therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
Submission: On May 09 via api (May 9th 2023, 2:10:08 am UTC) from TR — Scanned from DE

Summary HTTP 86 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 86 HTTP transactions. The main IP is 2606:4700::6812:1c78, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 336214.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.

This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700::68... 2606:4700::6812:1c78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:3800:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.66 104.18.6.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
9	2.16.187.88 2.16.187.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.156.45.170 35.156.45.170	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8e:... 2a04:4e42:8e::159	54113 (FASTLY) (FASTLY)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
86	20

39 2606:4700::6812:1c78 (United States)

ASN13335 (CLOUDFLARENET, US)

therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.therecord.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.66 (None, )

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.187.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-88.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.45.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	therecord.media therecord.media — Cisco Umbrella Rank: 336214 cms.therecord.media — Cisco Umbrella Rank: 746913	2 MB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 805 syndication.twitter.com — Cisco Umbrella Rank: 1119	448 KB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 5624 c.6sc.co — Cisco Umbrella Rank: 8648 b.6sc.co — Cisco Umbrella Rank: 4113	17 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 19192 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 713520	67 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2158 forms.hubspot.com — Cisco Umbrella Rank: 4222	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 2966 pbs.twimg.com — Cisco Umbrella Rank: 836	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10368	593 B
2	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 406	2 KB
2	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 436426 go.recordedfuture.com — Cisco Umbrella Rank: 376602	153 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4056	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2027	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2039	16 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2253	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	55 KB
86	15

	Domain	Requested by
33	therecord.media	therecord.media
12	platform.twitter.com	therecord.media platform.twitter.com
6	b.6sc.co
6	cms.therecord.media	therecord.media
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	syndication.twitter.com	platform.twitter.com
2	track.hubspot.com
2	epsilon.6sense.com	j.6sc.co
2	secure.adnxs.com	j.6sc.co
2	recordedfuture.matomo.cloud	cdn.matomo.cloud
2	j.6sc.co	www.googletagmanager.com therecord.media
2	cdn.matomo.cloud	therecord.media
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	pbs.twimg.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	c.6sc.co	j.6sc.co
1	js.hs-scripts.com	www.googletagmanager.com
1	www.recordedfuture.com	therecord.media
1	www.googletagmanager.com	therecord.media
86	23

This site contains links to these domains. Also see Links.

Domain
www.recordedfuture.com
twitter.com
www.linkedin.com
www.facebook.com
www.reddit.com
news.ycombinator.com
www.papercut.com
cyberplace.social
www.microsoft.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-03-05`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M01	`2023-02-10` - `2023-08-19`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
go.recordedfuture.com GTS CA 1P5	`2023-04-28` - `2023-07-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
Frame ID: F4308AD74F3A77D77D8943E61EBF742B
Requests: 71 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftherecord.media
Frame ID: 421FE064B78B133029268D72AEFC7DDA
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: B94512FF474D617E52E5309C021426A8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iranian state-sponsored hackers exploiting printer vulnerability

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

86
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

23
Subdomains

20
IPs

3
Countries

2700 kB
Transfer

6887 kB
Size

16
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.recordedfuture.com/privacy-policy/?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/platform/mobile-app?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%20https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability%20@TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability&title=Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability&src=sdkpreparse

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability&t=Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability

Search URL Search Domain Scan URL

URL: https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
Title: urgent update

Search URL Search Domain Scan URL

URL: https://cyberplace.social/@GossiTheDog/110310770981233130
Title: LockBit

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1654610012457648129
Title: said

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/nation-state-threat-actor-mint-sandstorm-refines-tradecraft-to-attack-high-value-targets/
Title: reported

Search URL Search Domain Scan URL

URL: https://twitter.com/jgreigj

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/xiaoqiying-genesis-day-threat-actor-group-targets-south-korea-taiwan?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Xiaoqiying/Genesis Day Threat Actor Group Targets South Korea, TaiwanXiaoqiying/Genesis Day Threat Actor Group Targets South Korea, Taiwan

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/joker-dpr-and-the-information-war?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Joker DPR and the Information WarJoker DPR and the Information War

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/with-keyplug-chinas-redgolf-spies-on-steals-from-wide-field-targets?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of TargetsWith KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/russian-sanctions-evasion-puts-merchants-banks-risk?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Russian Sanctions Evasion Puts Merchants and Banks at RiskRussian Sanctions Evasion Puts Merchants and Banks at Risk

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/irs-cyberattack-highlights-risk-of-tax-refund-fraud?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: IRS Cyberattack Highlights Risk of Tax Refund FraudIRS Cyberattack Highlights Risk of Tax Refund Fraud

