therecord.media Open in urlscan Pro
151.101.194.216 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
Submission: On April 17 via api (April 17th 2023, 2:10:05 am UTC) from TR — Scanned from DE

Summary HTTP 83 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 83 HTTP transactions. The main IP is 151.101.194.216, located in United States and belongs to FASTLY, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 352226.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	151.101.194.216 151.101.194.216	54113 (FASTLY) (FASTLY)
6	34.74.8.155 34.74.8.155	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:212... 2600:9000:2127:3c00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.66 104.18.6.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:22::1726:62ee	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	3.67.117.144 3.67.117.144	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:893b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7f6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:89ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
83	18

33 151.101.194.216 (United States)

ASN54113 (FASTLY, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.74.8.155 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 155.8.74.34.bc.googleusercontent.com

cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:3c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.66 (None, )

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:22::1726:62ee (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.67.117.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-117-144.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:893b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7f6e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	therecord.media therecord.media — Cisco Umbrella Rank: 352226 cms.therecord.media — Cisco Umbrella Rank: 905621	2 MB
21	6sc.co j.6sc.co — Cisco Umbrella Rank: 5703 c.6sc.co — Cisco Umbrella Rank: 8420 ipv6.6sc.co — Cisco Umbrella Rank: 6051 b.6sc.co — Cisco Umbrella Rank: 4247	23 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
4	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9857	1 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 20257 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 801889	67 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2159 forms.hubspot.com — Cisco Umbrella Rank: 4177	3 KB
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 440435 go.recordedfuture.com — Cisco Umbrella Rank: 302193	152 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2025	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2034	16 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3979	87 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2171	892 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 424	811 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	54 KB
83	13

	Domain	Requested by
33	therecord.media	therecord.media
14	b.6sc.co	therecord.media
6	cms.therecord.media	therecord.media
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com therecord.media
4	epsilon.6sense.com	j.6sc.co
3	c.6sc.co	j.6sc.co
2	track.hubspot.com
2	ipv6.6sc.co	j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	j.6sc.co	www.googletagmanager.com therecord.media
2	cdn.matomo.cloud	therecord.media
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	secure.adnxs.com	j.6sc.co
1	www.recordedfuture.com	therecord.media
1	www.googletagmanager.com	therecord.media
83	20

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
www.cornwallhospital.ca
www.cbc.ca
www.wgem.com
ocrportal.hhs.gov
www.instagram.com

Subject Issuer	Validity	Valid
therecord.media R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
cms.therecord.media R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-02-13` - `2023-06-29`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
Frame ID: D15DD9B673EC0CF4EA4076D7D438B293
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyberattack causing treatment delays at Canadian hospital

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

83
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

2783 kB
Transfer

5813 kB
Size

16
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%20https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario&title=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario&t=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital

Search URL Search Domain Scan URL

URL: https://www.cornwallhospital.ca/en/newsroom?newsid=18557
Title: said

Search URL Search Domain Scan URL

URL: https://www.cornwallhospital.ca/en/newsroom?newsid=18555
Title: released

Search URL Search Domain Scan URL

URL: https://twitter.com/BrettCallow/status/1645808829781929986
Title: was hit

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/news/canada/montreal/hydro-quebec-website-cyberattack-1.6808947
Title: Hydro-Québec

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/news/canada/nova-scotia/port-halifax-montreal-cyberattack-website-1.6808370
Title: Halifax

Search URL Search Domain Scan URL

URL: https://www.cbc.ca/news/politics/cse-cyber-attack-ukranian-visit-1.6806709
Title: said

Search URL Search Domain Scan URL

URL: https://www.wgem.com/2023/04/12/culbertson-memorial-critical-systems-fully-restored-after-cyber-attack/
Title: managed

Search URL Search Domain Scan URL

URL: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
Title: Dozens of attacks

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/joker-dpr-and-the-information-war?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: Joker DPR and the Information WarJoker DPR and the Information War

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/with-keyplug-chinas-redgolf-spies-on-steals-from-wide-field-targets?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of TargetsWith KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russian-sanctions-evasion-puts-merchants-banks-risk?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: Russian Sanctions Evasion Puts Merchants and Banks at RiskRussian Sanctions Evasion Puts Merchants and Banks at Risk

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/irs-cyberattack-highlights-risk-of-tax-refund-fraud?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: IRS Cyberattack Highlights Risk of Tax Refund FraudIRS Cyberattack Highlights Risk of Tax Refund Fraud

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/on-ukraine-china-prioritizes-international-ambitions?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: On Ukraine, China Prioritizes Its International AmbitionsOn Ukraine, China Prioritizes Its International Ambitions

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&__hsfp=287657573
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request canadian-hospital-treatment-delays-cyberattack-ontario Show response
therecord.media/ 38 KB
9 KB 187ms
155ms Document
text/html 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Next.js

Resource Hash

4c7f855160b6303be193b6cb3264626cd3319875129e3764a96961a067f0f928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: s-maxage=60, stale-while-revalidate
content-encoding: gzip
content-length: 8195
content-type: text/html; charset=utf-8
date: Mon, 17 Apr 2023 02:09:59 GMT
etag: "9730-ZCRmFrjhqUbTyrTajok4XAH2b48"
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
strict-transport-security: max-age=31557600
traceresponse: 00-1756725cd2c6182e455b4755353262ad-14467fb94dc7ffd4-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 13, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kiad7000168-IAD, cache-hhn-etou8220054-HHN

