 KB
4 KB 589ms
572ms XHR
application/json 2606:4700:4400::ac40:9b4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=4362&filters[date][$lte]=2024-02-20T18%3A15%3A03.199Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/203-29dcc45d0f2c9003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

4d29492c4c6785a1196ed91ffab327ff1660ce9aded214ac39cd314c88f7eb60

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:30 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17b5beeaefc8a42944012f9cc24d5e57-6a5414d219f0617d-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 858b76f54fb71e10-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 9 KB
3 KB 465ms
449ms XHR
application/json 2606:4700:4400::ac40:9b4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=4362&filters[date][$gte]=2024-02-20T18%3A15%3A03.199Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/203-29dcc45d0f2c9003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

711e6711b8253356a928a6d742ac1a0ca718cccd6a415d073948256bf922ee89

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:30 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17b5beeaefcce8170792e76f00e25212-f89c718aad125162-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 858b76f54fb81e10-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 3 KB
2 KB 441ms
425ms XHR
application/json 2606:4700:4400::ac40:9b4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?fields[0]=title&fields[1]=date&fields[2]=publishedAt&filters[isBrief][$eq]=true&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2024-02-21T02%3A12%3A29%2B00%3A00&populate[page][fields][0]=slug&sort[0]=date%3Adesc&pagination[limit]=9

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/203-29dcc45d0f2c9003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b4b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

f9a1ac06b359601c85bd251b145a32a2792ed926ca0e00c1e971b6e64436a74d

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:30 GMT
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-17b5beeaefc1f9277f56c09b4ad60eca-5752a8277a58f91e-01
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 858b76f54fba1e10-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 252 KB
72 KB 45ms
18ms Fetch
text/xml 172.64.144.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/556-d088a057c0e74b61.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.145 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4591d84f0c0c70db45eb6f17469fad1fcfc2faee310998a42e8eaea10d2f0ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1269
traceresponse: 00-17b5bdc35a60fbcec60029a9fd3a651f-81bf8b1509683c04-01
x-cache: HIT
content-length: 73107
x-served-by: cache-fra-eddf8230103-FRA
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,DELETE,PATCH,POST,PUT,HEAD,OPTIONS
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 858b76f55a67371b-FRA
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, User-Agent, Authorization, Origin, Pragma, Cache-Control, Expires
x-cache-hits: 1

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
517 B 30ms
30ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ca6f3935fd2598ee98ca7013ad5f2c3e1f834efb8bbb24f3c4ba9d5d7849ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 21 Feb 2024 02:12:29 GMT

GET
H2 200 james-reddick.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/author/ 9 KB
3 KB 174ms
174ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/author/james-reddick.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eebb72bf3e28eb30a2c4a00ba608467ba83484e0021f3c617254ec1a2c0fe801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5a96b1b10be7316c31c4e0bb430c6-ae44d2dc33443429-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000097-IAD, cache-fra-eddf8230118-FRA
server: cloudflare
etag: W/"22c9-MHJQYWm6+fH1QpmXq6f0x0Y6ndg"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58ccc1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/ 11 KB
3 KB 18ms
18ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af2f1058fd363bf155e08118c3c426cd3889a0771ba2faf6c142752b2857e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5b287476e0aaddc0cc06d68657227-dbd70d3acb6ca278-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-eddf8230112-FRA
server: cloudflare
etag: W/"2b04-m0Oc8/GvPFYOa0Vbe1fLdCZE+hw"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cce1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1863, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/ 186 KB
40 KB 28ms
28ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc140e6eb5e7230d599925e013a58b4104d2950438e5ab4f2bc147b6be593853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5b2874537e855ac12784e9ce6fd71-116283e35e400e87-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200098-IAD, cache-fra-eddf8230022-FRA
server: cloudflare
etag: W/"2e7b8-3/mx3g4VBpGGSoX/ZNsAqN6ND7Q"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58ccf1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 477, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
3 KB 19ms
18ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62936840e340865476acaf47c79cfb7d7eade459cba270111fbe4d29dbaadf8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5bd5c929f8931b5a0be52233fa1e0-1effc75bad49870a-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100046-IAD, cache-fra-eddf8230114-FRA
server: cloudflare
etag: W/"2127-f8w3y82Ubr7X1KkGhz2IpNINZ+M"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd01db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 19, 1