Search URL Search Domain Scan URL

URL: https://twitter.com/TheRecord_Media

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-record-by-recorded-future

Search URL Search Domain Scan URL

URL: https://www.instagram.com/therecord_media/

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&__hsfp=609496040
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iranian-state-sponsored-hackers-exploiting-printer-vulnerability Show response
therecord.media/ 41 KB
9 KB 112ms
44ms Document
text/html 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

c4b10ed347c36c1d47de16c97b3b7f9734838486e6e9eb380252ba3737284f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c4667578af135e7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 02:10:01 GMT
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-175d4522957eec506883179b4d8d0664-f17a6df54badd702-00
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by: Next.js
x-served-by: cache-iad-kiad7000109-IAD, cache-fra-eddf8230110-FRA

GET
H2 200 2022_09_iran_flag_f4608d113c.jpg
cms.therecord.media/uploads/ 65 KB
65 KB 360ms
339ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/2022_09_iran_flag_f4608d113c.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616143ec97209e1d948cd14dee4c1a02cb3f6241376637a3c4146d8c2b66f76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-175d57a4fe8655022ced88a698d93d49-cd224cb62e2347fd-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 66088
last-modified: Sun, 04 Dec 2022 16:54:43 GMT
server: cloudflare
etag: "638cd0d3-10228"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c466757fb2c35e7-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Tue, 09 May 2023 02:15:01 GMT

GET
H2 200 T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg
cms.therecord.media/uploads/ 52 KB
53 KB 359ms
339ms Image
image/jpeg 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/T03_JN_5_SNQ_U037_HMEJK_61_e471a4980693_512_e7fa91f931.jpg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
traceresponse: 00-175d57a4fe6cb3ea84c174568ad660a2-ae58ffa363550cb1-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
content-length: 53612
last-modified: Mon, 06 Mar 2023 21:07:55 GMT
server: cloudflare
etag: "6406562b-d16c"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c466757fb2e35e7-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Tue, 09 May 2023 02:15:01 GMT

GET
H2 200 The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 7 KB
2 KB 360ms
340ms Image
image/svg+xml 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
traceresponse: 00-175d57a4fe7642a1c148a0bb45ddb9b0-99f3715116338434-00
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
last-modified: Thu, 12 Jan 2023 17:06:51 GMT
server: cloudflare
etag: W/"63c03e2b-1c5f"
vary: Accept-Encoding
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c466757fb2f35e7-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m
expires: Tue, 09 May 2023 02:15:01 GMT

GET
H2 200 fc12c5c18868fc3b.css
therecord.media/_next/static/css/ 53 KB
10 KB 44ms
44ms Stylesheet
text/css 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

462df041fa84cefbb1ba08c7550716caf6776d6387769a20ba3fbc92413fec7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 296065
traceresponse: 00-175c4a5b3b68aabbc09048e8fd3c15f7-9b003bd79cb790f9-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200075-IAD, cache-fra-eddf8230024-FRA
last-modified: Fri, 05 May 2023 15:55:00 GMT
server: cloudflare
etag: W/"d217-187ec9fade4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo2fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c466757db1635e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1297, 1

GET
H2 200 rocket-loader.min.js Show response
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 29ms
29ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 28 Apr 2023 14:11:40 GMT
server: cloudflare
content-encoding: gzip
etag: W/"644bd41c-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7c466757db1935e7-FRA
expires: Thu, 11 May 2023 02:10:01 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 217ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:01 GMT
Content-Encoding: gzip
Age: 134
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/674B)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 _middlewareManifest.js Show response
therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/ 92 B
223 B 50ms
47ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/_middlewareManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 296064
traceresponse: 00-175c4a5b47faca57688cb4d9e4ca43c2-b2ede6f35d538571-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230132-FRA
last-modified: Fri, 05 May 2023 15:55:00 GMT
server: cloudflare
etag: W/"5c-187ec9fade4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo2fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8535e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 9, 3

GET
H2 200 _ssgManifest.js Show response
therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/ 99 B
240 B 49ms
47ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/_ssgManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 296065
traceresponse: 00-175c4a5b486c1d25db96710b59f27e63-67e9a92a7b389301-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000061-IAD, cache-fra-eddf8230100-FRA
last-modified: Fri, 05 May 2023 15:55:00 GMT
server: cloudflare
etag: W/"63-187ec9fade4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo2fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8635e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 1281, 1

GET
H2 200 _buildManifest.js Show response
therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/ 1 KB
599 B 46ms
43ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/jYn9-gKQFjl-GBAYLYyhT/_buildManifest.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161b931b202a933401abe5bd9744f50e4d77da48c34cc2af63c8f919f3878683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 296064
traceresponse: 00-175c4a5b47f404981adb3a07f95b921b-eb6270ec62ee997c-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000135-IAD, cache-fra-eddf8230088-FRA
last-modified: Fri, 05 May 2023 15:55:00 GMT
server: cloudflare
etag: W/"43f-187ec9fade4"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjo2fQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8735e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 12, 2

