therecord.media Open in urlscan Pro
2606:4700:4400::6812:2a1e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
Submission: On September 20 via api (September 20th 2024, 2:16:54 am UTC) from TR — Scanned from US

Summary HTTP 95 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 95 HTTP transactions. The main IP is 2606:4700:4400::6812:2a1e, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 248118.
TLS certificate: Issued by WE1 on August 13th 2024. Valid for: 3 months.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	2606:4700:440... 2606:4700:4400::6812:2a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:24f... 2600:9000:24f0:6000:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:91e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.152.166 172.64.152.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
13	23.196.3.199 23.196.3.199	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
5	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8c11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:141b:1c0... 2600:141b:1c00:2e::17d1:48c5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
95	23

52 2606:4700:4400::6812:2a1e (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f0:6000:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:91e2 (United States)

ASN13335 (CLOUDFLARENET, US)

cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.196.3.199 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-199.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8c11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.114 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:2e::17d1:48c5 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	therecord.media therecord.media — Cisco Umbrella Rank: 248118 cms.therecord.media — Cisco Umbrella Rank: 486327	1 MB
14	6sc.co j.6sc.co — Cisco Umbrella Rank: 5691 c.6sc.co — Cisco Umbrella Rank: 7155 ipv6.6sc.co — Cisco Umbrella Rank: 5832 b.6sc.co — Cisco Umbrella Rank: 3516	24 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3569 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3636 track.hubspot.com — Cisco Umbrella Rank: 2372 forms.hubspot.com — Cisco Umbrella Rank: 5885	29 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16968 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 513287	68 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 8883	722 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 td.doubleclick.net — Cisco Umbrella Rank: 189	253 B
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 315744 go.recordedfuture.com — Cisco Umbrella Rank: 502694	160 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	181 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 3818	927 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 479	702 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2182	19 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2209	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5629	92 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 932	723 B
1	t.co t.co — Cisco Umbrella Rank: 834	627 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 140
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2478	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 875	15 KB
95	18

	Domain	Requested by
49	therecord.media	therecord.media
10	b.6sc.co
5	cms.therecord.media	therecord.media
2	epsilon.6sense.com	j.6sc.co
2	track.hubspot.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	cdn.matomo.cloud	therecord.media
2	www.googletagmanager.com	therecord.media www.googletagmanager.com
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	analytics.twitter.com
1	t.co
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	therecord.media
1	www.recordedfuture.com	therecord.media
95	28

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
cloud.google.com
blog.talosintelligence.com
research.checkpoint.com
www.fortinet.com
www.instagram.com
mastodon.social

Subject Issuer	Validity	Valid
therecord.media WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.recordedfuture.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-07`	a year	crt.sh
hubspot.com E5	`2024-09-18` - `2024-12-17`	3 months	crt.sh
hsleadflows.net WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-04-01` - `2025-04-30`	a year	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
go.recordedfuture.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
Frame ID: 2EF7AE878DDF5B11B37EB950C2AE2A89
Requests: 93 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-EYNZBT8ZP2&gacid=1877537023.1726798607&gtm=45je49j0v9117850958z8832426714za200zb832426714&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1555552782
Frame ID: B07426C73E726D72F01522CAAC167755
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iran backdoors planted across Middle East telecoms, government agencies, Google says

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

95
Requests

100 %
HTTPS

61 %
IPv6

18
Domains

28
Subdomains

23
IPs

3
Countries

1781 kB
Transfer

5783 kB
Size

25
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms,%20government%20agencies,%20Google%20says%20https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs&title=Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms,%20government%20agencies,%20Google%20says

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs&t=Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms,%20government%20agencies,%20Google%20says

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform?mtm_campaign=ad-unit-record&__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks/
Title: published

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/introducing-shrouded-snooper/
Title: Cisco

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/
Title: Check Point

Search URL Search Domain Scan URL

URL: https://www.fortinet.com/blog/threat-research/wintapix-kernal-driver-middle-east-countries
Title: Fortinet

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/research/marko-polo-navigates-uncharted-waters-with-infostealer-empire?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: "Marko Polo" Navigates Uncharted Waters With Infostealer Empire"Marko Polo" Navigates Uncharted Waters With Infostealer Empire

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/research/h1-2024-malware-and-vulnerability-trends-report?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: H1 2024: Malware and Vulnerability Trends ReportH1 2024: Malware and Vulnerability Trends Report

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/research/predator-spyware-infrastructure-returns-following-exposure-sanctions?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: Predator Spyware Infrastructure Returns Following Exposure and SanctionsPredator Spyware Infrastructure Returns Following Exposure and Sanctions

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/research/h1-2024-check-fraud-report?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: H1 2024 Check Fraud Report: Geographic Trends and Threat Actor PatternsH1 2024 Check Fraud Report: Geographic Trends and Threat Actor Patterns

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/research/greencharlie-infrastructure-linked-us-political-campaign-targeting?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: GreenCharlie Infrastructure Targeting US Political Entities with Advanced Phishing and MalwareGreenCharlie Infrastructure Targeting US Political Entities with Advanced Phishing and Malware

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://mastodon.social/@therecord_media

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&__hsfp=3381463866
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iran-backdoors-planted-across-middle-east-telecoms-government-orgs Show response
therecord.media/ 71 KB
14 KB 402ms
171ms Document
text/html 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

06593006802f743f99cf26faacf9edbec0510accd5c61d400436e07574084344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 33
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c5e50a52dced7a8-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 20 Sep 2024 02:16:43 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-17f6cb9b30c6d02e7bcc2897e71b81ad-6e6f47ab685918e2-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 10, 0
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-nextjs-cache: STALE
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kiad7000153-IAD, cache-bur-kbur8200103-BUR

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
3 KB 371ms
351ms Image
image/svg+xml 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=640

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"63c03e2b-1c5f"
expires: Fri, 20 Sep 2024 02:21:43 GMT
traceresponse: 00-17f6d22e4e64227c9abd059d13dc79ca-8ec96a6ae42a0191-01
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 8c5e50a67a44d7a8-LAX
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
server: cloudflare
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y

GET
H2 200 mosque_middle_east_acf62d9297.jpg
cms.therecord.media/uploads/format_webp/ 62 KB
62 KB 371ms
351ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/format_webp/mosque_middle_east_acf62d9297.jpg?w=640

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3cc9d71ed187139311e229642474c0bbe1457e07f285ba87a9e562f9c217054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000, public, s-maxage=31536000
cf-cache-status: DYNAMIC
etag: "f7c4-ryaNvZ3TU6C9vRTQ8KwAbeLAA3w"
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 8c5e50a67a4ad7a8-LAX
traceresponse: 00-17f6d22e4e73876d775de141e984509d-c8db4e385a2a4611-01
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: image/webp
server: cloudflare
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 371ms
352ms Image
image/svg+xml 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=256

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"63c03e2b-1c5f"
expires: Fri, 20 Sep 2024 02:21:43 GMT
traceresponse: 00-17f6d22e4ecc60c555a6fa2b2dac9b7f-0d0a7e3297af8945-01
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 8c5e50a67a3fd7a8-LAX
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
server: cloudflare
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y

GET
H2 200 95397b2d2ed8f9bc.css
therecord.media/_next/static/css/ 63 KB
12 KB 136ms
133ms Stylesheet
text/css 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f8fd9e900f271ec01f92c5765d87063008cf924146ebaed661bac4a2b36df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"fafd-190ed0ca61f"
age: 2030933
traceresponse: 00-17e6aa5e4ec879051dd228136f95c2f6-fcf7dad1cdc0868a-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kcgs7200025-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 13700, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50a669e6d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 11637
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 ef46db3751d8e999.css
therecord.media/_next/static/css/ 0
235 B 135ms
133ms Stylesheet
text/css 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/ef46db3751d8e999.css