GET
H2 200 elections.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
2 KB 19ms
19ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/elections.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abfdfb31ef6812849b7a3fe511b8f308e6768bea9da8cbb70f0041191348f87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5bd5c9502413c59433e544603cba0-80c6ea816e076417-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230051-FRA
server: cloudflare
etag: W/"1f42-DnwYU5LC2WYCX2CGSn+piKGsc24"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd11db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 23, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
2 KB 20ms
20ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de33ea59a235aab6c7fbb6009e4e41df2b1f41fa62aef62e4934d4cfb8c445e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5bd5c95008aacbfb91e10b13e4054-52456449c2a71360-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-eddf8230025-FRA
server: cloudflare
etag: W/"2173-FEI92XulrzzaJ9hGOFLAAcMdaEo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd21db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 20, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
2 KB 22ms
22ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a7085e5c34c1f85a5c6c42832c0f4a70ae0e71a806925bed925c6f338c623a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5bd5c927889d8f39fd245a0efe850-d72f38212f2b6c0f-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000167-IAD, cache-fra-eddf8230064-FRA
server: cloudflare
etag: W/"2134-U1IFJA4l0MiIN4YBOx6OVIpiUBo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd31db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 24, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
2 KB 23ms
23ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

976feb0324aaaa56ca8385a4d9d3114be4afa772f0e4d0f118d1a7f3d6a160de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 59
traceresponse: 00-17b5bd5c909731bed78499af00c75e5b-7cde4994c53ae077-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100053-IAD, cache-fra-eddf8230044-FRA
server: cloudflare
etag: W/"216b-3giyf4Oq90imRVerI2gQY1a1UqU"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd41db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 21, 1

GET
H2 200 en.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/ 46 KB
12 KB 21ms
21ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

add3b9de8dba5d9df8bff808681b878e126f9c5f6cc2ab7ff800d2fff5dcdb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 19
traceresponse: 00-17b5be63b128c83501da07fc94988270-2e821251877dae78-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230033-FRA
server: cloudflare
etag: W/"b98d-Y9+l1UDb6j7T2hASm/9RCQEUinA"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f58cd51db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 15, 1

GET
H2 200 government.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
3 KB 22ms
22ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/government.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbdb9358ee8401fd2f0410bd7e77cb085f1b98e923e61ff2ea580da390907a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 9
traceresponse: 00-17b5a95a78b439b042d5fbe2880fcd9c-7c7e89f6c092b23a-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200021-IAD, cache-fra-eddf8230068-FRA
server: cloudflare
etag: W/"2140-M8dbHB/ZsFiMICU2kSsjJvyWzR0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f59cdb1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 34, 1

GET
H2 200 news.json Show response
therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/ 8 KB
2 KB 19ms
19ms Fetch
application/json 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/cFEdEFp7CqqQ44peb6t4W/en/news/news.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f16abf2fb4d106a67c8ca0a3ccd6f2a49ce1436ddff8eaace256fc343bfd786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 12
traceresponse: 00-17b5b02869766ec38a7aa87b5b944562-59b3265140f0f87f-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-eddf8230104-FRA
server: cloudflare
etag: W/"2126-WUAvWW8xqAsndVzDWk4Cig0NyxI"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 858b76f59cdc1db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1141, 2

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 88ms
39ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FUS%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case&idsite=2&rec=1&r=314544&h=3&m=12&s=29&url=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&_id=5a41f8c8e8a733f6&_idn=1&send_image=0&_refts=0&pv_id=HvW3J1&fa_pv=1&fa_fp[0][fa_vid]=2tflcI&fa_fp[0][fa_fv]=1&pf_net=27&pf_srv=121&pf_tfr=2&pf_dm1=22&pf_dm2=634&pf_onl=1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Wed, 21 Feb 2024 02:12:29 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7e0c42869323aac252203ae74ad82adc859d699bcf448b8a14178f9c0e4fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 02:12:29 GMT

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 6 KB
6 KB 1057ms
554ms Script
application/javascript 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-98-119.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bab1a7338ababef20520afb590c2018f7e4aebee0ebd5fd07ec9d97fd9696a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: ijUf5nwA.nUGe_5LmgxSjU3tGVlklBh2
date: Wed, 21 Feb 2024 02:12:30 GMT
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 6029
pragma: no-cache
last-modified: Wed, 29 Nov 2023 20:24:49 GMT
server: AmazonS3
etag: "0b29f060e7033abf1aaeba93a419ca36"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: LczTwBCiUFhpTygioqvtpmSsiRVnYe0l7at1xLdK4eYNolMV_7sgZw==
expires: Wed, 21 Feb 2024 02:12:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 44ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: therecord.media
URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230032-FRA

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 2 KB
1 KB 35ms
17ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/252628.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d6dfe17ce6a11c35ef6dbd6b5f13959b68887a06983669ca97e0420160bce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 90cc12c6-83e1-44c8-8178-8abe2a4cae86
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1972
age: 9
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 90cc12c6-83e1-44c8-8178-8abe2a4cae86
cf-bgj: minify
last-modified: Wed, 21 Feb 2024 02:12:20 GMT
server: cloudflare
x-trace: 2BFA86F94BDFCFD9ECB0B65E1BFE59E2BF46311DDA000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-fbplv
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 858b76f5bf581e6e-FRA
expires: Wed, 21 Feb 2024 02:13:59 GMT