GET
H2 200 %5B%5B...slug%5D%5D-9e24780f610752e3.js Show response
therecord.media/_next/static/chunks/pages/ 56 KB
12 KB 54ms
52ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-9e24780f610752e3.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f620974953cc0b262c64779ff823d35cf7af59962411c5fa8e580d24f6d025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 982954
traceresponse: 00-1759d9a6eecdaedf2860039d6f474569-ca88409bbae5d7e1-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200142-IAD, cache-fra-eddf8230076-FRA
last-modified: Thu, 27 Apr 2023 17:07:16 GMT
server: cloudflare
etag: W/"deaf-187c3aef93d"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8835e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2, 2

GET
H2 200 735-7645aca2d71731dd.js Show response
therecord.media/_next/static/chunks/ 937 KB
242 KB 66ms
64ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 648225
traceresponse: 00-175b0a161b85e13f97d2c1496b44fe0b-87074989c0c5b6e3-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-eddf8230045-FRA
last-modified: Thu, 27 Apr 2023 17:07:16 GMT
server: cloudflare
etag: W/"ea276-187c3aef93c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667588b9e35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 514, 1

GET
H2 200 _app-2024e4aaf5b4a59e.js Show response
therecord.media/_next/static/chunks/pages/ 114 KB
38 KB 90ms
88ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1714154
traceresponse: 00-175740a159128dda27a221ff362af697-88c74dd9e81ee555-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230098-FRA
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
server: cloudflare
etag: W/"1c769-1870991f55d"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667588b9f35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3079, 2

GET
H2 200 main-a054bbf31fb90f6a.js Show response
therecord.media/_next/static/chunks/ 98 KB
27 KB 66ms
64ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 3529282
traceresponse: 00-1750cdc80af73c89d219e7763ed2495c-3d542f70d7f68fda-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100095-IAD, cache-fra-eddf8230123-FRA
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
server: cloudflare
etag: W/"186c8-1870991f55c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667588ba035e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 7171, 2

GET
H2 200 framework-5f4595e5518b5600.js Show response
therecord.media/_next/static/chunks/ 127 KB
42 KB 64ms
62ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 2381849
traceresponse: 00-1754e15de082861306747f4f6d07db3e-7346dc452ba89950-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200081-IAD, cache-fra-eddf8230109-FRA
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
server: cloudflare
etag: W/"1fbbb-1870991f55c"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667588ba135e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2745, 1

GET
H2 200 webpack-5752944655d749a0.js Show response
therecord.media/_next/static/chunks/ 2 KB
1 KB 59ms
58ms Script
application/javascript 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 1848635
traceresponse: 00-1756c651e1564a3e1466c1c6620e8619-5a1bf9b27bd14c9a-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230046-FRA
last-modified: Wed, 22 Mar 2023 13:46:13 GMT
server: cloudflare
etag: W/"673-1870991f55f"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667588ba235e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 6432, 2

GET
H2 200 Inter-Medium.ttf
therecord.media/fonts/ 307 KB
149 KB 216ms
215ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Medium.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f79f82cc86c3f0aea007f4c1-4ff69e4f66e9ac31-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000051-IAD, cache-fra-eddf8230067-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"4cd58-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b7e35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 icomoon.ttf
therecord.media/icons/fonts/ 5 KB
3 KB 162ms
160ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f7546540067a8bbff1eb6262-eea2560b4dcc7aaf-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230085-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"1304-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b7f35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-SemiBold.ttf
therecord.media/fonts/ 308 KB
151 KB 207ms
206ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-SemiBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f718b13139f45105be49bf71-57a6959179734ba6-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230098-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"4d16c-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8035e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Regular.ttf
therecord.media/fonts/ 303 KB
140 KB 226ms
225ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Regular.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f7b7ab75ddb925f14f0332c3-8999d1160ab0908a-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-eddf8230096-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"4ba44-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8135e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-ExtraBold.ttf
therecord.media/fonts/ 309 KB
151 KB 214ms
212ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-ExtraBold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f79f8c63aaf07dd066c3417e-cee72a8472d174b1-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200106-IAD, cache-fra-eddf8230023-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"4d52c-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8335e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 Inter-Bold.ttf
therecord.media/fonts/ 309 KB
151 KB 234ms
233ms Font
font/ttf 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/fonts/Inter-Bold.ttf

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://therecord.media/_next/static/css/fc12c5c18868fc3b.css
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:01 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a4f8335fa2ebfeea3b6701416b-5ff411ac3bb192c7-00
x-cache: MISS, MISS
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230062-FRA
last-modified: Fri, 05 May 2023 15:50:07 GMT
server: cloudflare
etag: W/"4d2c4-187ec9b3398"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c4667586b8435e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
55 KB 87ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfa1de18b0f6898a42fa2d616926f2eebd6c76cebe780c5d1b51bfdcbcf2942e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55826
x-xss-protection: 0
last-modified: Tue, 09 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 May 2023 02:10:02 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 199 KB
58 KB 149ms
80ms Script
application/javascript 2600:9000:224a:3800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
x-amz-version-id: T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding: gzip
last-modified: Tue, 07 Feb 2023 02:15:06 GMT
server: AmazonS3
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: -ACgY1vL7bdXh9jjtNMioRTWIIHED7drulUHmDHgQYNiu8WGe0hSiQ==