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: W/"0-190ed0ca61f"
age: 915028
traceresponse: 00-17e64a686aede156d41ee8505350b906-8c4e0acabe0565f3-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kcgs7200091-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 4339, 3
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50a669e8d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 0
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 88ms
82ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"66e7fb1c-302c"
x-content-type-options: nosniff
cf-ray: 8c5e50abbb80d7a8-LAX
expires: Sun, 22 Sep 2024 02:16:44 GMT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 09:32:12 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/tZUbWqrYcB8Fce8FCZO1K/ 99 B
277 B 214ms
40ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/tZUbWqrYcB8Fce8FCZO1K/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"63-1920b1b3840"
age: 35405
traceresponse: 00-17f6b1fb38bee68e08a08360a5411915-513cadc58f5f4463-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 16:26:26 GMT
x-served-by: cache-iad-kjyo7100167-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 11, 3
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fdcd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/tZUbWqrYcB8Fce8FCZO1K/ 1 KB
1 KB 211ms
40ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/tZUbWqrYcB8Fce8FCZO1K/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59201e1aa1781ca066e8ade81005960230e8c6d9ca3dd16843d9f3ce651535f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"580-1920b1b3840"
age: 35404
traceresponse: 00-17f6b1fb38da31846fe5fa6fabd14a2a-56e6af6047f99d37-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 16:26:26 GMT
x-served-by: cache-iad-kiad7000157-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 27, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fe2d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 550
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 %5B%5B...slug%5D%5D-e275779122f0a5ba.js Show response
therecord.media/_next/static/chunks/pages/ 70 KB
17 KB 208ms
35ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-e275779122f0a5ba.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385a7e73c66914ef1a417e1fb0a32945621a3386ee108a167f88e5d8492b2723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"11638-1920b1b383d"
age: 35405
traceresponse: 00-17f6b1fb3981580ab6fa9c3e61fd77d7-5b8e8f24df6a7fda-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 19 Sep 2024 16:26:26 GMT
x-served-by: cache-iad-kiad7000027-IAD, cache-bur-kbur8200110-BUR
x-cache-hits: 3, 2
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fe3d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 17497
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 764-3e5ee72a19dc309e.js
therecord.media/_next/static/chunks/ 695 KB
0 367ms
197ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/764-3e5ee72a19dc309e.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"113c7b-191eba7d057"
age: 562975
traceresponse: 00-17f4d227fe530cd599379a960d417c99-f569a46ded52330a-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Sep 2024 13:52:09 GMT
x-served-by: cache-iad-kjyo7100062-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 48, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fe7d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 281672
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 61-4f7ac79331020880.js Show response
therecord.media/_next/static/chunks/ 16 KB
6 KB 283ms
115ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/61-4f7ac79331020880.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208bd37f7578004573c5ad462d6e49f515f6af11590256fc46e0960853c286c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"3f0e-190ed0ca618"
age: 3856417
traceresponse: 00-17e75ad3f1b3befd0fa2887d000eded7-84ddc68a070d39bd-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kjyo7100106-IAD, cache-lax-kwhp1940076-LAX
x-cache-hits: 18190, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fead7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6002
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 _app-8e10b847980edffe.js Show response
therecord.media/_next/static/chunks/pages/ 124 KB
39 KB 567ms
400ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-8e10b847980edffe.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57593d7b0b85c475360e68e67da8a58114ea145017774f594393fc74b13f9c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1f0c6-190ed0ca61d"
age: 1226813
traceresponse: 00-17e91292c335ceaf1f8ab8da72020eeb-9b89868f5d5d7475-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kjyo7100158-IAD, cache-bur-kbur8200154-BUR
x-cache-hits: 8572, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2fedd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 39883
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 main-7af7d5359a6145de.js Show response
therecord.media/_next/static/chunks/ 113 KB
32 KB 206ms
39ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1e7dbbeac9332654513f395b1e3d6cf019f790b9ddaaca904826fcf361d7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1c275-190ed0ca61c"
age: 1517780
traceresponse: 00-17e5b55910f56ce4ce0ab75138f6e7e3-31b5bd56326072c6-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kiad7000138-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 6966, 4
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2ff0d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 32966
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 framework-0c7baedefba6b077.js Show response
therecord.media/_next/static/chunks/ 138 KB
45 KB 282ms
115ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-0c7baedefba6b077.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd1cca3aebcdd10c33d713a95479909354ddbc5d5ad9761466ac27ea528895d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"226f7-190ed0ca61c"
age: 3940317
traceresponse: 00-17e79e5add5e89435999b4b3bd69ee6f-387bceb5de2614b0-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kcgs7200042-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 18363, 4
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2ff2d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 45474
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 webpack-6af0e3c12b874bb0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 565ms
399ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-6af0e3c12b874bb0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21799daa444376f341e8eb25a170b3e7d1805e81790531faf3e2c0f9a74d697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"9d2-190ed0ca61f"
age: 2046094
traceresponse: 00-17e7040aaf9ae88f45e942937c209643-cc4e006b2b90606b-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kjyo7100085-IAD, cache-bur-kbur8200110-BUR
x-cache-hits: 228, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2ff7d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 1028
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 x-social-media-logo-icon.svg
therecord.media/icons/svg/ 515 B
576 B 628ms
466ms Image
image/svg+xml 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/icons/svg/x-social-media-logo-icon.svg

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3107d855114d1d82f38a7815a45fce788901a46c513a32836a8a8fb3c3087b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"203-1920b164d80"
age: 0
traceresponse: 00-17f6d22e864c5bb32709b5d723e8740e-3648dcb7c14ccb09-01
x-cache: MISS, MISS
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kcgs7200142-IAD, cache-bur-kbur8200022-BUR
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad2ff9d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 x-social-media-black-icon.svg
therecord.media/icons/svg/ 456 B
463 B 625ms
464ms Image
image/svg+xml 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/icons/svg/x-social-media-black-icon.svg

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8837339f39b4de89bcdc5b4705e44d0007a8728881c70d1010f9973dff06306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"1c8-1920b164d80"
age: 0
traceresponse: 00-17f6d22e8a78713a4912b933891126a2-99a36074f37d0a71-01
x-cache: MISS, MISS
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kcgs7200098-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad993fd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 mastodon-social-media-logo-icon.svg
therecord.media/icons/svg/ 662 B
553 B 616ms
465ms Image
image/svg+xml 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/icons/svg/mastodon-social-media-logo-icon.svg

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a3db8fc57bcda285f5b3f4a160720f6f5d04b78ed3721ac15747cc302093ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"296-1920b164d80"
age: 0
traceresponse: 00-17f6d22e8cffea8bd15fc67269b9112d-990009778fedc21f-01
x-cache: MISS, MISS
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kjyo7100029-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50ad9942d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 Inter-Bold.woff2
therecord.media/fonts/ 105 KB
105 KB 417ms
158ms Font
font/woff2 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90360297b6fe39f50d3a404b0d4ac3bb9a2a5d822b1e13469d63f75208645d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

cf-cache-status: DYNAMIC
etag: W/"1a20c-191f9da4508"
age: 216634
traceresponse: 00-17f60d2775ecc22b1db50516a944a0ec-c2ce330484a6b9fe-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: font/woff2
last-modified: Mon, 16 Sep 2024 08:01:57 GMT
x-served-by: cache-iad-kiad7000071-IAD, cache-lax-kwhp1940076-LAX
x-cache-hits: 38, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=604800, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50aefd8fd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 107020
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 488ms
209ms Font
font/ttf 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1304-1920b164d80"
age: 0
traceresponse: 00-17f6d22e99ff6843a7386f5154531959-f30a8ada9029c0ae-01
x-cache: MISS, MISS
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: font/ttf
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kjyo7100149-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50aefd93d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 3052
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 Inter-SemiBold.woff2
therecord.media/fonts/ 104 KB
105 KB 446ms
156ms Font
font/woff2 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450d4d7ecf5b8d79e47f130f9ff020bc90040349446082e25c94610a8a0c7d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

cf-cache-status: DYNAMIC
etag: W/"1a0e8-190ed075c68"
age: 594781
traceresponse: 00-17e6b9a6d2979eb4ae4abe6a9855996b-a4902a369b62439e-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: font/woff2
last-modified: Fri, 26 Jul 2024 03:13:21 GMT
x-served-by: cache-iad-kcgs7200116-IAD, cache-bur-kbur8200022-BUR
x-cache-hits: 13, 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=604800, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50aefd95d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 106728
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 Inter-Regular.woff2
therecord.media/fonts/ 96 KB
97 KB 447ms
148ms Font
font/woff2 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

126ca9ae6d21168ede8d388a12b6341a1ed981dd3f54bccc0626eaab63339c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

cf-cache-status: DYNAMIC
etag: W/"18138-191f9da4508"
age: 247810
traceresponse: 00-17f5f0ccf7702296cd5f21a44494fdc4-bf9873f43afad3fd-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: font/woff2
last-modified: Mon, 16 Sep 2024 08:01:57 GMT
x-served-by: cache-iad-kiad7000099-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 8, 3
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=604800, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50aefd97d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 98616
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 Inter-ExtraBold.woff2
therecord.media/fonts/ 105 KB
105 KB 427ms
123ms Font
font/woff2 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.woff2

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8c719384b4d90a2bd2b288e985639991ad93c4f4b27e25af02d7cf300e3113e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/_next/static/css/95397b2d2ed8f9bc.css