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 57ms
14ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=5nRRxN&url=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 26712635c2cf85726e835babaa3fd72c37016e9b161e96043bb9b137b2a4cd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 image
therecord.media/_next/ 66 KB
67 KB 264ms
264ms Image
image/webp 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2FMain_Feature_5_52edadca9e.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b19ea0f12858c3c58d3b50843a0cc469fd72a14d016feefb19a9fb2fcf6a458

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:30 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeaef4e0b397095cbd173ebc707-89e687f60d1f699d-01
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="Main_Feature_5_52edadca9e.webp"
content-length: 67984
x-served-by: cache-iad-kiad7000060-IAD, cache-fra-eddf8230114-FRA
server: cloudflare
etag: exnqDxKFjDxY07UIQ6DMRp-XKhTQFv7vsZqfsvz2pFg=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 858b76f5fd001db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 97 KB
97 KB 169ms
169ms Image
image/webp 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2FMain_Feature_8d5445d264.webp&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e391599d428ed31bca17b638fd1981d27a40dd1ca3491b1eb80e83d7ac19a452

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeaea03fc4ff6e83c801801728b-4427ca07dbcfd9b2-01
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="Main_Feature_8d5445d264.webp"
content-length: 98956
x-served-by: cache-iad-kcgs7200040-IAD, cache-fra-eddf8230116-FRA
server: cloudflare
etag: 45FZnUKO0xvKF7Y4-RmB0npA3RyjSRseuA6D16wZpFI=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 858b76f5fd011db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 53 KB
53 KB 185ms
185ms Image
image/webp 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2Fpatterns_targets_ransomware_exploitation_vulnerabilities_2017_2023_acf814b862.webp&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3227e665ee0610690fffe4e5793128cdba42b07b8f8a8740cc1b6dc24aa9484

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-17b5beeaea8c7219ad1937ad4cec0539-25f05abc2dc7bbd3-01
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="patterns_targets_ransomware_exploitation_vulnerabilities_2017_2023_acf814b862.webp"
content-length: 54180
x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-eddf8230112-FRA
server: cloudflare
etag: 0yJ+Zl7gYQaQ--5OV5MSjNukKwe4+Kh0DMG23CSqlIQ=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 858b76f5fd021db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/ 216 KB
67 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70558a2c8e7c705fd142fc56878177a8233a1c522a432a556cf5df1710fa203d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:48:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68371
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Feb 2025 00:48:09 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 177ms
133ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=10d456f2-666b-4409-ace0-bd2a3f5e7d6c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=41654a02-fbc4-4dff-8fcb-f4fb2a8dc5d9&tw_document_href=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&tw_iframe_status=0&txn_id=odgcz&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 629e71a470312373
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7bf06bd13391e323e0da3002ca26e2902306b2c3eeafd207725605784c91404f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 178ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=10d456f2-666b-4409-ace0-bd2a3f5e7d6c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=41654a02-fbc4-4dff-8fcb-f4fb2a8dc5d9&tw_document_href=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&tw_iframe_status=0&txn_id=odgcz&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 21 Feb 2024 02:12:29 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: bfbb5e95d05430fc
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 44ff6b8cacb93d5e018f86c143fc6613747481753f12c02187d1cfc404d5dcb5
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je42h0v9117850958z8832426714za200&_p=1708481549547&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1579150187.1708481550&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708481549&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&dt=US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1035
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 62ms
21ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=1579150187.1708481550&gtm=45je42h0v9117850958z8832426714za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYNZBT8ZP2&cid=1579150187.1708481550&gtm=45je42h0v9117850958z8832426714za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=511404326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ef46db3751d8e999.css Show response
therecord.media/_next/static/css/ 0
234 B 20ms
20ms Fetch
text/css 2606:4700:4400::6812:20b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:29 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3676667
traceresponse: 00-17a8af022709e0dfc034298cdcda181c-ff3f23f06584d27c-01
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 0
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 21 Dec 2023 10:23:06 GMT
server: cloudflare
etag: W/"0-18c8be67aa2"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 858b76f63d221db3-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 12707, 4