GET
H2 200 container_41sBJe2I.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 27 KB
9 KB 184ms
115ms Script
application/javascript 2600:9000:224a:3800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by: Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
x-amz-version-id: Xp.qiLs.ZhMcRdIRto4WxBiX5kNGHcfO
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 04:07:33 GMT
server: AmazonS3
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"839ec9cd752c4e512960109f6ac6b404"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: 9f9GaMGpbV4aKfuUiGkbQA4Vx7wMXPtybuQYK4sxTB5H9DeeJS9Siw==

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 421F 320 KB
104 KB 34ms
33ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftherecord.media
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 880661
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 09 May 2023 02:10:02 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 articles Show response
cms.therecord.media/api/ 9 KB
3 KB 456ms
412ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2944&filters[date][$lte]=2023-05-08T20%3A24%3A00.000Z&$or[0][showFrom][$null]=true&$or[1][showFrom][$lte]=2023-05-09T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

557712ae8239db68f6f218b721ac84aa00343b6bb016437e2e933d627845b0b1

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-175d57a5290a949bb6573638c6d0ece1-d5da34b87d1779c5-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7c46675c6b8e35f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 81 B
931 B 402ms
359ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=2944&filters[date][$gte]=2023-05-08T20%3A24%3A00.000Z&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-05-09T00%3A00%3A00.000Z&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

cc59e76acc0d203257697ec7fc1004799bccc89817c15c4b58b2f2c110b76034

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-175d57a528dac41b534782a98ab860fd-b610984cc08b9b99-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7c46675c6b8f35f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 articles Show response
cms.therecord.media/api/ 203 KB
44 KB 535ms
491ms XHR
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[isBrief][$eq]=true&filters[$or][0][showFrom][$null]=true&filters[$or][1][showFrom][$lte]=2023-05-09T00%3A00%3A00.000Z&sort[0]=date%3Adesc

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strapi <strapi.io>

Resource Hash

93117b370d28507683c247323081934f33992aa7883ae826cec73e5574d38a10

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
traceresponse: 00-175d57a528f323f8f15c76fcf77aabb4-2f675bced21bb961-00
x-powered-by: Strapi <strapi.io>
x-dns-prefetch-control: off
x-platform-processor: yzs7ggztuurocnodlgeyqu6sde
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://therecord.media
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
x-platform-cluster: r6uchqjqwmfqi-production-vohbr3y
cf-ray: 7c46675c6b9035f6-FRA
x-platform-router: qk5ll65emgqnxbcwb6fko7g64m

GET
H2 200 research Show response
www.recordedfuture.com/feed/ 243 KB
68 KB 105ms
36ms Fetch
text/xml 104.18.6.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/feed/research

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/735-7645aca2d71731dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629f47993f4df7ac5f42fe99cbc70a342ed2295ff278f7cbeb2af1a4edf8f87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/rss+xml
Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 237
traceresponse: 00-175d576dd884d723a826628ee92476f0-3f3056fbaddf3ccf-00
x-cache: HIT
foo: bar
content-length: 69600
x-served-by: cache-fra-eddf8230037-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: *
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c46675c9bdf18dd-FRA
x-cache-hits: 2

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 421F 869 B
658 B 188ms
133ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2b3196f15f87ba3cb6eff45424138852ecd84bd2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ftherecord.media

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 09 May 2023 02:10:01 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 09 May 2023 02:10:02 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f452d68d08ee084d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: dcf228c90d636af7dc02ebc3600a3c7e5cdde4c7bf3f3c332851d96c376729fd
content-length: 337

GET
H2 200 hackers-using-USB-sticks.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 18 KB
5 KB 42ms
41ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/hackers-using-USB-sticks.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3afd75153fa8d3552f0bb252c229d6bcd54334313cbca6779785ffc9bc04a6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d31604a3b9f6bf20237bbb1f7750b-bac01e6883cf1b13-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000151-IAD, cache-fra-eddf8230087-FRA
server: cloudflare
etag: W/"4650-qzjgpCWj0OGXGyxWcTi4KxPXQcc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3535e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3, 1

GET
H2 200 jonathan-greig.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/author/ 9 KB
3 KB 35ms
32ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/author/jonathan-greig.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f5944075854964fc9aa08110ae2c53e590c46cc526f4cf5cc25d5b7393ccd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d31593375a4a9a4f719b77c481eb6-3265a5e9992a9a24-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200177-IAD, cache-fra-eddf8230110-FRA
server: cloudflare
etag: W/"2268-5qH6mpqWPteBIX9V6gRY30J2C/I"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3835e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 10, 1