GET
H2 200 hospital_operating_room_180fa841e3.png
cms.therecord.media/uploads/ 298 KB
299 KB 365ms
104ms Image
image/png 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/hospital_operating_room_180fa841e3.png?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

Resource Hash

238fbffb3c24f8264ac3e7078b71002b001535821e2b4f1f76e2bba929468b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
strict-transport-security: max-age=0
last-modified: Fri, 14 Apr 2023 16:58:04 GMT
traceresponse: 00-175696e008fa44f24cec0e9d214a9b59-7777d466812c0a92-00
etag: "6439861c-4a8ac"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/png
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
content-length: 305324
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Mon, 17 Apr 2023 02:14:59 GMT

GET
H2 200 T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg
cms.therecord.media/uploads/ 52 KB
53 KB 466ms
205ms Image
image/jpeg 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

Resource Hash

e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
strict-transport-security: max-age=0
last-modified: Mon, 06 Mar 2023 21:07:55 GMT
traceresponse: 00-175696e008fab937f75e31b5b3c21afc-0b8f6b8a602f9e1e-00
etag: "6406562b-d16c"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
content-length: 53612
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Mon, 17 Apr 2023 02:14:59 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 550ms
311ms Image
image/svg+xml 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: br
strict-transport-security: max-age=0
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
traceresponse: 00-175696e008facbd22e987a7f66d22536-42c64bd674f9d236-00
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Mon, 17 Apr 2023 02:14:59 GMT

GET
H2 200 1c961ab38b917749.css
therecord.media/_next/static/css/ 53 KB
10 KB 7ms
7ms Stylesheet
text/css 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/1c961ab38b917749.css

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51fd18749afc27e1809dddc215120cc9d95ef9420f7c7ca446c632ee892c26c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2868497
traceresponse: 00-174c65fe015a3b7b620d9c996943dd8a-5b639721095c28a5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 9573
x-served-by: cache-iad-kjyo7100153-IAD, cache-hhn-etou8220054-HHN
last-modified: Tue, 14 Mar 2023 15:46:11 GMT
etag: W/"d26e-186e0ccec5e"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 8147, 1

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 10ms
7ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2231332
traceresponse: 00-174ea97d7024369f25b1aec984a922b6-60ca5ef22234b964-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 840
x-served-by: cache-iad-kjyo7100179-IAD, cache-hhn-etou8220054-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"673-187000f2ed4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7822, 1

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 10ms
8ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2264713
traceresponse: 00-174e8b215951aba352050ea784ddab76-7c608cd159919ea2-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 42154
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn-etou8220054-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"1fbbb-187000f2ed1"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4777, 1

GET
H2 200 main-a054bbf31fb90f6a.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 17ms
14ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1628480
traceresponse: 00-1750cdc80af73c89d219e7763ed2495c-3d542f70d7f68fda-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 27725
x-served-by: cache-iad-kjyo7100095-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"186c8-1870991f55c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3307, 1

GET
H2 200 _app-2024e4aaf5b4a59e.js Show response
therecord.media/_next/static/chunks/pages/ 114 KB
37 KB 27ms
25ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2264713
traceresponse: 00-174e8b2181d997ef585cb460e0afb661-92645605394d9cd5-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 37212
x-served-by: cache-iad-kjyo7100055-IAD, cache-hhn-etou8220054-HHN
last-modified: Mon, 20 Mar 2023 17:26:47 GMT
etag: W/"1c769-187000f2ed2"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 138, 1

GET
H2 200 735-7645aca2d71731dd.js Show response
therecord.media/_next/static/chunks/ 937 KB
250 KB 19ms
17ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1079753
traceresponse: 00-1752c0d8649c03379d2fcb513b88b70c-150ceaec1c0badd9-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 255570
x-served-by: cache-iad-kcgs7200088-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"ea276-1870991f55b"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 4081, 1

GET
H2 200 %5B%5B...slug%5D%5D-11ef58e47bf43e91.js Show response
therecord.media/_next/static/chunks/pages/ 56 KB
12 KB 19ms
17ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-11ef58e47bf43e91.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1c29315bca5ba3eef86156ed15e1baa6776b072163fb3e710cc8ce3ae120e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2204584
traceresponse: 00-174ec1ca1ce3a1da437cf352924e5c96-0f06cfd73687cce7-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 12236
x-served-by: cache-iad-kiad7000145-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"de9a-1870991f55d"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo3fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11244, 1

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 1 KB
708 B 26ms
24ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98e48dda03df469f34c19aceed95b86dfd61da021d23e54cea30669be9639a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1077207
traceresponse: 00-1752c329154d62e94e753005812fab37-b349662e29dd0435-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 425
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"43f-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 484, 1

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 99 B
278 B 18ms
16ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1093060
traceresponse: 00-1752b4be51cf72901a81c809bbde4153-35df5ac0c80ded64-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 99
x-served-by: cache-iad-kiad7000132-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"63-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 738, 1