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
17 KB 156ms
155ms Script
application/javascript 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:26:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65836a29-fee9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17567
expires: Wed, 21 Feb 2024 02:12:30 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 418ms
13ms Script
application/javascript 2606:4700::6812:7e0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: br
age: 64275
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js&cfRay=858555c7594e19a0-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2a6dc24f5ac6c8a7eefaadde95ff2129"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js
date: Wed, 21 Feb 2024 02:12:31 GMT
x-amz-version-id: ukHk26vS_rf4a6X6Ik2.9R2qKIwOxT4G
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 88fe51be-b4ad-414e-9be4-42908e2638fd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-request-id: 88fe51be-b4ad-414e-9be4-42908e2638fd
last-modified: Tue, 06 Feb 2024 10:46:39 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-t25qt
cf-ray: 858b76feccb2380f-FRA
x-amz-cf-id: DKcaFDinKk8MVcJbBLUaEFi0Dz_h5f9qKd8J7rwxi3t8VwIKe99rkQ==

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 525ms
120ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af3f1d7f94ab4dd9772778426b29f7dcc94932d4cd320a81ed087698dad53cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.902/bundles/project.js&cfRay=858b76febdedbb56-FRA
x-amz-replication-status: PENDING
x-evy-trace-listener: listener_https
etag: W/"fe6f74022c5ca341c554dbc9f28319ec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.902/bundles/project.js
date: Wed, 21 Feb 2024 02:12:31 GMT
x-amz-version-id: JZDwjXGu.HUDwuViUXB3teXgVe39E4Xp
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: f51faa24-edf5-4de7-aa36-4d59fd251795
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: f51faa24-edf5-4de7-aa36-4d59fd251795
last-modified: Tue, 20 Feb 2024 16:31:19 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mf3JE1S%2BTyedKiQmgkAcZQ4E6xkGgYabhq6PZsECFSo%2FlIvIorzAPW4MfOQw96oFyb8%2FbOOjhNj01NZ8jqD3j3cT7eW%2FCt4cNTsmo8eYrufUjzvGSwfOruHPV5hnw7vAQD5JJ30u0RPlq7ZF"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-c4fsd
cf-ray: 858b76febdedbb56-FRA
x-amz-cf-id: BxnZoRMkytPswlt92vnR21T89miFusBj3ssmXlscOK-AITzoYPIrig==

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1708481400000/ 67 KB
21 KB 838ms
433ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1708481400000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1c62826bfa46b03c26dc7dd827310daf69bdc208c2db8b494934abb73ec2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: C5S8SDBB50JTRQFT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: ee8e13d8-cd92-4733-a555-08ba677454d5
x-envoy-upstream-service-time: 44
x-amz-id-2: 1tAZkCChU853xK7He5RZnEXyvXf7iFE+0daaSf43AwQCk3csS3SCgmkML1yi3zYDy9//OQvEQes=
x-evy-trace-listener: listener_https
x-request-id: ee8e13d8-cd92-4733-a555-08ba677454d5
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:24:20 GMT
server: cloudflare
etag: W/"8a741f48c2669d35b4024ac57b4aec7c"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 858b76febea62bb8-FRA
expires: Wed, 21 Feb 2024 02:17:31 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 62 KB
17 KB 532ms
128ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8129849fb87bc31a01d379c0959485174d865f4a43574246a571934f0b3d2578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
x-amz-version-id: hM_kLPLDEN3k.2xT6ofhDjS21SNHvZXZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3C265TYWT2APNP1B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dddb70be-e842-4a49-b63e-7c8c35568c78
x-envoy-upstream-service-time: 20
x-amz-id-2: sR+NUB22Il0I8H+T8VE6TJF1R7PEgLUnaqAbPHHlbWZlob9l+JoCTK7sJHYnnxtp0w9knThT/Q4ByGtpMNGR+vOdhyRka+ZAfdzWCjjALDs=
x-evy-trace-listener: listener_https
x-request-id: dddb70be-e842-4a49-b63e-7c8c35568c78
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 06 Feb 2024 14:35:27 GMT
server: cloudflare
etag: W/"5db8f0b9b042e4c245a7578ab6541a06"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-vnggj
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 858b76fecd084d76-FRA
expires: Wed, 21 Feb 2024 02:17:31 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
700 B 45ms
13ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:31 GMT
an-x-request-uuid: 2d8ddf7f-96d0-40d6-9988-290dd653218f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 156ms
155ms XHR
text/html 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-98-119.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
335 B 57ms
7ms XHR
text/html 2a02:26f0:7100::210:180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aaba33793088e9a628027f6c483e063b2d3a1446c436dbe07de6f0804dc70429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 02:12:31 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:ac8:20:3a00:1012:4cb1:e2e3:3b46
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1708481551203_34603388_1655205438_25_925_5_12_219";dur=1
content-length: 36
expires: Wed, 21 Feb 2024 02:12:31 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 321ms
320ms Image
image/gif 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 322ms
322ms Image
image/gif 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 569ms
569ms Image
image/gif 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3a00%3A1012%3A4cb1%3Ae2e3%3A3b46%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 404 B
1 KB 157ms
157ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=252628&currentUrl=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 94fcbb5e-f98e-4f9e-b0f0-45dfd5e2a2fa
content-encoding: br
x-envoy-upstream-service-time: 38
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 94fcbb5e-f98e-4f9e-b0f0-45dfd5e2a2fa
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FI9rO%2BZB57vZSRKIIH%2BBeDpGP4%2BFIbyxP1S0VZzMEDQnwI5uyPC%2FY4NTKrTP%2BiDgG4y5d1phJjsAIEZgVc37YTEaI%2BmCaZlZq5NnYA5vIi1TcfnD%2BQ%2BEzcWA3jpOW5WSCxAIghhOpGIStJH%2FiE0t04bMTq9amt9o9iA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 858b76ff9e33bb56-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-zw6mg