Response headers

cf-cache-status: DYNAMIC
etag: W/"1a218-1920b164d80"
age: 18397
traceresponse: 00-17f6c1735711098b2039eb3cf1d34ec1-c29ee8dc129c0cc5-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:44 GMT
content-type: font/woff2
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kcgs7200054-IAD, cache-bur-kbur8200110-BUR
x-cache-hits: 10, 1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=604800, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50aefd98d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 107032
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
78 KB 1149ms
133ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2652ec0a1c414536e827490d5b952f8561976959f40752432ddfb17096581ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: br
expires: Fri, 20 Sep 2024 02:16:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 02:16:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 00:00:22 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 79530
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 202 KB
59 KB 713ms
221ms Script
application/javascript 2600:9000:24f0:6000:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f0:6000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7d1e4da46e65ade35e0017500907b2d3bc738bb33b10266f679f2113cc56861c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: gzip
etag: W/"5c359e1fa9398dc7248bc8740cc8eb49"
x-amz-version-id: nUcBrzhVy9JMMaAtFkxpvW8b5Jy3nYQT
age: 8152
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _RZBo806CH99ADoATvQdRvLYonzCxPb8Bv1nxLu1IpIxHN_ABwqWPw==
date: Fri, 20 Sep 2024 00:00:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Apr 2024 00:09:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-amz-replication-status: FAILED
cache-control: max-age=691200
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
server: CloudFront

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 712ms
220ms Script
application/javascript 2600:9000:24f0:6000:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js

Requested by

Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f0:6000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

726623cea9a9a1a3a4a06ca3178dfbf28880943f7bc88d1662dffa8787da7c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: gzip
etag: W/"d371f198e43096ed07058c5a4baadd20"
x-amz-version-id: 255Pp8mkfVAYi1ZrUBq0euboVqeutpdX
age: 8152
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: qzVDTBfWSisd1gGWseiUD_A-3cDupqUwSC2-hrywniiwdE6RAU-PWA==
date: Fri, 20 Sep 2024 00:00:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 22:00:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=691200
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
server: CloudFront

GET
H2 200 764-3e5ee72a19dc309e.js Show response
therecord.media/_next/static/chunks/ 1 MB
276 KB 109ms
97ms Script
application/javascript 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/764-3e5ee72a19dc309e.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b47f5f64e6f2598727b12ff0dd03d25e360118e3905d30df10b59a6350406f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"113c7b-191eba7d057"
age: 562976
traceresponse: 00-17f4d227fe530cd599379a960d417c99-f569a46ded52330a-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Sep 2024 13:52:09 GMT
x-served-by: cache-iad-kjyo7100062-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 48, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50b41de2d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 281672
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 favicon.ico
therecord.media/ 15 KB
2 KB 377ms
349ms Other
image/x-icon 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"3c2e-1920b164d80"
age: 0
traceresponse: 00-17f6d22ee1a2367429f83617c63f76f5-dbcc133ea23c075f-01
x-cache: MISS, MISS
date: Fri, 20 Sep 2024 02:16:46 GMT
content-type: image/x-icon
last-modified: Thu, 19 Sep 2024 16:21:04 GMT
x-served-by: cache-iad-kiad7000141-IAD, cache-lax-kwhp1940076-LAX
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50b67d54d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 1875
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 articles Show response
cms.therecord.media/api/ 12 KB
4 KB 987ms
565ms XHR
application/json 2606:4700:4400::ac40:91e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=5439&filters[date][$lte]=2024-09-19T18%3A24%3A57.881Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2024-09-20T02%3A16%3A46%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2024-09-20T02%3A16%3A46%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/764-3e5ee72a19dc309e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

81cefd6082a032f20375367957746510e7cc25b4bcbb693d7ee21627bc95427b

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;script-src 'self' cdn.jsdelivr.net blob:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://therecord.media/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
traceresponse: 00-17f6d22f312ee7b40b1786a9b29ad6f5-da6e6733faef52da-01
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;script-src 'self' cdn.jsdelivr.net blob:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-dns-prefetch-control: off
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8c5e50be2b972a94-LAX
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
access-control-allow-origin: https://therecord.media
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
x-powered-by: Strapi <strapi.io>
server: cloudflare
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y

GET
H2 200 articles Show response
cms.therecord.media/api/ 13 KB
5 KB 871ms
455ms XHR
application/json 2606:4700:4400::ac40:91e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editors&populate[3]=editors.page&populate[4]=editor&populate[5]=editor.page&populate[6]=image&populate[7]=image.desktop&populate[8]=image.tablet&populate[9]=image.mobile&populate[10]=tags&populate[11]=tags.page&populate[12]=page&filters[id][$ne]=5439&filters[date][$gte]=2024-09-19T18%3A24%3A57.881Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2024-09-20T02%3A16%3A46%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2024-09-20T02%3A16%3A46%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/764-3e5ee72a19dc309e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

f8c7075dcdc0187a60dcc65cc4e5ced72d750721b3da7538f8f60d037f750507

Security Headers

Name	Value
Content-Security-Policy	img-src * data: blob: https://market-assets.strapi.io;script-src 'self' cdn.jsdelivr.net blob:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://therecord.media/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
traceresponse: 00-17f6d22f318072778edbfbbe11ecd0f5-2ba2f2be2f9bb153-01
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: img-src * data: blob: https://market-assets.strapi.io;script-src 'self' cdn.jsdelivr.net blob:;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-dns-prefetch-control: off
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8c5e50be2b9d2a94-LAX
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
access-control-allow-origin: https://therecord.media
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
x-powered-by: Strapi <strapi.io>
server: cloudflare
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 278 KB
75 KB 615ms
106ms Fetch
text/xml 172.64.152.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/764-3e5ee72a19dc309e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.152.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4a34cc6ed10cb463969c27a067149ff5b69edb0fa2f75d6d208bfada1236ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/rss+xml
Referer: https://therecord.media/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
age: 834
access-control-allow-methods: GET,DELETE,PATCH,POST,PUT,HEAD,OPTIONS
x-content-type-options: nosniff
traceresponse: 00-17f6d16c72c5528e7aaa8568ebd84cd5-225cb42efa3ffb03-01
x-cache: HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: text/xml
x-served-by: cache-lax-kwhp1940102-LAX
x-cache-hits: 0
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, User-Agent, Authorization, Origin, Pragma, Cache-Control, Expires
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: false
via: 1.1 varnish
cf-ray: 8c5e50becd3769b8-LAX
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76166
server: cloudflare

GET
H2 200 index.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 74 KB
18 KB 133ms
87ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f8c05d914af64d5f1297f92a272a852ad3e1c13081331aa6b7240d853ea4532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "15m9flknr4l1mj9"
age: 1246
traceresponse: 00-17f6d01b4063d4b2f21f091079ff4b11-f880de83d3271a1c-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:46 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200030-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 53, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd5bfdd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 17663
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 leadership.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 301ms
255ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/leadership.json?slug=news&slug=leadership

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a556bb8aa9882588015e98851122197a30e1177c25d442a9bdb62ef5229f6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "178jy8j388yo10"
age: 0
traceresponse: 00-17f6cb89bedd404650e132b2b034c541-62e98adbf424eae4-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200091-IAD, cache-lax-kwhp1940076-LAX
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c03d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6417
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 293ms
247ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/cybercrime.json?slug=news&slug=cybercrime

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

926baaf8f65dfcca43c33cbb5a7d83e47b50b3ed04361d08db89ecee6b923448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "7gdbdi6pknzh"
age: 0
traceresponse: 00-17f6cb94398850ed5544e5ccbbd23cbc-cfae4d86a4717e03-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100076-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 38, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c06d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6392
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 274ms
230ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/nation-state.json?slug=news&slug=nation-state

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dfe315a3e619981e3165fde4f5ecefd6072863de4b44d851472dfb30c8df96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "17z1n5wjnwpo1a"
age: 0
traceresponse: 00-17f6cba2c6ba25bc24db066df9d78b94-23cb4dabc01f04eb-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200050-IAD, cache-bur-kbur8200110-BUR
x-cache-hits: 163, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c0bd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6431
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 elections.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 199ms
156ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/elections.json?slug=news&slug=elections

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de3cf35d4ddd48e9e78461b5f3667f0a0c4d3e2ac5ef453e90e82beec3c5a42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "h5rgjzkz9vnlm"
age: 21
traceresponse: 00-17f6cb9fc96adf900735d6118ea54300-353c50a794f672a1-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200083-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 60, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c0dd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6199
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 technology.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 200ms
156ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/technology.json?slug=news&slug=technology

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482519e4b1eba365850c5ee9bd0690324cda75fa04b1dbc7667a0d49bdacc82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "ecpk22z2z2nz4"
age: 21
traceresponse: 00-17f6cb943a7242e163ba3af1ec8f82a6-126623f6c1a89745-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200160-IAD, cache-bur-kbur8200154-BUR
x-cache-hits: 142, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c10d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6398
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 32 KB
7 KB 210ms
167ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d5f7eeb9ab5ab885e75c34852106e819acd0ac323407da59a150cd23504d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "15obli6213kphr"
age: 21
traceresponse: 00-17f6cba2c4c4f7e3cccbcbfed638a407-1ff71bdaf834ad97-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000147-IAD, cache-bur-kbur8200172-BUR
x-cache-hits: 133, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c12d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6709
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 podcast.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 44 KB
10 KB 194ms
152ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/podcast.json?slug=podcast