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/ 92 B
272 B 27ms
26ms Script
application/javascript 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/fWIlfQ2UdbpWaTWeCBvZe/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 996731
traceresponse: 00-17530c5a5199f333813225b4408bc0fe-ced13814400d125c-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 92
x-served-by: cache-iad-kiad7000080-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
etag: W/"5c-1870991f560"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2837, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
54 KB 59ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e89df48ae39da02aec9140afa2c480121d051cad440a7618ebb740d77568671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54666
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Apr 2023 02:09:59 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 96ms
48ms Script
application/javascript 2600:9000:2127:3c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-amz-version-id: T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 02:15:06 GMT
server: AmazonS3
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: MX9iP2puizYMU6FNisLXKHxq8Ys5BrCtiWNpcm9lMVcmwxClCfEgXw==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 56ms
9ms Script
application/javascript 2600:9000:2127:3c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d3cf37f2b2d57d5023bcb29d5e09fbe734d6aa0fbed8296daef845b3f20b2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:57 GMT
x-amz-version-id: dkZ2Iyd6WhO.2JvAdqK232mBpLM3LDdd
content-encoding: gzip
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 Mar 2023 02:03:04 GMT
server: AmazonS3
etag: W/"50fb97579a0a86d0d6d8c155532fe40b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: kI6pBE6now4kxoMwfL2CYeIgPwkJR69W3N29UnrcBAryMSH-IOJiyw==

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
152 KB 297ms
296ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffb3746cc0c7511ecf1af774c-5d1ac5e896c4e1d8-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 155503
x-served-by: cache-iad-kiad7000051-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4cd58-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 177ms
176ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffb8b0aa1c094216d22ed4476-7d1c8018c51ad3bc-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2982
x-served-by: cache-iad-kjyo7100149-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"1304-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
154 KB 303ms
302ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffb5f89c712bb434540539da4-b1edb1445ab90364-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 157388
x-served-by: cache-iad-kjyo7100134-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d2c4-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
153 KB 312ms
311ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffb40cedf54e5abe19addc00f-277921d0e72a7b32-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 156755
x-served-by: cache-iad-kiad7000102-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d16c-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
144 KB 279ms
278ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffb4b17c1f7cc41477efe9e51-61d57a9b52d3a847-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 147167
x-served-by: cache-iad-kiad7000092-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4ba44-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
154 KB 316ms
315ms Font
font/ttf 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/1c961ab38b917749.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://therecord.media/_next/static/css/1c961ab38b917749.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696dffdb236ea4267281a03b029d0-df96c14d46bb585e-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 157010
x-served-by: cache-iad-kcgs7200106-IAD, cache-hhn-etou8220054-HHN
last-modified: Wed, 22 Mar 2023 13:37:44 GMT
etag: W/"4d52c-187098a3040"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 articles Show response
cms.therecord.media/api/ 10 KB
11 KB 370ms
161ms XHR
application/json 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2850&filters[date][$lte]=2023-04-14T16%3A51%3A00.000Z&$or[0][showFrom][$null]=true&$or[1][showFrom][$lte]=2023-04-17T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

ebee5ee0711fdf1ce758f208d317b49a4b03602e8d7369774317e8bf81e5e692

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-175696e01233b4d54e629a8cc4b8e3ba-c3e033c383b6a77f-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 10476
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 7 KB
7 KB 415ms
207ms XHR
application/json 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2850&filters[date][$gte]=2023-04-14T16%3A51%3A00.000Z&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-04-17T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

399482805e781caea7d19953786c95be085ff146748cfea7a0345eb6eada25c7

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-175696e01234586f5cd58126628a92cb-e269b7153c63763f-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 6793
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 195 KB
195 KB 472ms
264ms XHR
application/json 34.74.8.155
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[isBrief][$eq]=true&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-04-17T00%3A00%3A00.000Z&sort[0]=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.74.8.155 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

155.8.74.34.bc.googleusercontent.com

Software

/ Strapi <strapi.io>

Resource Hash

5f99a681f23c699268ff8e5639a72a9a6585585b6d4861f1b8c4e4af3410f972

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
traceresponse: 00-175696e012349882c55cdd4f17b66bf7-df136b878134b517-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 199317
referrer-policy: no-referrer
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 238 KB
67 KB 69ms
32ms Fetch
text/xml 104.18.6.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac6f49c4e1ee8fec0ea2129e0a212badbc1db7a6cec3e1f819a347bf3ff08c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 603
traceresponse: 00-1756965384b5625873f954a0bbcf825e-f825569baa120447-00
x-cache: HIT
foo: bar
content-length: 67818
x-served-by: cache-fra-eddf8230121-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7b91210c9ba03aa4-FRA
x-cache-hits: 1

GET
H2 200 index.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 44 KB
16 KB 12ms
11ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