GET
H2 200 subscribe.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 8 KB
2 KB 39ms
38ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/subscribe.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e1835f30ae821a746fe0cd7d21c3edccaa7ad62af61bf732508be16b1331c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50
traceresponse: 00-175d3debc3c231367b5aed6e1224a6f5-b7571c3a3693fb5b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-eddf8230110-FRA
server: cloudflare
etag: W/"1f1c-eSI1X5nqb1zyVNmgEH5uyUp5+/0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3935e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 800, 1

GET
H2 200 contact.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 8 KB
2 KB 43ms
41ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/contact.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b8276c283102a3e2476a2d9e353bf411fe23b78f1504a4a66a9cfb09d5f605f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50
traceresponse: 00-175d3debc3ab5946bfe2e8b1afa9ec2a-23af98bf9de4ee33-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230076-FRA
server: cloudflare
etag: W/"1f53-tBlolmFTscGH0I+aCTxoNWhfuu8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3a35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 427, 1

GET
H2 200 podcast.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 125 KB
26 KB 43ms
41ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/podcast.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db68e69f60ed2b7d9053510cbd94f3176db0be9136d321139be4e7443e8fa8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d3debc1d5425e0bb9f8c8302c7cc6-cc526400fed9194d-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200037-IAD, cache-fra-eddf8230134-FRA
server: cloudflare
etag: W/"1f3e2-h5SQ3p+HTuNT0JBwgj5/MdqyUZ0"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3b35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 402, 1

GET
H2 200 about.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 36 KB
7 KB 40ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/about.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

186f97c192e4095659b8a192ba3e0beac21b6b37b5e97e8b1963d7b788716c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50
traceresponse: 00-175d3debc300c5db8f53414651935f91-9344514d28f838db-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100123-IAD, cache-fra-eddf8230059-FRA
server: cloudflare
etag: W/"8f10-X2qDi7dRu/aus/k6hCDcDT7IL+8"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3c35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 3069, 1

GET
H2 200 technology.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/ 7 KB
2 KB 41ms
40ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/technology.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ef4e8d76f9bc70e42001ad2a045d866ac914f88d030ddd91b112882c82f3376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d317f04c189bc744e70137c0b675d-730525ae9e1c6796-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100128-IAD, cache-fra-eddf8230093-FRA
server: cloudflare
etag: W/"1c43-1UQvJXaZT7M9qBIIpFaMBzJVg4o"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3d35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 589, 1

GET
H2 200 people.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/ 7 KB
2 KB 45ms
44ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/people.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88cdef147a7a7382080c8330bbe7bcc6283b53c6170fc7024f52fb91970201c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 54
traceresponse: 00-175d3debc2bf18f6d0d55f40db05a46b-4e08a2bbfc83dfef-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100161-IAD, cache-fra-eddf8230030-FRA
server: cloudflare
etag: W/"1c2f-0fUSjMN2vzVga+UwOwosZpXHS+I"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3e35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 813, 1

GET
H2 200 nation-state.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/ 7 KB
2 KB 40ms
39ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/nation-state.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f940ed1782542d019679bcd698bfead9887a76abd06e9143f8b253fce52469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 50
traceresponse: 00-175d4052eceb9eeef25f1360d83136d4-2da4994a7f713de4-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kjyo7100130-IAD, cache-fra-eddf8230123-FRA
server: cloudflare
etag: W/"1c4c-EucHQuFohrUW9o2OcbIgKMYYJCw"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e3f35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 88, 1

GET
H2 200 cybercrime.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/ 7 KB
2 KB 35ms
34ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/cybercrime.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd413432459dc6593b964edf9e8da5deab0f269f7f34e8156c042f6c3e78fba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d31f8326d7a4a732df6657f9f30c1-3061f9479067117b-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-eddf8230110-FRA
server: cloudflare
etag: W/"1c43-wmkA2w6zPEpc+RRB2puckJH/Jrc"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675c9e4035e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2881, 1

GET
H2 200 leadership.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/ 7 KB
2 KB 58ms
57ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/news/leadership.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bdf5feaf639122c934edbcd88125339f9ce227c3250cb39b79d0689e68c73b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 10
traceresponse: 00-175d3987ae614718ff8bd4710d21b780-334a8fbf685cb3de-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kcgs7200168-IAD, cache-fra-eddf8230110-FRA
server: cloudflare
etag: W/"1c43-IB2yS3ZpG5trVWGmPtvSzFvoxYk"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675cbe4d35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 2944, 1

GET
H2 200 index.json Show response
therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/ 31 KB
10 KB 59ms
58ms Fetch
application/json 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://therecord.media/_next/data/jYn9-gKQFjl-GBAYLYyhT/index.json