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f313592d6ca20321429618acc7b45d9c5d8bd1a7a7c9371366a2c542169006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "krwjgvpvbsyn6"
age: 21
traceresponse: 00-17f6cb943d95b1fa726ffbe3ae54768a-bcc0eba69bf0db15-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100130-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 4, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c14d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 9993
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 32 KB
7 KB 194ms
152ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/subscribe.json?slug=subscribe

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d5f7eeb9ab5ab885e75c34852106e819acd0ac323407da59a150cd23504d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "15obli6213kphr"
age: 51
traceresponse: 00-17f6cba2c5f9127437d70367fc533bab-051d980e4e73f4f0-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100173-IAD, cache-bur-kbur8200022-BUR
x-cache-hits: 126, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c17d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6709
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/author/ 31 KB
7 KB 197ms
155ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/author/jonathan-greig.json?slug=author&slug=jonathan-greig

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee0078e1b04b82e456c3c9249049bfa79e555ebaa9bd6cc51f7a86bb8484a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "3k6pcmzpfzoed"
age: 45
traceresponse: 00-17f6cc4a44f073e56516c41268349e6c-d906a98376551498-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000030-IAD, cache-lax-kwhp1940093-LAX
x-cache-hits: 22, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bd6c1ad7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6559
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 17-arrested-phishing-as-a-service-takedown-iserver-europol.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 43 KB
9 KB 268ms
226ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/17-arrested-phishing-as-a-service-takedown-iserver-europol.json?slug=17-arrested-phishing-as-a-service-takedown-iserver-europol

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1ef5d60082b54a0be7ed059b5a8fa4bb4f3721ea464369d0c55df3d08b846a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "s71hzspwhhxmz"
age: 3
traceresponse: 00-17f6cb9d668c4602786a1d2c551fd93c-61b6fe1d589857b7-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000121-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 979, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd62d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8805
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 hackers-deliver-crypto-miner-through-email-auto-replies.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 39 KB
8 KB 268ms
227ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/hackers-deliver-crypto-miner-through-email-auto-replies.json?slug=hackers-deliver-crypto-miner-through-email-auto-replies

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62adae7a52a1042c5d29f427b0069b3b4b48dea63c8ef43cf351e1e30caf62f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "ts0iancf47uyx"
age: 3
traceresponse: 00-17f6cb9d6535c1b8002addd6c4fb1ac4-ed69ff702f2295a0-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000020-IAD, cache-lax-kwhp1940051-LAX
x-cache-hits: 57, 1
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd65d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8128
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 germany-seizes-vanir-ransomware-leak.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 39 KB
9 KB 287ms
247ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/germany-seizes-vanir-ransomware-leak.json?slug=germany-seizes-vanir-ransomware-leak

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b8f772c2b0231e84a60de0c1c4a7cfab25c215d93efed9021fe956ee4fb2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "166teyd4qkluun"
age: 45
traceresponse: 00-17f6cb9b735caa07e88cd8d5ccaf40a5-99b1ab52a63f690e-01
x-cache: MISS, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200127-IAD, cache-lax-kwhp1940127-LAX
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd66d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8431
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 california-enacts-law-regulating-deepfakes-election-harris.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 43 KB
9 KB 285ms
245ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/california-enacts-law-regulating-deepfakes-election-harris.json?slug=california-enacts-law-regulating-deepfakes-election-harris

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928b8c8158ea22146ab13b8a8d9acf03d0fd8e04190422fd5a39604fc31b969e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "az5a8y1kk8xn9"
age: 21
traceresponse: 00-17f6cc16042c2e77b048edf999bd46f5-75f28c9ff712f43e-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100048-IAD, cache-lax-kwhp1940076-LAX
x-cache-hits: 16, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd68d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 9333
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 north-korea-hackers-energy-aerospace.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 39 KB
9 KB 268ms
229ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/north-korea-hackers-energy-aerospace.json?slug=north-korea-hackers-energy-aerospace

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d95e7e2744839634ff0f0793896bbc5fa20246d46d8f6dfc1d9e381ebb72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "p7yc7duoxnv2e"
age: 45
traceresponse: 00-17f6cb9c51631a41e2667de99d8429f4-1347f3b1b7c13cbe-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200056-IAD, cache-lax-kwhp1940093-LAX
x-cache-hits: 483, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd6ad7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8387
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 fbi-dismantles-flax-typhoon-china-linked-botnet-wray-aspen.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 44 KB
9 KB 267ms
228ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/fbi-dismantles-flax-typhoon-china-linked-botnet-wray-aspen.json?slug=fbi-dismantles-flax-typhoon-china-linked-botnet-wray-aspen

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4404c91dce99191ca2e54ec841a58f511503eb2ccdae34de692507c6c6fc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "942pv6d717yyt"
age: 21
traceresponse: 00-17f6cb9d686a1c2275a1849f4e0ae39e-9047d3be7f404a56-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kcgs7200048-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 80, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd6cd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 9481
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 russian-cyber-firm-dr-web-suffers-cyberattack.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 39 KB
8 KB 267ms
229ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/russian-cyber-firm-dr-web-suffers-cyberattack.json?slug=russian-cyber-firm-dr-web-suffers-cyberattack

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d214e880d9388446a0eff7d8d73642e0c7327a506596fc3e6577c8b0d4852f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "13xje6xxugguyu"
age: 7
traceresponse: 00-17f6cb9c4e772715e0d868364206c511-5e748b3d95bf0688-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100122-IAD, cache-bur-kbur8200022-BUR
x-cache-hits: 30, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd6ed7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8455
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 att-13-million-fcc-settlement-data-breach.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 42 KB
9 KB 265ms
227ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/att-13-million-fcc-settlement-data-breach.json?slug=att-13-million-fcc-settlement-data-breach

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c404b7480d9da794545ec2d109a97c0868fa9a4dc1c91875b8e7ae2e94f7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "ef6cp4qfksx8k"
age: 21
traceresponse: 00-17f6cb9d6702b5dbdd7fa40816b6394c-4067e1b39288d902-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000179-IAD, cache-bur-kbur8200051-BUR
x-cache-hits: 27, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd70d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 9334
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 foundation-software-construction-industry-accounting-software-vulnerability.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/ 40 KB
9 KB 269ms
232ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/foundation-software-construction-industry-accounting-software-vulnerability.json?slug=foundation-software-construction-industry-accounting-software-vulnerability

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b361935605443caf1c540d5093962a65ca8e3973f2ba293ff430046dcf7518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "dvi98ruz09vqb"
age: 45
traceresponse: 00-17f6cb9d66d873a8f4c033a10fe555f5-ab0ff068be51ca6d-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kiad7000022-IAD, cache-lax-kwhp1940079-LAX
x-cache-hits: 53, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd75d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8651
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
173 B 853ms
246ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FIran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says&idsite=2&rec=1&r=527157&h=16&m=16&s=46&url=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&_id=a6030401f97b88b9&_idn=1&send_image=0&_refts=0&pv_id=PNh6SS&fa_pv=1&fa_fp[0][fa_vid]=rmcSkH&fa_fp[0][fa_fv]=1&pf_net=231&pf_srv=166&pf_tfr=11&pf_dm1=992&pf_dm2=1096&pf_onl=5&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://therecord.media
date: Fri, 20 Sep 2024 02:16:47 GMT
vary: X-Forwarded-Proto,User-Agent
server: Apache
access-control-allow-credentials: true

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
297 B 784ms
224ms Script
application/javascript 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=qLSrOq&url=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs

Requested by

Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a1f70075f4d69e65fb439d860c5f3c4b46206a123c179d3030260bf86d795536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=31536000
content-length: 119
content-encoding: gzip
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/javascript
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
server: Apache

GET
H2 200 government.json Show response
therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/ 30 KB
6 KB 283ms
270ms Fetch
application/json 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/tZUbWqrYcB8Fce8FCZO1K/news/government.json?slug=news&slug=government