158208e9417ae08be99d6bd2cbfe3c5b7ec0c346813477f891b3c4f7428cb939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-1756740e44d479834b69b448564b38f9-f94ec25ee43ab785-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 16065
x-served-by: cache-iad-kjyo7100047-IAD, cache-hhn-etou8220054-HHN
etag: "b17c-xvITilhtLAZtJ23MBWFK0Kbxrxo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 152, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 15ms
14ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a6d1d2eaf0973ef11e220dd276b37e6a5b95fd3dcfac0eb9c9c2893fb1ecd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-175672405272b9a33be6b0c8f703ae8d-7f84e075c002f2b7-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1861
x-served-by: cache-iad-kcgs7200044-IAD, cache-hhn-etou8220054-HHN
etag: "1bb2-/udb6NBtEACdVwranP1WDjADiro"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 13, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 13ms
11ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd56342ec76939574d192e72d9706a2a5be525fd20ba847e2b341d9167b58184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-1756723bd0c861042fe8ba7aa9992449-c65b1c89cb370855-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1856
x-served-by: cache-iad-kjyo7100156-IAD, cache-hhn-etou8220054-HHN
etag: "1bb2-Q7McY8oB/yXDm8TowHIekXB/EPc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 13, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 11ms
9ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e23cc60138891165dd69c86533f7619327e32e4b9f2b4402b92c3ba7ccdaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 4
traceresponse: 00-1756722ddc698dcc21956c332a3ce2be-9357a62b961fed5d-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1849
x-served-by: cache-iad-kjyo7100041-IAD, cache-hhn-etou8220054-HHN
etag: "1bbb-HQC0y6LKFm+QRb63OFPD4OwNlwU"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 19, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 10ms
8ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9b880d0047f3a92dad9717dbb0aec061e628d1607dfdafaca6a9004129eb802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-17567f487582eb48b7382e9033321ab5-fe47b96daf55a0df-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1842
x-served-by: cache-iad-kiad7000134-IAD, cache-hhn-etou8220054-HHN
etag: "1b9e-G4IyazoMNHlgr59lhtJaGTMd1s8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 409, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/ 7 KB
2 KB 12ms
12ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aff01bd7d2d673326651c7a7fc24efecd55c4f065cd7963e63ac3ac531f98833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-1756723bce725617ace69bce7b0a5e67-8be26bc3d0b00822-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 1860
x-served-by: cache-iad-kiad7000106-IAD, cache-hhn-etou8220054-HHN
etag: "1bb2-PNDBhHAoWrYUqbcF/17100H9aWM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 14, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 35 KB
7 KB 14ms
13ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee00ebbb6b99dfd60fac32a6e4d12c1b6738a6a3f5f4d57838f904000e305071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 14
traceresponse: 00-1756724051720cde5186a8dc5f389ddb-f758e128e06c53c1-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 6533
x-served-by: cache-iad-kcgs7200092-IAD, cache-hhn-etou8220054-HHN
etag: "8d07-wyvbLxOm+0/nbLKRwxYXBD6/bCM"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 14, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 121 KB
25 KB 17ms
16ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

959feeb18d4be659a835b20b5a8b8cd47a01ef6e0c011bed73430810d24d93e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-1756723bd0e75bcd301ae023ca308583-2de3e930b326db75-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 25622
x-served-by: cache-iad-kcgs7200178-IAD, cache-hhn-etou8220054-HHN
etag: "1e291-pkkoJ76oURtz6ueGqcV+BGpMD1o"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 14, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 8 KB
2 KB 15ms
14ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6538bb08774a7dc689f25f4df5db53b34aca4982318261ad704f021490466f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-1756723bce652e8e6c853fd82a1066f2-d735225a1fb14729-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2126
x-served-by: cache-iad-kiad7000098-IAD, cache-hhn-etou8220054-HHN
etag: "1ec2-ritrVPxuHg9ICEub5Wr9o/ubkYU"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 11, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 8 KB
2 KB 14ms
14ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60809d087a3aa64f74c76ceb695db92db0cb044f1ed080f0a0a64097cae518dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-175672405073c674b44c417d60352465-8772928cd99e4290-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2100
x-served-by: cache-iad-kiad7000159-IAD, cache-hhn-etou8220054-HHN
etag: "1e8b-0PB/f5p03RivEwMqUG+Kda2oZ/8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 12, 1

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/author/ 8 KB
3 KB 9ms
8ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/author/jonathan-greig.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc2bd2fbce3aff311a4b6c68bfa85e2f8a0f42f7cbba7e1796851875e37bdd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 45
traceresponse: 00-17567263456fc4e491d26df82fabfa6e-9c69d956e0314b0a-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 2353
x-served-by: cache-iad-kjyo7100142-IAD, cache-hhn-etou8220054-HHN
etag: "21d7-KVy5kO9uhnXAt7w5RxBOzeO7p7A"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 35, 1

GET
H2 200 hackers-using-USB-sticks.json Show response
therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/ 17 KB
5 KB 9ms
9ms Fetch
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/fWIlfQ2UdbpWaTWeCBvZe/hackers-using-USB-sticks.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

58c2d7e3f31ef2aba7f648438d8da266f436759ef0206e8d9f04ae3c65ef2857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 3
traceresponse: 00-17568d417d28a95abc6c3ebd96dd3e35-5aece4c7ea632121-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-length: 4894
x-served-by: cache-iad-kjyo7100159-IAD, cache-hhn-etou8220054-HHN
etag: "45bf-etzPcZN0kKNZ/RGnmsaM2qeZjI8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 142, 1