Requested by

Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eec82e35d12107df1f854eaa8e54fbc6d13d257d6d5303b8af6567009030e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 16
traceresponse: 00-175d3debc280a41fe30f4a464891eb40-eafff451a3b74721-00
x-cache: HIT, HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
x-served-by: cache-iad-kiad7000105-IAD, cache-fra-eddf8230059-FRA
server: cloudflare
etag: W/"7c55-CwbJJaQRqZJp1tY88PkTAq53/Yo"
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
cf-ray: 7c46675cbe4e35e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 477, 1

GET
H2 200 64dc3ec5-330c-4652-88d3-147ee65e90ba.js Show response
j.6sc.co/j/ 4 KB
4 KB 493ms
422ms Script
application/javascript 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: XiK7k1K4G4_9UcBg2.S65sIFd54SfIcU
date: Tue, 09 May 2023 02:10:02 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 3771
pragma: no-cache
last-modified: Fri, 31 Mar 2023 18:59:38 GMT
server: AmazonS3
etag: "29e881d3528b8d3d0ef42c057d73a114"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: TQqZQ9eoC9gGexHhfH2foKPX5X8cKqrELMjsAOYO9smW9ef2PB8lKg==
expires: Tue, 09 May 2023 02:10:02 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 88ms
19ms Script
application/javascript 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: therecord.media
URL: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4585de074993b4da8a79534bcff1888de422aa3eeb91e4abe7c0717e208db0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Mar 2022 23:40:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "623bafe1-7ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9828
expires: Tue, 09 May 2023 02:10:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 01:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3902
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 09 May 2023 03:05:00 GMT

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 1 KB
1 KB 206ms
141ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1297fefccf6c837300ed29b805bed9173b2f68c0651885bbee6f66205e7c168c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 4937cb53-1b6c-4a1e-b5e9-93f255457392
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e8baa8c5-1ecb-4aad-8ba4-e550cfaf3922
last-modified: Tue, 09 May 2023 02:08:57 GMT
server: cloudflare
x-trace: 2B482425D9E431EF511186941AB2F0736CC31E7670000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5677b5b686-bvx7b
cf-ray: 7c46675d1bed3653-FRA
expires: Tue, 09 May 2023 02:11:02 GMT

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
167 B 120ms
59ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FIranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability&idsite=2&rec=1&r=510865&h=2&m=10&s=2&url=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&_id=5439bb6552d75769&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=QoSN3j&fa_pv=1&fa_fp[0][fa_vid]=T2mw3u&fa_fp[0][fa_fv]=1&pf_net=71&pf_srv=44&pf_tfr=1&pf_dm1=5&pf_dm2=557&pf_onl=2&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://therecord.media
date: Tue, 09 May 2023 02:10:02 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 50ms
26ms Script
application/javascript 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=tufIbI&url=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 5f5a71f71da8cc160ae21a8bbce2d8bf41df7673e0f2a0993b1b412bfc4354b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 image
therecord.media/_next/ 168 KB
168 KB 232ms
231ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fxiaoqiying_genesis_day_threat_actor_group_targets_south_korea_taiwan_477843c21b.png&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af15e418a854e426f6274ba5fbcea8d4d97a79d833df3cc50f92650653b4b0e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a5296884a2ce7018ae0e3e76d0-8a3ef4381781a361-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="xiaoqiying_genesis_day_threat_actor_group_targets_south_korea_taiwan_477843c21b.webp"
content-length: 171700
x-served-by: cache-iad-kcgs7200109-IAD, cache-fra-eddf8230134-FRA
server: cloudflare
etag: rxXkGKhU5Cb2J0ul+86o1Nl6edgz3zzFD5JlBlO0sOk=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7c46675d7ec135e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 145 KB
145 KB 181ms
181ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fjoker_dpr_and_the_information_war_a624380fdb.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4365c3d5820b44d4d301c209534e03461df0092405a986269876a551c3860bae

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a52700875be346adf07b1d1655-854ecb84afa11eee-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="joker_dpr_and_the_information_war_a624380fdb.webp"
content-length: 148396
x-served-by: cache-iad-kjyo7100158-IAD, cache-fra-eddf8230123-FRA
server: cloudflare
etag: Q2XD1YILRNTTAcIJU04DRh3wCSQFqYYmmHalUcOGC64=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7c46675d7ec235e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

GET
H2 200 image
therecord.media/_next/ 128 KB
129 KB 211ms
210ms Image
image/webp 2606:4700::6812:1c78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fteeing_up_redgolfs_new_operational_keyplug_infrastructure_3d1adbc690.jpg&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4237d2ee4728643a6467fc9fddbce93bb735a61a4415cdc90cf23776d137ed51