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 086D 28 B
50 B 18ms
18ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time: 1708481551286
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/-jKykhKKMZw?si=GZ0NBjAFIieO0j1n
X-YouTube-Client-Version: 1.20240213.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtmeFppYWhKX3duTSiMuNWuBjIKCgJERRIEEgAgZQ%3D%3D
X-YouTube-Ad-Signals: dt=1708481549016&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 41ms
10ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Wed, 21 Feb 2024 02:12:31 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 2986222847137265105

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 745 B
718 B 28ms
13ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 4160094e8e7a55a3dd60c62de930a81375ddce09c11dc6d7b28332da6dbbdf14

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-6s-CustomID: WebTag 64dc3ec5-330c-4652-88d3-147ee65e90ba

Response headers

x-trace-id: 3269373833372969156
date: Wed, 21 Feb 2024 02:12:31 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 399

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 135ms
120ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 02:12:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 8116c178-7ae7-4800-8ccd-8927da0759da
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8116c178-7ae7-4800-8ccd-8927da0759da
Last-Modified: Wed, 21 Feb 2024 02:12:31 GMT
Server: cloudflare
X-Trace: 2B384F060F6769DD76BAF477F97294415FF7476DDC000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-kq4w2
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 858b7700aff837fc-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 154ms
137ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4158071004&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&t=US+indicts+two+Russian+nationals+in+LockBit+ransomware+case&cts=1708481551596&vi=39fa847d2acf14f728e553cc44a1ca41&nc=true&u=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&b=156209188.1.1708481551594&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 766c9785-8d75-4bf5-9d6c-c32feda80c52
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 766c9785-8d75-4bf5-9d6c-c32feda80c52
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzjlH51H3g%2BDBcL0qC2pKfqdcDy9ir3QYLCEFiFhmRhGnBLDHBUuEMYIHQfipzlvnuv%2BdPhsX0dlskS3%2B2FCiVMXPGBfw5siD2Xk%2Fm3XEBkpZVTylizIQk0pxTtV5NPNslLLGLsFG2cduOLPyGKX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-k2d59
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 858b7701ad1f3a78-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 4 KB
2 KB 166ms
157ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=39fa847d2acf14f728e553cc44a1ca41&__hstc=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&__hssc=156209188.1.1708481551594&currentUrl=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dde523890fec3461be5a152dc9804ce0b1a840ed33145f054293235f1ce3483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5d9683c8-dcb0-4d5b-b874-1ac8b6ac6528
content-encoding: br
x-envoy-upstream-service-time: 40
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5d9683c8-dcb0-4d5b-b874-1ac8b6ac6528
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seVB1cWzcDaFV8hSfDRtw9ayTcZ1Er4Yzxs0y6EG8NWv9uq7ijCQjAu04idRheJbAXKaKxVz6eCmgGVEi24WsqPgIPnGf%2BFOF%2FVJZsOnL0AU0txit6mAcs0uSsDExBmrQ7GFEpVYy58nFjShVSgP"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 858b77019edabb56-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-9285z