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 4 KB
4 KB 103ms
21ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: XiK7k1K4G4_9UcBg2.S65sIFd54SfIcU
date: Mon, 17 Apr 2023 02:09:59 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 3771
pragma: no-cache
last-modified: Fri, 31 Mar 2023 18:59:38 GMT
server: AmazonS3
etag: "29e881d3528b8d3d0ef42c057d73a114"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: T5sLQw3-zkT2pdj-B7AbER_Uh9lmhZYyQroXpM_5jl5H3Bb4aI0U0w==
expires: Mon, 17 Apr 2023 02:09:59 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 87ms
9ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Mon, 17 Apr 2023 02:09:59 GMT

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 100ms
65ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FCyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital&idsite=2&rec=1&r=180609&h=2&m=9&s=59&url=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&_id=66ec4f4fa9b6311e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=MSptTu&fa_pv=1&fa_fp[0][fa_vid]=esPFLv&fa_fp[0][fa_fv]=1&pf_net=32&pf_srv=155&pf_tfr=1&pf_dm1=51&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Mon, 17 Apr 2023 02:09:59 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 48ms
19ms Script
application/javascript 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=UzGOpo&url=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 178527aa9e81625ccfca8e57a0197b8f497b672877b8a0a7689dfbdeb9bcb7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 image
therecord.media/_next/ 145 KB
145 KB 186ms
184ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fjoker_dpr_and_the_information_war_a624380fdb.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4365c3d5820b44d4d301c209534e03461df0092405a986269876a551c3860bae

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Mon, 17 Apr 2023 02:10:00 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696e011da0a8d0c77184058f6c769-682b6220c278c9b6-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="joker_dpr_and_the_information_war_a624380fdb.webp"
content-length: 148396
x-served-by: cache-iad-kjyo7100158-IAD, cache-hhn-etou8220054-HHN
etag: Q2XD1YILRNTTAcIJU04DRh3wCSQFqYYmmHalUcOGC64=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 128 KB
129 KB 222ms
220ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fteeing_up_redgolfs_new_operational_keyplug_infrastructure_3d1adbc690.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4237d2ee4728643a6467fc9fddbce93bb735a61a4415cdc90cf23776d137ed51

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Mon, 17 Apr 2023 02:10:00 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696e0144a1428a2abf451221f9903-51c2e37502409bd6-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="teeing_up_redgolfs_new_operational_keyplug_infrastructure_3d1adbc690.webp"
content-length: 131470
x-served-by: cache-iad-kjyo7100165-IAD, cache-hhn-etou8220054-HHN
etag: QjfS7kcoZDpkZ-yf3bzpO7c1phpEFc3JDPI3dtE37VE=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 136 KB
137 KB 189ms
187ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Frussian_sanctions_evasion_puts_merchants_banks_risk_3bd90adbf0.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

318ba0ae4406fcb7ad4e479d4d9cf60948cf3a5b2ad38556d96ba760c7e4860b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Mon, 17 Apr 2023 02:10:00 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696e011b87a701851f04fd11d93ff-4156c195759f7547-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="russian_sanctions_evasion_puts_merchants_banks_risk_3bd90adbf0.webp"
content-length: 139490
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn-etou8220054-HHN
etag: MYugrkQG-LetTkedTZz2CUjPOlsq04VW2WunYMfkhgs=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 142 KB
142 KB 230ms
229ms Image
image/webp 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Firs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.jpg&w=1920&q=75

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

381f3dd72c9446985a766fdabd9ffec6de323e1ef52c3961f6fe54e5c2226c76

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
date: Mon, 17 Apr 2023 02:10:00 GMT
strict-transport-security: max-age=31557600
age: 0
traceresponse: 00-175696e01446729d3df0c06399b6cc65-671b6d0c3cdecc2d-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="irs_cyberattack_highlights_risk_of_tax_refund_fraud_47e79779d1.webp"
content-length: 145252
x-served-by: cache-iad-kcgs7200023-IAD, cache-hhn-etou8220054-HHN
etag: OB891yyURphadm-avZ-+xt4yPh71LDlh9v5U5cIibHY=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 42ms
8ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 14 B
299 B 62ms
9ms XHR
text/html 2a02:26f0:480:22::1726:62ee
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62ee Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 73580a6ba6705b61499bf9b4661f1b50c4f78e8c72b65ce30df43546e7f58e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 02:10:00 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:2b::5
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467138_389993774_311054097_31_917_6_0";dur=1
content-length: 14
expires: Mon, 17 Apr 2023 02:10:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 219ms
202ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
811 B 52ms
6ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 02:09:59 GMT
AN-X-Request-Uuid: a99f9a70-3314-4513-814f-d15b9ab10861
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 39ms
8ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 218ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%225%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 209ms
195ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%226%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 216ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%226%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 217ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%227%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 210ms
196ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%227%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 204ms
204ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%227%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 205ms
204ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=s_update&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2017%20Apr%202023%2002%3A09%3A59%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%228%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 36ms
9ms XHR
text/html 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:09:59 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 14 B
300 B 54ms
9ms XHR
text/html 2a02:26f0:480:22::1726:62ee
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62ee Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 73580a6ba6705b61499bf9b4661f1b50c4f78e8c72b65ce30df43546e7f58e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 02:10:00 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://therecord.media
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:2b::5
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467138_389993774_311054098_33_904_6_0";dur=1
content-length: 14
expires: Mon, 17 Apr 2023 02:10:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 203ms
202ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=71c93b28-8df6-4949-8698-5b340cc4fa29&session=a57a4058-1979-47a5-8fb1-e0df9eba5036&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A2b%3A%3A5%22%7D&isIframe=false&m=%7B%22description%22%3A%22A%20cyberattack%20on%20a%20hospital%20in%20Ontario%2C%20Canada%20is%20causing%20delays%20to%20scheduled%20and%20non-urgent%20care.%5Cn%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&pageViewId=5f4e0e76-eb9c-4743-838e-a80d86460887&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 740 B
579 B 28ms
11ms XHR
application/json 3.67.117.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.117.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-117-144.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d7d62f1b6fc6f96998066b32b4d71d1ad2f1b399758f0e429398306f7571fa3d