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b0cf27dff7c8900ac7b22b5677070717c3eab5062dbd0175e46060f5cf3434b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

x-nextjs-data: 1
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
purpose: prefetch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "5kiw4igha1nzt"
age: 0
traceresponse: 00-17f6cb943b5b1328fa7ad9d28f642876-05c15bef8d218d63-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/json
x-served-by: cache-iad-kjyo7100022-IAD, cache-lax-kwhp1940146-LAX
x-cache-hits: 4, 0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=60, stale-while-revalidate
x-nextjs-matched-path: /[[...slug]]
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50bddd78d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 6445
x-nextjs-cache: HIT
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 193ms
190ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c4825e8c1ce13e37a024d9a1189d48de83bb9971d9a52cfb3abac9ada399286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 20 Sep 2024 02:16:47 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104946
date: Fri, 20 Sep 2024 02:16:47 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 8 KB
3 KB 634ms
192ms Script
application/javascript 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-199.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4512d280d6e3770022a6aced807c4b08d410ae107294c0ac19801ad24f6ef0f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

content-encoding: gzip
etag: "3fdac343b2a409e8e59493c09517ac69"
x-amz-version-id: MbzeuKlSNW9OmZUUgXztIvtYg.jH191L
expires: Fri, 20 Sep 2024 02:46:47 GMT
x-amz-cf-id: 3J3HWiQCtxAt0naEa3_29LEZDL9ULHIGjZndWyWOkBQ92kw7fUge7Q==
date: Fri, 20 Sep 2024 02:16:47 GMT
last-modified: Thu, 25 Jul 2024 13:22:42 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-content-type: application/json
cache-control: private, max-age=1800
accept-ranges: bytes
content-length: 2186
x-amz-cf-pop: JFK52-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 555ms
130ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: therecord.media
URL: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Fri, 20 Sep 2024 02:16:47 GMT
x-tw-cdn: FT
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000142-IAD
x-amz-server-side-encryption: AES256

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 2 KB
1 KB 280ms
86ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/252628.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1ee1301e58186ee93efc8cbe371d75003591c63d835ad8f13d88218f18315

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

access-control-max-age: 3600
x-request-id: a47de8ed-ac69-46b5-9399-750b62fde7ed
content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 29
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:18:17 GMT
cf-polished: origSize=2008
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:47 GMT
x-hubspot-correlation-id: a47de8ed-ac69-46b5-9399-750b62fde7ed
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Fri, 20 Sep 2024 02:15:09 GMT
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-bzf2n
cache-control: public, max-age=90
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
cf-ray: 8c5e50bee9361031-LAX
access-control-allow-origin: https://www.recordedfuture.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 ef46db3751d8e999.css Show response
therecord.media/_next/static/css/ 0
0 1ms
1ms Fetch
text/css 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://therecord.media/_next/static/css/ef46db3751d8e999.css
Requested by: Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: W/"0-190ed0ca61f"
age: 915028
traceresponse: 00-17e64a686aede156d41ee8505350b906-8c4e0acabe0565f3-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:43 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 26 Jul 2024 03:19:07 GMT
x-served-by: cache-iad-kcgs7200091-IAD, cache-bur-kbur8200103-BUR
x-cache-hits: 4339, 3
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50a669e8d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 0
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

POST
H2 204 collect
analytics.google.com/g/ 0
0 365ms
109ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je49j0v9117850958z8832426714za200zb832426714&_p=1726798605307&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1877537023.1726798607&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726798607&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&dt=Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4616
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://therecord.media
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 530ms
137ms Ping
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=1877537023.1726798607&gtm=45je49j0v9117850958z8832426714za200zb832426714&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://therecord.media
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame B074 0
0 557ms
152ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-EYNZBT8ZP2&gacid=1877537023.1726798607&gtm=45je49j0v9117850958z8832426714za200zb832426714&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1555552782

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Sep 2024 02:16:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 image
therecord.media/_next/ 9 KB
10 KB 190ms
174ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2Fmarko_polo_navigates_uncharted_waters_banner_234934df9c.jpg&w=640&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8db20caf4e136bde01d75e3259b857d0d5b4997d68f0ebf966b13070da3eccb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: 2NsgyvThNr3gHXXjJZuFfQ1bSZfWjw6-lmsTBw2j7Ms=
age: 223
traceresponse: 00-17f60cd7bcb5547b4ce52fe2c65d3083-011afff265a41eb9-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: image/webp
content-disposition: inline; filename="marko_polo_navigates_uncharted_waters_banner_234934df9c.webp"
x-served-by: cache-iad-kjyo7100027-IAD, cache-lax-kwhp1940041-LAX
x-cache-hits: 72, 0
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=300, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50c27d5ad7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 9474
x-nextjs-cache: MISS
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 image
therecord.media/_next/ 8 KB
9 KB 187ms
172ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2FMain_Feature_10_4f68d72891.jpg&w=640&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5291945f12087b56ed1c45238958a2d3435ff5e98d27163d129c87cf1d8c00af

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: UpGUXxIIe1btHEUjiVii00Nf9emNJxY9EpyHzx2MAK8=
age: 223
traceresponse: 00-17f55b1799f5b72c6072cf45d2fcd543-14345e8101c34990-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: image/webp
content-disposition: inline; filename="Main_Feature_10_4f68d72891.webp"
x-served-by: cache-iad-kcgs7200139-IAD, cache-lax-kwhp1940119-LAX
x-cache-hits: 1003, 0
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=300, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50c27d5bd7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 8586
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 image
therecord.media/_next/ 14 KB
15 KB 190ms
175ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2FMain_Feature_1_8737d57c1c.webp&w=640&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040b4135ea77e676c744f8a6ae7129e76f5d413c76abdfcf475f3cd26f366f23

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: BAtBNep35nbHRPimrnEp529dQTx2q9-PR1880m82byM=
age: 223
traceresponse: 00-17f6924b3db3bc00e26317b8f17f014d-8a2d95893cd2781e-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: image/webp
content-disposition: inline; filename="Main_Feature_1_8737d57c1c.webp"
x-served-by: cache-iad-kcgs7200178-IAD, cache-bur-kbur8200110-BUR
x-cache-hits: 1277, 0
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=300, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50c27d60d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 14806
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 image
therecord.media/_next/ 6 KB
6 KB 188ms
173ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fformat_webp%2FBLOG_fta_2024_0829_Main_Feature_b07e27eef9.jpg&w=640&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e3513ae0324c5f7d4fd5ff487db47c4eced5c3d2dca8056047212f69a6b870

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: 0eNROuAyTF99T9X-SH20fE7O1cPS3KgFYEchL2mmuHA=
age: 72
traceresponse: 00-17f5a429116f317f4fd22adb7d757f71-0fcd63caebd60ef9-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: image/webp
content-disposition: inline; filename="BLOG_fta_2024_0829_Main_Feature_b07e27eef9.webp"
x-served-by: cache-iad-kjyo7100171-IAD, cache-lax-kwhp1940093-LAX
x-cache-hits: 11242, 0
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=300, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50c27d62d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 5708
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 image
therecord.media/_next/ 17 KB
17 KB 185ms
171ms Image
image/webp 2606:4700:4400::6812:2a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fgreencharlie_infrastructure_linked_us_political_campaign_targeting_07328802cc.webp&w=640&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-7af7d5359a6145de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a738912d33aa54526bfc44293f6040c4c7541957a83c3ec71c4807c604bb99a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs

Response headers

cf-cache-status: DYNAMIC
etag: pziRLTOqVFJr-EQpP2BAxMdUGVeoPD7HHEgHxgS7mag=
age: 72
traceresponse: 00-17f5c71aff45faa4df22fa2280be38b9-16a7a1932cfbe1f3-01
x-cache: HIT, HIT
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: image/webp
content-disposition: inline; filename="greencharlie_infrastructure_linked_us_political_campaign_targeting_07328802cc.webp"
x-served-by: cache-iad-kjyo7100057-IAD, cache-bur-kbur8200022-BUR
x-cache-hits: 456, 0
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=300, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5e50c27d64d7a8-LAX
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
accept-ranges: bytes
access-control-allow-origin: *
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
content-length: 16914
x-nextjs-cache: STALE
server: cloudflare
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y

GET
H2 200 adsct
t.co/1/i/ 43 B
627 B 484ms
151ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1add24e4-9d27-4a69-b09d-c60aefad2c0c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ebddc9ce-6c34-4082-b45e-42ff9126e164&tw_document_href=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&tw_iframe_status=0&txn_id=odgcz&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 97f0aaec01469a14
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4c6a174f56ac693f0e5ccc4e84250db019f4a55440e9e3cbd8d46deb0692bcb1
cf-cache-status: DYNAMIC
cf-ray: 8c5e50c4af600900-LAX
x-response-time: 11
content-length: 43
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_p

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 432ms
103ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1add24e4-9d27-4a69-b09d-c60aefad2c0c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ebddc9ce-6c34-4082-b45e-42ff9126e164&tw_document_href=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&tw_iframe_status=0&txn_id=odgcz&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 39de7abe7c3c8fdc
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e6c66115687074f08bec6213c84dfd4f0aa54ff4c22005bb34bca68e24ece3fd
x-response-time: 7
content-length: 43
date: Fri, 20 Sep 2024 02:16:48 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_p