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
439 B 142ms
141ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=e887dce6-7b34-4ba5-9eac-4d2ca9a2983c&lfi=2694383&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4158071004&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&t=US+indicts+two+Russian+nationals+in+LockBit+ransomware+case&cts=1708481551773&vi=39fa847d2acf14f728e553cc44a1ca41&nc=true&u=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&b=156209188.1.1708481551594&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dae54fef-1a9c-40c3-9bee-04fb2762bc75
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 21
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dae54fef-1a9c-40c3-9bee-04fb2762bc75
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5YTYu8YDBeX3e%2FSaL2YbPYDrlhRnFKjacw4Lr92VItSKY8uNiaTBXGWI%2BMA28Ap56kXhPUN2NxcdX8tqZVVL6dZwDumVnYHvJxeJakrTLUY6XaCmMmYxwNzqPBtMESkNk%2BV2KjBSkpx5V0CtMc0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-kz6mf
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 858b7702ad753a78-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
439 B 127ms
127ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4158071004&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pu=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&t=US+indicts+two+Russian+nationals+in+LockBit+ransomware+case&cts=1708481551773&vi=39fa847d2acf14f728e553cc44a1ca41&nc=true&u=156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1&b=156209188.1.1708481551594&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e405251-b43e-452c-8e17-461fb735afa4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e405251-b43e-452c-8e17-461fb735afa4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nARj9V0AAzRZ8GjmlrUpIzBM6K%2F4cOPJOvoWu%2FfDJiVFYyPWSvlsrAnxbrHm24tuZLARR6PYCxwXb9kXLXN3phYyao6T58z5s8DHxqF9%2FlqQiRoCH6HtQoR8wvOy0KMGBkgMDTHJUdHSedTL4Kew"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-bslj5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 858b7702ad773a78-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 321ms
321ms Image
image/gif 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A31%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 95ms
29ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 1278289
x-amz-request-id: 9JSXM9XF52VGCCEB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 21 Feb 2024 02:12:32 GMT
strict-transport-security: max-age=31536000
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: RefreshHit from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 85082
x-amz-id-2: 8YFZEe5Yh9YBerrPMpi5zCKiF4kDQDLm0bpQIrMFlkj6+tWrBK75tuq6J2d4P6PAZoxu2/2MVLI=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQah7OhJl2K8Hqe0G1oVVO02jnk75Tvd9h7N2DPglkbALjuqJN2JL8WRFN7I%2FWOED%2FhV4WQt8WmtbTyN6e8wYgaBiNKWQHhtisWRFIemAzYaQj%2ByIyq2O3cpcxoTLwEvnvdYw68HKvdRHkxUA7IfwIFYsA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 858b77094a2a3a54-FRA
x-amz-cf-id: NhuPWELimM85IHlUibEQeGP6ycOllB4gVoKczEFctoGs6RbPNzWHyg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 325ms
323ms Image
image/gif 23.62.98.119
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A32%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.98.119 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-98-119.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 02:12:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=06a82e8e-6ce0-44cf-8b50-2a09feccddaa&session=1c2d75b8-c820-4d93-8c9b-0294bd14146d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2021%20Feb%202024%2002%3A12%3A33%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Russian%20nationals%20Artur%20Sungatov%20and%20Ivan%20Kondratiev%20%E2%80%94%20an%20infamous%20hacker%20also%20known%20as%20Bassterlord%20%E2%80%94%20%E2%80%9Care%20alleged%20to%20have%20joined%20in%20the%20global%20LockBit%20conspiracy%2C%5C%22%20according%20to%20the%20Department%20of%20Justice.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20indicts%20two%20Russian%20nationals%20in%20LockBit%20ransomware%20case%20%20%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Flockbit-ransomware-indictments-us-doj-bassterlord&pageViewId=f0eee2c6-bcea-4333-8428-b4e7d7da5954&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.14