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 395

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 54ms
9ms Preflight 3.67.117.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.117.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-117-144.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Mon, 17 Apr 2023 02:10:00 GMT
server: nginx

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ 0
0 50ms
9ms Preflight 3.67.117.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.117.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-117-144.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Mon, 17 Apr 2023 02:10:00 GMT
server: nginx

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 740 B
579 B 30ms
13ms XHR
application/json 3.67.117.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.117.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-117-144.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e7559ab7e4e088ec4c76a2777e7d98f4afd7032585a660c10e521dfa931d7273

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 396

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Apr 2023 00:35:42 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 17 Apr 2023 02:35:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
145 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1037213698&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&ul=en-us&de=UTF-8&dt=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YEBAAEABAAAAACAAI~&jid=1053404722&gjid=1285172638&cid=578725624.1681697400&tid=UA-9153858-16&_gid=514591093.1681697400&_r=1&_slc=1&gtm=45He34c0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=565952071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 02:10:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1037213698&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&ul=en-us&de=UTF-8&dt=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=578725624.1681697400&tid=UA-9153858-16&_gid=514591093.1681697400&gtm=45He34c0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=1003500180

Requested by

Host: therecord.media
URL: https://therecord.media/canadian-hospital-treatment-delays-cyberattack-ontario

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 21:05:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18285
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 1 KB
892 B 158ms
130ms Script
application/javascript 2606:4700::6812:893b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:893b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 060e573ea79b625c1c500907e8f527f941c7324e935a0afa8fac359704fe8635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 17 Apr 2023 01:37:19 GMT
server: cloudflare
x-hubspot-correlation-id: 0335150d-df25-49b3-ba4b-5f5a3a93a4ae
x-trace: 2B8B5AE95720C38B4B51D87A9708E8C323A9D133E1000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7b9121108c8e39f1-FRA
expires: Mon, 17 Apr 2023 02:11:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1037213698&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&ul=en-us&de=UTF-8&dt=Cyberattack%20causing%20treatment%20delays%20at%20Canadian%20hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=578725624.1681697400&tid=UA-9153858-16&_gid=514591093.1681697400&gtm=45He34c0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=2039575610