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/iranian-state-sponsored-hackers-exploiting-printer-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-175d57a528da38b94c134153281dc773-a542ea1f23c2b35f-00
x-cache: MISS, MISS
x-nextjs-cache: HIT
x-platform-processor: xgztqld4evaw2suiwyeszt2fga
content-disposition: inline; filename="teeing_up_redgolfs_new_operational_keyplug_infrastructure_3d1adbc690.webp"
content-length: 131470
x-served-by: cache-iad-kjyo7100165-IAD, cache-fra-eddf8230093-FRA
server: cloudflare
etag: QjfS7kcoZDpkZ-yf3bzpO7c1phpEFc3JDPI3dtE37VE=
x-platform-cluster: 6l7w2dvltmj6g-production-vohbr3y
vary: Accept
content-type: image/webp
cache-control: public, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: geolocation=(self "https://*.recordedfuture.com/")
accept-ranges: bytes
cf-ray: 7c46675d7ec335e7-FRA
x-platform-router: pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits: 0, 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=721585142&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&ul=en-us&de=UTF-8&dt=Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=526532417&gjid=163208060&cid=1156198149.1683598202&tid=UA-9153858-16&_gid=348997522.1683598202&_r=1&_slc=1&gtm=45He3530n81PVJ5W86&z=1150004847

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 02:10:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://therecord.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
820 B 71ms
20ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 02:10:02 GMT
AN-X-Request-Uuid: da19f9d9-1851-41b4-a4f6-dbaa49aa7f9f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 20ms
20ms XHR
text/html 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H/1.1 200
OK tweet.b81b6d7af2d75db873cff6099e4f433a.js Show response
platform.twitter.com/js/ 8 KB
3 KB 34ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2700
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/67BE)
Etag: "09ec5707a836b9e4f4427dcddd1d0c64+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame B945 345 B
918 B 34ms
33ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373

Request headers

Referer: https://therecord.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 162
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Tue, 09 May 2023 02:10:02 GMT
Etag: "d2097f657a50da1069b7639b48992214"
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 216ms
215ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A02%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK embed.runtime.232343e99e6d76cfc54c.js Show response
platform.twitter.com/embed/ Frame B945 9 KB
5 KB 35ms
35ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4270
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/6752)
Etag: "e01f8ab700f24c66fe2636ef6d898fe2+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.7796.bcf3cda3b2793b041a6f.js Show response
platform.twitter.com/embed/ Frame B945 541 KB
175 KB 70ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880661
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 178589
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/6776)
Etag: "181758f65a236af2b7df8253478be162+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.54eb639af55e6d874411.js Show response
platform.twitter.com/embed/ Frame B945 16 KB
7 KB 107ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.54eb639af55e6d874411.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6411
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/6795)
Etag: "61f75b72f1cc66571c698582adc626d8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 770 B
593 B 72ms
25ms XHR
application/json 35.156.45.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.45.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f747cdb56a6ab39c12ede219686c746531c30fecf37506b9d941baac2ea08c5

Request headers

Referer: https://therecord.media/
accept-language: de-DE,de;q=0.9
Authorization: Token edabaa1866fe08952dde1be9ff37302d63145f08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://therecord.media
access-control-allow-credentials: true
content-length: 409

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 77ms
23ms Preflight 35.156.45.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.45.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://therecord.media
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://therecord.media
access-control-max-age: 1800
date: Tue, 09 May 2023 02:10:02 GMT
server: nginx

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame B945 19 KB
7 KB 34ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/67F2)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js Show response
platform.twitter.com/embed/ Frame B945 4 KB
2 KB 34ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1519
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/6724)
Etag: "9b4625539e420d3aa9e7164c41134250+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js Show response
platform.twitter.com/embed/ Frame B945 35 KB
11 KB 31ms
31ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.9c8b1fbc0a33ae4da048.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11068
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/67F2)
Etag: "d9721c440687123317b741f7ee34aefb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=721585142&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&ul=en-us&de=UTF-8&dt=Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1156198149.1683598202&tid=UA-9153858-16&_gid=348997522.1683598202&gtm=45He3530n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=432096160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 16:28:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
820 B 21ms
20ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 02:10:02 GMT
AN-X-Request-Uuid: 1078d84a-5fbc-4eab-8f14-52d8276ea5c8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://therecord.media
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 478ms
419ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
x-amz-version-id: 1DTjZqz8w6c0vLd7dsrtWpmr4CMJx9XZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: E4HP2Q5BSGBBNFVN
x-amz-server-side-encryption: AES256
x-amz-id-2: wEEbu1BCSXYegN0688WQ5rOFav5pd2fhSGOMr26PEaDL54qASkcK/PZP2fE1bWIYFtkOQPVKmxs4+7Mca4MwmrQXBq4PUYsFRImorzG2E3k=
last-modified: Mon, 17 Apr 2023 14:55:34 GMT
server: cloudflare
etag: W/"07022bb1d6cfa926ffae0fefc0ebffb7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://securitytrails.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7c4667604f7c30e8-FRA
expires: Tue, 09 May 2023 02:15:03 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1683598200000/ 66 KB
21 KB 235ms
179ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1683598200000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29c6356ec040226586da902029e4c6a5377f0dd81c13437712b130981b7f4b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: G2FV62KHQWQZKBDX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 29
x-amz-id-2: m77OZy9rssmVABFqPDrcgnia3BtJONVz4pwFHtfsCAC/166woH4zYnXo6UQ7d0Fov6axf25PaBU=
x-evy-trace-listener: listener_https
x-request-id: 3926ac61-06b6-4940-bdc8-ce99a8a5d37f
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 13:54:49 GMT
server: cloudflare
etag: W/"a8ffb135c199fd3cb8ba80e2195f5835"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-4zgs6
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7c4667603f9e1b93-FRA
expires: Tue, 09 May 2023 02:15:03 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
88 KB 96ms
40ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82