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -hwqbOEm8Lk
.youtube.com/	1970-01-20 22:53:53	Name: VISITOR_INFO1_LIVE Value: fxZiahJ_wnM
.therecord.media/	1970-01-21 04:00:36	Name: _pk_id.2.de70 Value: 5a41f8c8e8a733f6.1708481550.
.therecord.media/	1970-01-20 18:34:43	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-21 04:10:41	Name: _ga_EYNZBT8ZP2 Value: GS1.1.1708481549.1.0.1708481549.60.0.0
.therecord.media/	1970-01-21 04:10:41	Name: _ga Value: GA1.1.1579150187.1708481550
.t.co/	1970-01-21 04:10:41	Name: muc_ads Value: 08d15304-8276-46b4-a139-c7f1c4c99104
.twitter.com/	1970-01-21 04:10:41	Name: guest_id_marketing Value: v1%3A170848154987677186
.twitter.com/	1970-01-21 04:10:41	Name: guest_id_ads Value: v1%3A170848154987677186
.twitter.com/	1970-01-21 04:10:41	Name: personalization_id Value: "v1_KILE6Vjc4W8thmFAIveQZw=="
.twitter.com/	1970-01-21 04:10:41	Name: guest_id Value: v1%3A170848154987677186
.adnxs.com/	1970-01-21 04:10:41	Name: receive-cookie-deprecation Value: 1
therecord.media/	1970-01-20 18:44:46	Name: _an_uid Value: 0
therecord.media/	1970-01-21 04:10:41	Name: _gd_visitor Value: 06a82e8e-6ce0-44cf-8b50-2a09feccddaa
therecord.media/	1970-01-20 18:34:55	Name: _gd_session Value: 1c2d75b8-c820-4d93-8c9b-0294bd14146d
.therecord.media/	1970-01-20 22:53:53	Name: __hstc Value: 156209188.39fa847d2acf14f728e553cc44a1ca41.1708481551594.1708481551594.1708481551594.1
.therecord.media/	1970-01-20 22:53:53	Name: hubspotutk Value: 39fa847d2acf14f728e553cc44a1ca41
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 18:34:43	Name: __hssc Value: 156209188.1.1708481551594
.hubspot.com/	1970-01-20 18:34:43	Name: __cf_bm Value: SoFvJ.Ug3Nk44VmHLbJqkizRClZElA_BZ8Vn468WNiE-1708481551-1.0-AXMNYn8kxqc4qf8BBfucg8aZhh0xmB6lv4DHVTYZYpEPvLDAiIjq2ImGI2vUKeaQFtq6PntI33LndzF+y5eV8U0=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rRwTToVEsjQ65W9iMhQCBT.jRF0qKippFns1PEHEDe0-1708481551755-0.0-604800000
.6sc.co/	1970-01-21 04:10:41	Name: 6suuid Value: 98643e17209802000f5cd5650e0300007e1c0000
.go.recordedfuture.com/	1970-01-20 18:34:43	Name: __cf_bm Value: ipM.Q93nttJKFzYuvvZ0CusHbYzCO_gRk7Y5tDi4giA-1708481552-1.0-AR6Qlays5qRdW92zfKYT64gxwHkK77OA0p0KEIW7a5RK8WJxCZ5wZZyz3AFbVB/Pm9OomPjziRyxV3hUH1ADfoI=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: bc267017958230feaf773aca76b6933143091aea-1708481552