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Apr 2023 06:32:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70675
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 70ms
24ms Script
application/javascript 2606:4700::6811:7f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-amz-version-id: RmhmaytfCYjkF4kIWncNidw0.aX_4QVo
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 58328
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js&cfRay=7b8b9109ddfb2bec-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 03 Apr 2023 03:50:40 UTC
server: cloudflare
etag: W/"0bee9cd87f137fe7aec90112cb8b0376"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7b912111abf22c00-FRA
x-amz-cf-id: LBYG7xpjJ-kUTzPBTbw2t-lQjyABDwqhjeVJkeCm8PZ4irxHcySgOg==
x-hs-target-asset: lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 418ms
378ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14a3581f43637c3a38bf2dc63eb6bd1db03f379531e0c933046757027da5996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-amz-version-id: G0bbSlSfRykjiDD0m1m7bWMeF3mCkT4v
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XAY7APDKRVQ9D54N
x-amz-server-side-encryption: AES256
x-amz-id-2: 3RjBjoB6U/v2wOyhuWqMzdg6Mw7qY6MZb6M1OPzzAKOL7P1dwMI3Y5sdKjEDTl4q/yGh41kmPCI=
last-modified: Wed, 08 Mar 2023 04:01:20 GMT
server: cloudflare
etag: W/"07e17ba34d46098d956efa1591721142"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.recordedfuture.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7b912111984f2bb6-FRA
expires: Mon, 17 Apr 2023 02:15:00 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1681697400000/ 66 KB
21 KB 182ms
153ms Script
text/javascript 2606:4700::6810:89ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1681697400000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f29f5ffaa2e9b4857580086e724294ecf8143d2ff3bab3da3589ef0b03047e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 5MXCGZZ44K6J03GZ
x-amz-server-side-encryption: AES256
x-amz-id-2: k1ozsJsaHlcZd+5SkEF/rUX4AijkEVOGDU9iXPZZZbyoorT6QovuHdepvyyzxozoIXzjDegbClA=
last-modified: Thu, 13 Apr 2023 14:40:53 GMT
server: cloudflare
etag: W/"c4c9b6dbd82a76dd385ca3a97b305d3f"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7b9121118f63036e-FRA
expires: Mon, 17 Apr 2023 02:15:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
896 B 166ms
131ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=287657573&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&t=Cyberattack+causing+treatment+delays+at+Canadian+hospital&cts=1681697400733&vi=14f945daad4d1241e76f5df6750d1d9d&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ea5b345b-9cd3-448c-83fc-c3a224b600a2
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHmK7kkr8s3MsnoLQTRcfkFS8HXX7gkV%2B%2Byw%2FcwYFNvsnlGwL6soVEOFVEprU8VRNk87hQeJ%2FcDnEhY3zbDua4JbN6sj8ZWm%2FMIVS2qxF55EQ990aZ7a9Wb6JdeOGYxITGioMiyIOhNJ442jiDyE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7b912112dbe3bb4d-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 203ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:01 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 264ms
219ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=14f945daad4d1241e76f5df6750d1d9d&__hstc=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&__hssc=156209188.1.1681697400731&currentUrl=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7ecd1dbed36ee7c5d4233a91a1b3fd4bb85cce56d2ba225d2bfcebfe7cca04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bf771393-2d5f-4a3c-aeb5-1622291abc33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWignO%2B2lZPo0kyq6E%2FjspWhf7inK3H84iMejg7R6VU%2BebQfOBc4BYoOKRPAxHepfKzKmqiJ5Rz9yDu%2BBsYSJ1dhybpRx6gk5h2yCzhY%2BTw6MyksR%2B2dRSlKRVdDZAmXRJPIOiyPcsYOUIDHYKEj"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7b912114ce9f9b34-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
384 B 144ms
143ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=287657573&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fcanadian-hospital-treatment-delays-cyberattack-ontario&t=Cyberattack+causing+treatment+delays+at+Canadian+hospital&cts=1681697401304&vi=14f945daad4d1241e76f5df6750d1d9d&nc=true&u=156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1&b=156209188.1.1681697400731&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d1f840d7-0421-457d-adb5-085066f126ae
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nN69YWZ7Mad6pKSScIUcp%2F21FAJ9zev%2F9gocaBUSSQiIuB20f4YDtySaa201mk%2FPn3Ya%2BLjh4R4t6Zu7Sj1BdTe6CDrTrMNMGbxzXSOY5IIaqRH%2Bdsm3kfvx%2FtYvHkmdVumHwHZXumH4%2FDulxs4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7b9121162dc5bb4d-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 204ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:02 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 124ms
32ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 1053408
x-amz-request-id: A9BYJ40JVZ93XZX1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Mon, 17 Apr 2023 02:10:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: RefreshHit from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85082
x-amz-id-2: damUu7uH/TV9GDMBll+a8D/AHpaYSrn9tCe6Uto++R2CCED3u3zTKAmaeZhw+rS3gYOqf+c4x7s=
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4%2B3HEg5M0TYcdiKiLYaihwU52Xgbnp5nhfyVGfcpPimdQ1pJbaV2U0%2Bci%2BNmZaDYGvlLs5G7wVkJ%2BCS3eO%2BN9FUluR5kZCjRElv7rhOOV4stOAPV2HmypD%2FMGAmq84KA6ueaAVVfYMaoMLZ9zbXJ4Qncw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7b91211cfb4d3660-FRA
x-amz-cf-id: Xf-YIsuIjYQVW6-5bY5TVLXs27Ph-wm_BzMlQbuijC_q0BTWYFuEzQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 204ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 204ms
203ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 205ms
205ms Image
image/gif 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-170.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 02:10:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-20 20:34:12	Name: _pk_id.2.de70 Value: 66ec4f4fa9b6311e.1681697400.
.therecord.media/	1970-01-20 11:08:19	Name: _pk_ses.2.de70 Value: 1
therecord.media/	1970-01-20 20:44:17	Name: _gd_visitor Value: 71c93b28-8df6-4949-8698-5b340cc4fa29
therecord.media/	1970-01-20 11:08:31	Name: _gd_session Value: a57a4058-1979-47a5-8fb1-e0df9eba5036
therecord.media/	1970-01-20 11:18:22	Name: _an_uid Value: 0
.therecord.media/	1970-01-20 20:44:17	Name: _ga Value: GA1.2.578725624.1681697400
.therecord.media/	1970-01-20 11:09:43	Name: _gid Value: GA1.2.514591093.1681697400
.therecord.media/	1970-01-20 11:08:17	Name: _gat_UA-9153858-16 Value: 1
.6sc.co/	1970-01-20 20:44:17	Name: 6suuid Value: aad017024454000078aa3c64a2000000098c4900
.hubspot.com/	1970-01-20 11:08:19	Name: __cf_bm Value: 0KHqoMcn32uDw1LXgCqrnidYnM2ofEMbx8da5Mk6P3s-1681697400-0-AdamcDs2jQ926KhJ8EcyG4oD5G9/Pcv+yIVElptVz36sWbTyJ+8n570cMK2UyHcb3hGV5khaUpA+EyrQYJwDAu4=
.therecord.media/	1970-01-20 15:27:29	Name: __hstc Value: 156209188.14f945daad4d1241e76f5df6750d1d9d.1681697400731.1681697400731.1681697400731.1
.therecord.media/	1970-01-20 15:27:29	Name: hubspotutk Value: 14f945daad4d1241e76f5df6750d1d9d
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 11:08:19	Name: __hssc Value: 156209188.1.1681697400731
.go.recordedfuture.com/	1970-01-20 11:08:19	Name: __cf_bm Value: OL8OtOXKPZCajTQgTUfEsj_GBX43WkhdmEEt_CIq7HU-1681697402-0-AYV8iluNleH58UhSSGKWoDjDvQZfnsCceojbrkl48epC2z0Fijr0iE883dgAEgOCEuHm3VMfUEdZ8RhoHJCvw50=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 001690487ccf84a59a91df50e10775966389efee-1681697402