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 201ms
166ms Script
application/javascript 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2ac314870072e1aad5c1c2c1ebb9ba542bf1a9df18963c2c4f1d8fcab8711bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: private, proxy-revalidate, max-age=10800
content-encoding: gzip
etag: "66e78018-111cd"
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 05:16:47 GMT
accept-ranges: bytes
content-length: 18822
date: Fri, 20 Sep 2024 02:16:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
last-modified: Mon, 16 Sep 2024 00:47:20 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 402ms
86ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/

Response headers

x-request-id: 44c9d99d-fa6c-421b-94e1-c3d158bf18c1
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 7DwgQA9YoOwDB6Raj9_RIwKNzf1Sd5R0
etag: W/"edf91c1320ba2916398ed791b63187bc"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
age: 12
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7RhnGR3TKuqMo%2Bf%2BkG2NAaVayXjwLFAXMtW5JA5ENmMsw0dfyJfXCkXUtVyNxc2KO2v48Ti%2Fi40mPB8DZczVfCxF0BpBuRVgGYYs5BUv%2B6yba2uFlBIdQjAB%2FPxWSr%2Fkyu0QJbjD3yW0Zfe"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: ukOeTrAMPN4u9wzrZI2dhgxvI33UfEKQMGKzUqJJ_pG86rVdfe7sQA==
x-hubspot-correlation-id: 44c9d99d-fa6c-421b-94e1-c3d158bf18c1
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Aug 2024 20:01:26 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-7n5lj
x-envoy-upstream-service-time: 44
x-hs-target-asset: web-interactives-embed/static-2.1426/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Fri, 20 Sep 2024 02:16:48 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1426/bundles/project.js&cfRay=8ba6e5d77d22ba2e-DFW
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
cf-ray: 8c5e50c48add5245-LAX
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 399ms
80ms Script
application/javascript 2606:4700::6812:8c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1233a49c4ecec12fed969bc83cd6ba59d8b2b88bef31988d9384f7e54c42e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://therecord.media
Referer: https://therecord.media/

Response headers

x-request-id: 999613d0-f6dd-482d-9ddc-0529e6ffce6c
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: WgPQEOT.QDI5zKnRYhaKsuHqDz44RIEz
etag: W/"7d65c542c3a53442feef1a0f44071183"
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age: 60750
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: qeO9HCPg82ZRUxG1_Zab0rbfiXrsOSYI7B5v6xjAgRlO_XwGDC7FJg==
x-hubspot-correlation-id: 999613d0-f6dd-482d-9ddc-0529e6ffce6c
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Sep 2024 08:49:54 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-9np49
x-envoy-upstream-service-time: 41
x-hs-target-asset: lead-flows-js/static-1.1627/bundle/main/lead-flows-release.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Fri, 20 Sep 2024 02:16:48 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1627/bundle/main/lead-flows-release.js&cfRay=8c1ea5f5eafa7be9-SJC
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-ray: 8c5e50c4af917c7f-LAX
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1726798500000/ 69 KB
25 KB 405ms
88ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1726798500000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59fc82d994a33a650be64d5d091a9c951c4e114046bea78c51f3d34771a60831

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: d5197dea-5aed-4505-9a92-a82e947b4955
content-encoding: gzip
cf-cache-status: HIT
etag: W/"977b8413a12b20c958fcddacd7be9248"
x-amz-version-id: null
age: 28
expires: Fri, 20 Sep 2024 02:20:11 GMT
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: d5197dea-5aed-4505-9a92-a82e947b4955
content-type: text/javascript
last-modified: Mon, 09 Sep 2024 20:16:45 GMT
vary: origin, Accept-Encoding
x-amz-id-2: aF7Sm8E+YifLvimvLqYm+A+9qVqTxKkol83Ku1qYuac11O6wkEY+G4/7Od6H3jHMyZvQ47ylLqPa87FdBL418Y4LT675N0ua
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-d9dbd
x-envoy-upstream-service-time: 28
access-control-allow-credentials: false
x-amz-request-id: JGEMAJDVXM5D9CBQ
cf-ray: 8c5e50c4ab85316f-LAX
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 252628.js Show response
js.hs-banner.com/ 62 KB
19 KB 397ms
84ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb12bb49b914abebe510f3db1d251c4f716a6bc7d756d3cec1e86a3ff5c22d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 6a014048-9cb8-4f57-8c76-936b205049a1
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c52f58bd4ec4f3ccbcb2164c8210fcc7"
x-amz-version-id: GAPviEB0_qVTRwAgcciO.APQcIZeYu3z
age: 126
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Fri, 20 Sep 2024 02:18:21 GMT
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: 6a014048-9cb8-4f57-8c76-936b205049a1
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 26 Jun 2024 15:57:47 GMT
vary: origin, Accept-Encoding
x-amz-id-2: xhXHGgZNx7MLJCPzKJT/0EQVlyUOc6KEsPwN1IhbxBBVXbO5g1HJOJBIkdhH8VzuC0cO6fS1BLc=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-gkljw
x-envoy-upstream-service-time: 50
access-control-allow-credentials: true
x-amz-request-id: CVTFW2YG5XJ32NTF
cf-ray: 8c5e50c49957529b-LAX
access-control-allow-origin: https://therecord.media
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
702 B 474ms
167ms XHR
application/json 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.244; 162.245.206.244; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://therecord.media
an-x-request-uuid: 5262cca7-0b38-441b-8b13-cb267eeb6c7b
content-length: 11
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 20 Sep 2024 02:16:48 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 / Show response
c.6sc.co/ 7 B
192 B 139ms
136ms XHR
text/html 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-199.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: https://therecord.media
content-length: 7
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: text/html
access-control-allow-headers: *

GET
H2 200 / Show response
ipv6.6sc.co/ 18 B
308 B 471ms
166ms XHR
text/html 2600:141b:1c00:2e::17d1:48c5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c5 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8f908e9df5b54233e81476beca89f1587a0158cd77602fd1bf082d5ac6e054e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
pragma: no-cache
6si-ipv6: 2a04:c604:615:1::5
expires: Fri, 20 Sep 2024 02:16:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726798608326_399550021_2029695256_13_598_134_149_219";dur=1
access-control-allow-origin: https://therecord.media
content-length: 18
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: text/html
vary: Origin

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 173ms
168ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=252628&currentUrl=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 2e6d18a4-8718-4752-ac33-7e4c38808002
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0j0c5AeqgcgBbbvienELoqVSwUEgpXD3rG5baLIAYThRgoTNDa1BW5DKhWH6gcUWYuYxo4pwX97bpQsH7aqTPjUpr046mowSViE%2B5IR3b0Bp5kP2VTDvfvhKrCa%2FvqjJbeAGAJ7UT6xioLFGiI8brADYk0CvoQo45g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: 2e6d18a4-8718-4752-ac33-7e4c38808002
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hrcvg
x-envoy-upstream-service-time: 11
access-control-allow-credentials: true
cf-ray: 8c5e50c58c015245-LAX
access-control-allow-origin: https://therecord.media
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 518ms
228ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3381463866&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pu=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&t=Iran+backdoors+planted+across+Middle+East+telecoms%2C+government+agencies%2C+Google+says&cts=1726798608284&vi=108c5c56206dd7aded0da992f68cef79&nc=true&u=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&b=156209188.1.1726798608243&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: none
x-request-id: 486f824e-4fb1-4b5b-9485-e97a6fac1067
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4Qwq04mZ0GFcdQxJNVV5iy8AOtlRWKIGBSq3vg76fF2hocMmEW0qpR%2FJk0uw8ZkOkCANl3V76a%2F5cbqJYSOh5rsHwLAuiqC6V7GJ6Z89DjxQYMr%2B1JNfuiMdNGra1sRnTmu52OOpVFuD8HfUTn9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: 486f824e-4fb1-4b5b-9485-e97a6fac1067
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-lt4mz
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8c5e50c7cdd58406-LAX
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 770 B
722 B 390ms
84ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 4a13220db50232d4dbf1de40e0bc8b49f0a1dbd6888a59cd07982a039f3d0dfe

Request headers

Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
X-6s-CustomID: WebTag 64dc3ec5-330c-4652-88d3-147ee65e90ba
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers: X-6si-Region
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-encoding: gzip
x-6si-region: us-west-1a
access-control-allow-credentials: true
x-trace-id: 6435657609869021553
access-control-allow-origin: https://therecord.media
content-length: 405
date: Fri, 20 Sep 2024 02:16:49 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: nginx

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 354ms
77ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Fri, 20 Sep 2024 02:16:48 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-west-1a
x-trace-id: 918921252825890790