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord(Line 35) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://therecord.media/lockbit-ransomware-indictments-us-doj-bassterlord Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
cta-service-cms2.hubspot.com
epsilon.6sense.com
fonts.gstatic.com
forms.hubspot.com
go.recordedfuture.com
googleads.g.doubleclick.net
i.ytimg.com
ipv6.6sc.co
j.6sc.co
jnn-pa.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
perf-na1.hsforms.com
recordedfuture.matomo.cloud
region1.analytics.google.com
secure.adnxs.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
t.co
therecord.media
track.hubspot.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.recordedfuture.com
www.youtube.com
yt3.ggpht.com
b.6sc.co
104.244.42.197
104.244.42.67
146.75.120.157
172.64.144.145
185.89.210.153
2001:4860:4802:34::36
23.62.98.119
2600:9000:26db:400:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700:4400::6812:20b5
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:9b4b
2606:4700::6810:4eba
2606:4700::6810:bf59
2606:4700::6811:cff9
2606:4700::6812:7e0c
2606:4700::6813:9b53
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2016
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9d
2a02:26f0:7100::210:180
3.126.133.169
76.223.9.105
03c6a05bd0d89aa91521b0ebe9a14e367f6c41ebd64f585fbee07ba3a2124e89
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
26712635c2cf85726e835babaa3fd72c37016e9b161e96043bb9b137b2a4cd3b
26e64d51c77876ee305e0d82fbe2580f42b2420a2b9ed3e90f75967f12491298
2ad25f126714ad3bf7e1fd834e9be185170945da0fade5439befddc33777c5e5
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2af3f1d7f94ab4dd9772778426b29f7dcc94932d4cd320a81ed087698dad53cd
2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf
2f16abf2fb4d106a67c8ca0a3ccd6f2a49ce1436ddff8eaace256fc343bfd786
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32b0329ca5256c298725ea867c29d1446ce8e8277fb828c6c4dc2dc74b09c98b
3303db9454ead61f24fc598ad2a9d64aebd739493d1a07fffe1d1ead71b9419c
33827dad44cb9dbaba81212f22a069edd8ceabf83dbb1345d1a52298a08913ec
34bba002b1ad2b3fa7ac4c1586018372d7aec41ed52f1a4f9378d462242c1bf5
37ca6f3935fd2598ee98ca7013ad5f2c3e1f834efb8bbb24f3c4ba9d5d7849ec
38276405d056497d09d1df6f16ebb6455ecbb87fe33897dffba1e65c125215d2
3c4b8801f2ab8dc2eba09fc407eae4695abc02a98318f42d02a7868755b1f08e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4160094e8e7a55a3dd60c62de930a81375ddce09c11dc6d7b28332da6dbbdf14
4591d84f0c0c70db45eb6f17469fad1fcfc2faee310998a42e8eaea10d2f0ab0
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4d29492c4c6785a1196ed91ffab327ff1660ce9aded214ac39cd314c88f7eb60
4fcb0d86b109bc23b104239673c6ca04312c6be43af34aa6cff567a836fe7292
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dde523890fec3461be5a152dc9804ce0b1a840ed33145f054293235f1ce3483
62936840e340865476acaf47c79cfb7d7eade459cba270111fbe4d29dbaadf8d
629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916
63640583392ffa2f12bb5761ec77cad09eb6bcaab2efd61f1f88622d4c7ba61f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af2f1058fd363bf155e08118c3c426cd3889a0771ba2faf6c142752b2857e22
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
70558a2c8e7c705fd142fc56878177a8233a1c522a432a556cf5df1710fa203d
711e6711b8253356a928a6d742ac1a0ca718cccd6a415d073948256bf922ee89
79de82940b7430a25fecc4895292dee4da05a84b39e65730671d51a42926b1ed
7a0f92757e0a75ad0e3e660ae218d3f9b390ebfb39a6563ef2bdd38b08c9a28c
7b19ea0f12858c3c58d3b50843a0cc469fd72a14d016feefb19a9fb2fcf6a458
7de33ea59a235aab6c7fbb6009e4e41df2b1f41fa62aef62e4934d4cfb8c445e
80674df4167d5260cbac3f8a6499ae381e36025aea6ad5c8eba25c5eb668e007
8129849fb87bc31a01d379c0959485174d865f4a43574246a571934f0b3d2578
84e48bdf0ce16674564197e5ae45172e92ad0b3e63a616a0352f3d99b7c94447
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
976feb0324aaaa56ca8385a4d9d3114be4afa772f0e4d0f118d1a7f3d6a160de
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
aaba33793088e9a628027f6c483e063b2d3a1446c436dbe07de6f0804dc70429
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
abfdfb31ef6812849b7a3fe511b8f308e6768bea9da8cbb70f0041191348f87b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3107d855114d1d82f38a7815a45fce788901a46c513a32836a8a8fb3c3087b
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
add3b9de8dba5d9df8bff808681b878e126f9c5f6cc2ab7ff800d2fff5dcdb88
b8a7085e5c34c1f85a5c6c42832c0f4a70ae0e71a806925bed925c6f338c623a
b9d6dfe17ce6a11c35ef6dbd6b5f13959b68887a06983669ca97e0420160bce7
bab1a7338ababef20520afb590c2018f7e4aebee0ebd5fd07ec9d97fd9696a9a
bbdb9358ee8401fd2f0410bd7e77cb085f1b98e923e61ff2ea580da390907a83
c7e0c42869323aac252203ae74ad82adc859d699bcf448b8a14178f9c0e4fb5b
cb72528588e7cf23b4a364611ea24f2648d9ee020f6d0b80f70aad410766b991
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0d3291019e52d9c4fe5d30d6807501b2f779210dd396f65f22386648c1b7df6
d3227e665ee0610690fffe4e5793128cdba42b07b8f8a8740cc1b6dc24aa9484
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
df4be602c6f68df8c9b8317170b8a889998686cb6d2124a26d58ca14069061e8
e1ca1c8241e63cc04e65572203feb8ab60a37143447c39c4a14212edfdb7da0a
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e391599d428ed31bca17b638fd1981d27a40dd1ca3491b1eb80e83d7ac19a452
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eebb72bf3e28eb30a2c4a00ba608467ba83484e0021f3c617254ec1a2c0fe801
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1c62826bfa46b03c26dc7dd827310daf69bdc208c2db8b494934abb73ec2d4
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f8837339f39b4de89bcdc5b4705e44d0007a8728881c70d1010f9973dff06306
f9a1ac06b359601c85bd251b145a32a2792ed926ca0e00c1e971b6e64436a74d
fc140e6eb5e7230d599925e013a58b4104d2950438e5ab4f2bc147b6be593853
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fff48d94e30cb5c2f87212c4b3cd7783d22d26e83ba1787243e2591df0d5c3f9

therecord.media Open in urlscan Pro 2606:4700:4400::6812:20b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

98 %HTTPS

75 %IPv6

24 Domains

37 Subdomains

33 IPs

4 Countries

4361 kBTransfer

10515 kBSize

24 Cookies

20 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700:4400::6812:20b5 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

98 %
HTTPS

75 %
IPv6

24
Domains

37
Subdomains

33
IPs

4
Countries

4361 kB
Transfer

10515 kB
Size

24
Cookies

104 HTTP transactions
2 data transactions