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31557600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
recordedfuture.matomo.cloud
secure.adnxs.com
therecord.media
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.recordedfuture.com
104.18.6.66
151.101.194.216
18.157.122.248
2600:9000:2127:3c00:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700::6810:89ce
2606:4700::6811:7f6e
2606:4700::6812:19c4
2606:4700::6812:893b
2606:4700::6813:9b53
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2008
2a02:26f0:480:22::1726:62ee
3.67.117.144
34.74.8.155
37.252.173.215
95.101.111.170
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
060e573ea79b625c1c500907e8f527f941c7324e935a0afa8fac359704fe8635
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
158208e9417ae08be99d6bd2cbfe3c5b7ec0c346813477f891b3c4f7428cb939
178527aa9e81625ccfca8e57a0197b8f497b672877b8a0a7689dfbdeb9bcb7b5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e89df48ae39da02aec9140afa2c480121d051cad440a7618ebb740d77568671
238fbffb3c24f8264ac3e7078b71002b001535821e2b4f1f76e2bba929468b42
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
318ba0ae4406fcb7ad4e479d4d9cf60948cf3a5b2ad38556d96ba760c7e4860b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
381f3dd72c9446985a766fdabd9ffec6de323e1ef52c3961f6fe54e5c2226c76
399482805e781caea7d19953786c95be085ff146748cfea7a0345eb6eada25c7
4237d2ee4728643a6467fc9fddbce93bb735a61a4415cdc90cf23776d137ed51
4365c3d5820b44d4d301c209534e03461df0092405a986269876a551c3860bae
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4a6d1d2eaf0973ef11e220dd276b37e6a5b95fd3dcfac0eb9c9c2893fb1ecd7e
4c7f855160b6303be193b6cb3264626cd3319875129e3764a96961a067f0f928
51fd18749afc27e1809dddc215120cc9d95ef9420f7c7ca446c632ee892c26c6
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
58c2d7e3f31ef2aba7f648438d8da266f436759ef0206e8d9f04ae3c65ef2857
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d3cf37f2b2d57d5023bcb29d5e09fbe734d6aa0fbed8296daef845b3f20b2a9
5f99a681f23c699268ff8e5639a72a9a6585585b6d4861f1b8c4e4af3410f972
60809d087a3aa64f74c76ceb695db92db0cb044f1ed080f0a0a64097cae518dc
6538bb08774a7dc689f25f4df5db53b34aca4982318261ad704f021490466f8c
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253
73580a6ba6705b61499bf9b4661f1b50c4f78e8c72b65ce30df43546e7f58e6f
75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
959feeb18d4be659a835b20b5a8b8cd47a01ef6e0c011bed73430810d24d93e6
98e48dda03df469f34c19aceed95b86dfd61da021d23e54cea30669be9639a3e
9e23cc60138891165dd69c86533f7619327e32e4b9f2b4402b92c3ba7ccdaa31
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
aff01bd7d2d673326651c7a7fc24efecd55c4f065cd7963e63ac3ac531f98833
bc2bd2fbce3aff311a4b6c68bfa85e2f8a0f42f7cbba7e1796851875e37bdd72
c14a3581f43637c3a38bf2dc63eb6bd1db03f379531e0c933046757027da5996
cac6f49c4e1ee8fec0ea2129e0a212badbc1db7a6cec3e1f819a347bf3ff08c9
cc7ecd1dbed36ee7c5d4233a91a1b3fd4bb85cce56d2ba225d2bfcebfe7cca04
d7d62f1b6fc6f96998066b32b4d71d1ad2f1b399758f0e429398306f7571fa3d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd56342ec76939574d192e72d9706a2a5be525fd20ba847e2b341d9167b58184
de1c29315bca5ba3eef86156ed15e1baa6776b072163fb3e710cc8ce3ae120e1
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab
e7559ab7e4e088ec4c76a2777e7d98f4afd7032585a660c10e521dfa931d7273
e9b880d0047f3a92dad9717dbb0aec061e628d1607dfdafaca6a9004129eb802
ebee5ee0711fdf1ce758f208d317b49a4b03602e8d7369774317e8bf81e5e692
ee00ebbb6b99dfd60fac32a6e4d12c1b6738a6a3f5f4d57838f904000e305071
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f29f5ffaa2e9b4857580086e724294ecf8143d2ff3bab3da3589ef0b03047e4a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

therecord.media Open in urlscan Pro 151.101.194.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

59 %IPv6

13 Domains

20 Subdomains

18 IPs

3 Countries

2783 kBTransfer

5813 kBSize

16 Cookies

24 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
151.101.194.216 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

2783 kB
Transfer

5813 kB
Size

16
Cookies

83 HTTP transactions
1 data transactions