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 206ms
202ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "5e502810-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:48 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: image/gif
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 207ms
204ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f020a0-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:48 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
927 B 291ms
186ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: none
x-request-id: b69ce2c6-0ba0-41f1-ae25-4991087f3d0d
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: b69ce2c6-0ba0-41f1-ae25-4991087f3d0d
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Fri, 20 Sep 2024 02:16:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hss8z
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8c5e50c74e3d6892-SJC
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 368ms
219ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=108c5c56206dd7aded0da992f68cef79&__hstc=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&__hssc=156209188.1.1726798608243&currentUrl=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9002a7fb817db40611771e9fd4bc971846eb20eecdc3ebbfd80967608c7fa63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: c33f31a6-2780-4915-9210-e54e39003fcb
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0yjvOSuMyxng7J929XH3zpWwtVzIzlScTZUJjFsTdasPgBMlDjyYU7DvMnTXEUMyP2iFkokgpo3ph9dk%2BLNJv7kBO%2FozmkaWB0SwPmkGyDqfsy0obLhwe%2FSqcS28BVbkMe6SIoNcISRPEjpmQfz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_https
date: Fri, 20 Sep 2024 02:16:48 GMT
x-hubspot-correlation-id: c33f31a6-2780-4915-9210-e54e39003fcb
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-57rnd
x-envoy-upstream-service-time: 37
access-control-allow-credentials: false
cf-ray: 8c5e50c7de855245-LAX
access-control-allow-origin: https://therecord.media
x-evy-trace-route-configuration: listener_https/all
content-length: 1169
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 223ms
207ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=ipv6&q=%7B%22address%22%3A%222a04%3Ac604%3A615%3A1%3A%3A5%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "5e502810-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:48 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:48 GMT
content-type: image/gif
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
457 B 247ms
172ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3381463866&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pu=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&t=Iran+backdoors+planted+across+Middle+East+telecoms%2C+government+agencies%2C+Google+says&cts=1726798608905&vi=108c5c56206dd7aded0da992f68cef79&nc=true&u=156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1&b=156209188.1.1726798608243&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: none
x-request-id: d0707189-3368-4df2-97f3-ae009051a9f8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OB7RDLf2iRQt1o9wEVPJMguCUrYRO5LjWHmgGKIdSrC5kdGJNlPhFqC%2BPqhxmnLO831miWnhhhIcT5w9HKgBxyiwk2lzyhsnZVY5N%2BA3VcfV4Hp4NWFetedbvbc%2BTN8bsJwDIZlPncq5pnaCvOEg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Fri, 20 Sep 2024 02:16:49 GMT
x-hubspot-correlation-id: d0707189-3368-4df2-97f3-ae009051a9f8
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-x6xlw
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8c5e50ca48348406-LAX
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 195ms
130ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A48%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f02dad-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:49 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:49 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 787ms
107ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "f5c3d1b581a50e5c3637310137a43f0e"
age: 550216
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u02KMKJfzjRD57Gr2YDdPzJLW%2BP54Cpklv2apA5Fl%2FTnv3xKYc1MMq5N7IsAnoRl5Q4rC2KvTDPuZ10sF6ZifhBHsU1Ltd6lzL2MLe8wEemFUKWQRWAx9vOBoF%2Fov93GYSvGzDJVQmPLhy%2BG5VrY2GypBA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 5fUDZd5KWlu18m4Oi-XBVFkC6EEWyu6GF5SATeZvwU2D3pkpCWZFCg==
content-type: image/webp
content-disposition: inline; filename="iphone-cd1.webp"
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 2RKPBQFR93J8V4MA
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
content-length: 85082
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=229013
date: Fri, 20 Sep 2024 02:16:50 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: IjSJDt5tDd1EI0EWoujwNlA8/8M6P5aR2aKPDPrbKbvwFSZmOR/71izgkCWz2mktUakIQaibZNKj6LcPppGaT8Xm3ax0YsQo
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 d5f067e387bd572daf470377271a020a.cloudfront.net (CloudFront)
cf-ray: 8c5e50d459721009-LAX
access-control-allow-origin: *
x-amz-cf-pop: LAX50-P3
x-amz-meta-created-unix-time-millis: 1674144065940

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 200ms
188ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A49%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222006%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f02dad-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:50 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:50 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 199ms
189ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "5e502810-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:50 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:50 GMT
content-type: image/gif
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 230ms
209ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A50%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%223009%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "5e502810-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:51 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:51 GMT
content-type: image/gif
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 192ms
191ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A52%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A51%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224010%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f02dad-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:52 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:52 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 165ms
164ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A53%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A52%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225010%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "63f020a0-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:53 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:53 GMT
content-type: image/gif
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 176ms
175ms Image
image/gif 23.196.3.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=2f81de3f-87e6-4d0c-8f45-453090d2d07e&session=5a5a5139-2c85-47ac-8575-178692549ea2&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A54%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Sep%202024%2002%3A16%3A53%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226011%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyber%20operation%20housed%20within%20Iran%E2%80%99s%20Ministry%20of%20Intelligence%20and%20Security%20(MOIS)%20has%20become%20a%20sophisticated%20initial%20access%20broker%20for%20the%20country%E2%80%99s%20hackers%2C%20providing%20persistent%20entry%20to%20the%20systems%20of%20telecommunications%20and%20government%20organizations%20across%20the%20Middle%20East.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iran%20backdoors%20planted%20across%20Middle%20East%20telecoms%2C%20government%20agencies%2C%20Google%20says%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firan-backdoors-planted-across-middle-east-telecoms-government-orgs&pageViewId=2f1308f7-7a34-469d-85f1-1d22557c08dc&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&ipv6=2a04%3Ac604%3A615%3A1%3A%3A5&v=1.1.27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.199 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-199.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://therecord.media/

Response headers

cache-control: max-age=0, no-cache, no-store
etag: "615ccf10-2b"
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 02:16:54 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 20 Sep 2024 02:16:54 GMT
content-type: image/gif
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-21 09:05:53	Name: _pk_id.2.de70 Value: a6030401f97b88b9.1726798607.
.therecord.media/	1970-01-20 23:40:00	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-21 09:15:58	Name: _ga_EYNZBT8ZP2 Value: GS1.1.1726798607.1.0.1726798607.60.0.0
.therecord.media/	1970-01-21 09:15:58	Name: _ga Value: GA1.1.1877537023.1726798607
.doubleclick.net/	1970-01-20 23:39:59	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-21 09:15:58	Name: guest_id_marketing Value: v1%3A172679860812658896
.twitter.com/	1970-01-21 09:15:58	Name: guest_id_ads Value: v1%3A172679860812658896
.twitter.com/	1970-01-21 09:15:58	Name: personalization_id Value: "v1_vnNHQckVqRg7hjN7YB9S2Q=="
.twitter.com/	1970-01-21 09:15:58	Name: guest_id Value: v1%3A172679860812658896
.t.co/	1970-01-21 09:15:58	Name: muc_ads Value: 99fc674f-89ba-4a84-98a0-0ca63371f9ed
.t.co/	1970-01-20 23:40:00	Name: __cf_bm Value: 4r2yzbCmy5welZ8aAmKqSj21koNEk4v8rBL.X7w4DKM-1726798608-1.0.1.1-HmHXst.zN65jsqBUdhw7G_tlo2g.U4JPrvQ1REti4htpSnqaXBSYiFwRxXDfOdzH3HtwV1lQa7yWZle1CL3x6A
.therecord.media/	1970-01-21 03:59:10	Name: __hstc Value: 156209188.108c5c56206dd7aded0da992f68cef79.1726798608243.1726798608243.1726798608243.1
.therecord.media/	1970-01-21 03:59:10	Name: hubspotutk Value: 108c5c56206dd7aded0da992f68cef79
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 23:40:00	Name: __hssc Value: 156209188.1.1726798608243
therecord.media/	1970-01-21 09:15:58	Name: _gd_visitor Value: 2f81de3f-87e6-4d0c-8f45-453090d2d07e
therecord.media/	1970-01-20 23:40:13	Name: _gd_session Value: 5a5a5139-2c85-47ac-8575-178692549ea2
.adnxs.com/	1970-01-21 09:15:58	Name: receive-cookie-deprecation Value: 1
therecord.media/	1970-01-20 23:50:03	Name: _an_uid Value: 0
.hsforms.com/	1970-01-20 23:40:00	Name: __cf_bm Value: _L1v0NWp9GhE._c9EZEZ3LLCShGO_CUQLhi8Xkb_hrI-1726798608-1.0.1.1-GtFMWhh8_M11q6_RmWF.JJdzssPIHdm.ttDdxBXNtsgd5ykiGS_ETi5Nsw.LoKdbGmdnd7xrH2VqX2kUMC40Cg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3Ol_F1wgXTc7t8kuFVN.mEJjmWI_PkRwoSskdxx2L3c-1726798608632-0.0.1.1-604800000
.hubspot.com/	1970-01-20 23:40:00	Name: __cf_bm Value: Vus3LLS7yo73trYekhQ7BL0Gl3FH.H8Bt4vUB2GA3UI-1726798608-1.0.1.1-1Au0bJqy_gHYPE73BbZqJ0zez_YyYQ.mO0EHeBuVAJM596ThNW1ODBkgo2bzEEPkeBPx99PLEbNR_sjQoZ85Sg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: MoKKeucW6PBz.KR83nunJOo3dR9M__8jPRrj_S6mBTs-1726798608708-0.0.1.1-604800000
.go.recordedfuture.com/	1970-01-20 23:40:00	Name: __cf_bm Value: hWK3EwEluGrWAeSqb2H6ClwmQJsH5PBZRwe.5wOoToA-1726798610-1.0.1.1-dYCyp2fglU8PJm3sHzCPDyDR.DVTCOM70SKuvoKut4mO.6AAtjYdPsvVi9nFxYdQaLQX8Tq.X97C8mJJV5ZRNw
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 8c39cc26c23feda61da191658083820efb106668-1726798610

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
cta-service-cms2.hubspot.com
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
perf-na1.hsforms.com
recordedfuture.matomo.cloud
secure.adnxs.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
therecord.media
track.hubspot.com
www.googletagmanager.com
www.recordedfuture.com
104.19.175.188
104.244.42.131
146.75.28.157
162.159.140.229
172.64.152.166
18.157.122.248
2001:4860:4802:36::181
23.196.3.199
2600:141b:1c00:2e::17d1:48c5
2600:9000:24f0:6000:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700:4400::6812:2a1e
2606:4700:4400::ac40:91e2
2606:4700:4400::ac40:9310
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6812:8c11
2607:f8b0:4004:c06::9a
2607:f8b0:4006:816::2008
2607:f8b0:4006:822::2002
68.67.160.114
76.223.9.105
040b4135ea77e676c744f8a6ae7129e76f5d413c76abdfcf475f3cd26f366f23
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
06593006802f743f99cf26faacf9edbec0510accd5c61d400436e07574084344
0dfe315a3e619981e3165fde4f5ecefd6072863de4b44d851472dfb30c8df96b
0fb1ee1301e58186ee93efc8cbe371d75003591c63d835ad8f13d88218f18315
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
126ca9ae6d21168ede8d388a12b6341a1ed981dd3f54bccc0626eaab63339c1b
1cd1cca3aebcdd10c33d713a95479909354ddbc5d5ad9761466ac27ea528895d
1f4a34cc6ed10cb463969c27a067149ff5b69edb0fa2f75d6d208bfada1236ec
208bd37f7578004573c5ad462d6e49f515f6af11590256fc46e0960853c286c8
2a556bb8aa9882588015e98851122197a30e1177c25d442a9bdb62ef5229f6f2
2ac314870072e1aad5c1c2c1ebb9ba542bf1a9df18963c2c4f1d8fcab8711bde
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
385a7e73c66914ef1a417e1fb0a32945621a3386ee108a167f88e5d8492b2723
41f8fd9e900f271ec01f92c5765d87063008cf924146ebaed661bac4a2b36df8
44b8f772c2b0231e84a60de0c1c4a7cfab25c215d93efed9021fe956ee4fb2a4
44d67f420e330a9318e4260095b42f5c865da44bcd52b0a72cf8d367956f0e49
450d4d7ecf5b8d79e47f130f9ff020bc90040349446082e25c94610a8a0c7d0b
4512d280d6e3770022a6aced807c4b08d410ae107294c0ac19801ad24f6ef0f5
482519e4b1eba365850c5ee9bd0690324cda75fa04b1dbc7667a0d49bdacc82b
4a13220db50232d4dbf1de40e0bc8b49f0a1dbd6888a59cd07982a039f3d0dfe
4b1e7dbbeac9332654513f395b1e3d6cf019f790b9ddaaca904826fcf361d7a8
4c4825e8c1ce13e37a024d9a1189d48de83bb9971d9a52cfb3abac9ada399286
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5291945f12087b56ed1c45238958a2d3435ff5e98d27163d129c87cf1d8c00af
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
57593d7b0b85c475360e68e67da8a58114ea145017774f594393fc74b13f9c87
58d214e880d9388446a0eff7d8d73642e0c7327a506596fc3e6577c8b0d4852f
59201e1aa1781ca066e8ade81005960230e8c6d9ca3dd16843d9f3ce651535f0
59fc82d994a33a650be64d5d091a9c951c4e114046bea78c51f3d34771a60831
62adae7a52a1042c5d29f427b0069b3b4b48dea63c8ef43cf351e1e30caf62f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
726623cea9a9a1a3a4a06ca3178dfbf28880943f7bc88d1662dffa8787da7c6e
7d1e4da46e65ade35e0017500907b2d3bc738bb33b10266f679f2113cc56861c
80c404b7480d9da794545ec2d109a97c0868fa9a4dc1c91875b8e7ae2e94f7d5
81cefd6082a032f20375367957746510e7cc25b4bcbb693d7ee21627bc95427b
8ee0078e1b04b82e456c3c9249049bfa79e555ebaa9bd6cc51f7a86bb8484a88
8f8c05d914af64d5f1297f92a272a852ad3e1c13081331aa6b7240d853ea4532
8f908e9df5b54233e81476beca89f1587a0158cd77602fd1bf082d5ac6e054e4
9002a7fb817db40611771e9fd4bc971846eb20eecdc3ebbfd80967608c7fa63f
90360297b6fe39f50d3a404b0d4ac3bb9a2a5d822b1e13469d63f75208645d1e
926baaf8f65dfcca43c33cbb5a7d83e47b50b3ed04361d08db89ecee6b923448
928b8c8158ea22146ab13b8a8d9acf03d0fd8e04190422fd5a39604fc31b969e
9b0cf27dff7c8900ac7b22b5677070717c3eab5062dbd0175e46060f5cf3434b
9d95e7e2744839634ff0f0793896bbc5fa20246d46d8f6dfc1d9e381ebb72736
a1f70075f4d69e65fb439d860c5f3c4b46206a123c179d3030260bf86d795536
a738912d33aa54526bfc44293f6040c4c7541957a83c3ec71c4807c604bb99a8
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad3107d855114d1d82f38a7815a45fce788901a46c513a32836a8a8fb3c3087b
b47f5f64e6f2598727b12ff0dd03d25e360118e3905d30df10b59a6350406f22
bb4404c91dce99191ca2e54ec841a58f511503eb2ccdae34de692507c6c6fc79
c1233a49c4ecec12fed969bc83cd6ba59d8b2b88bef31988d9384f7e54c42e20
c21799daa444376f341e8eb25a170b3e7d1805e81790531faf3e2c0f9a74d697
c3cc9d71ed187139311e229642474c0bbe1457e07f285ba87a9e562f9c217054
c5b361935605443caf1c540d5093962a65ca8e3973f2ba293ff430046dcf7518
c8d5f7eeb9ab5ab885e75c34852106e819acd0ac323407da59a150cd23504d43
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1e3513ae0324c5f7d4fd5ff487db47c4eced5c3d2dca8056047212f69a6b870
d6a3db8fc57bcda285f5b3f4a160720f6f5d04b78ed3721ac15747cc302093ed
d7f313592d6ca20321429618acc7b45d9c5d8bd1a7a7c9371366a2c542169006
d8c719384b4d90a2bd2b288e985639991ad93c4f4b27e25af02d7cf300e3113e
d8db20caf4e136bde01d75e3259b857d0d5b4997d68f0ebf966b13070da3eccb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3cf35d4ddd48e9e78461b5f3667f0a0c4d3e2ac5ef453e90e82beec3c5a42c
dfb12bb49b914abebe510f3db1d251c4f716a6bc7d756d3cec1e86a3ff5c22d2
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f2652ec0a1c414536e827490d5b952f8561976959f40752432ddfb17096581ab
f8837339f39b4de89bcdc5b4705e44d0007a8728881c70d1010f9973dff06306
f8c7075dcdc0187a60dcc65cc4e5ced72d750721b3da7538f8f60d037f750507
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1ef5d60082b54a0be7ed059b5a8fa4bb4f3721ea464369d0c55df3d08b846a

therecord.media Open in urlscan Pro 2606:4700:4400::6812:2a1e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

61 %IPv6

18 Domains

28 Subdomains

23 IPs

3 Countries

1781 kBTransfer

5783 kBSize

25 Cookies

22 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700:4400::6812:2a1e Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

61 %
IPv6

18
Domains

28
Subdomains

23
IPs

3
Countries

1781 kB
Transfer

5783 kB
Size

25
Cookies

95 HTTP transactions
0 data transactions