Request headers

Referer: https://therecord.media/
Origin: https://therecord.media
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-encoding: br
age: 61481
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js&cfRay=7c408a5b68473678-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b2585633e816f12e4b5de8663cf46c30"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js
date: Tue, 09 May 2023 02:10:02 GMT
x-amz-version-id: gY.ddbQs4Pt.3p8HNDwQjbxkSRA75npf
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4b911648-7968-4386-a868-1409b63acdb9
last-modified: Mon, 08 May 2023 08:57:34 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-httbh
cf-ray: 7c4667603a15364d-FRA
x-amz-cf-id: m19YYDXUlxBnQxVhAdfBkgLseq7nQjArz-ix6DRmc87wydMJZgl5Mw==

GET
H/1.1 200
OK embed.5644.a53236fb4061481eff44.js Show response
platform.twitter.com/embed/ Frame B945 275 KB
85 KB 34ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.5644.a53236fb4061481eff44.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 86309
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/67A8)
Etag: "fffbc835ce5ea74b50841277f004ec87+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js Show response
platform.twitter.com/embed/ Frame B945 82 KB
19 KB 35ms
35ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.fc3eba2dbbfef0df6508.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.232343e99e6d76cfc54c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1654610012457648129&lang=en&origin=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&sessionId=2b3196f15f87ba3cb6eff45424138852ecd84bd2&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Tue, 09 May 2023 02:10:02 GMT
Content-Encoding: gzip
Age: 880662
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 19182
Last-Modified: Fri, 28 Apr 2023 20:58:50 GMT
Server: ECS (frb/67BA)
Etag: "78eb335064b247abbd726915a1908ad4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame B945 1 KB
1 KB 294ms
171ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1654610012457648129&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.bcf3cda3b2793b041a6f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

01bd761e2e87caf2c223919c75b6a7c63d3c0a5c1d700e5d3a60a1c90114fa9f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 02:10:03 GMT
strict-transport-security: max-age=631138519
x-powered-by: Express
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ
x-xss-protection: 0
x-response-time: 129
server: tsa_f
etag: W/"434-WwplNiF46g5ECgNIvhQsF+Js5y8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 500781a722e9dd1b
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: dbeef521782634b76fb9f3dfcbae78b08592e9c771ec2d66f297344ccfba0b2f
x-frame-options: SAMEORIGIN
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 202ms
137ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&t=Iranian+state-sponsored+hackers+exploiting+printer+vulnerability&cts=1683598203105&vi=dacbc7a969fce24e19d693fbca249b5a&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9dda4661-3752-4da7-910b-00cef22c2e54
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e815e58-8fad-48d3-9212-63c2cf6559b3
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iq40HAhluY48Cz2yZVoWmw%2BccV1MDxc2880WCK4wAw6vyVBmHf%2BJsT0HKFmqLCox2UTldA%2FoLUxKJedXiZFIXIqjZPDICscg6Q9BYQ4oGola%2BaA39I3OZi5EsTojJCjkmgmSErl%2FVCLbxjsNKpi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-r7kqt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c466761da019bbf-FRA
x-robots-tag: none

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame B945 43 B
149 B 128ms
127ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1683598203292%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221654610012457648129%22%5D%2C%22item_details%22%3A%7B%221654610012457648129%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 09 May 2023 02:10:02 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 09 May 2023 02:10:03 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 6a1824c100df9117
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: dcf228c90d636af7dc02ebc3600a3c7e5cdde4c7bf3f3c332851d96c376729fd
content-length: 43

GET
H2 200 a2naHzbe_normal.png
pbs.twimg.com/profile_images/1268200269277351936/ Frame B945 769 B
1 KB 84ms
20ms Image
image/png 2a04:4e42:8e::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1268200269277351936/a2naHzbe_normal.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff5ec5d1ad5a45da4b7984e8fe29e8fed999915f4abab760aafa9ede76694347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 09 May 2023 02:10:03 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 769
x-served-by: cache-lhr7354-LHR, cache-fra-etou8220036-FRA, cache-tw-ZZZ1
last-modified: Wed, 03 Jun 2020 15:16:00 GMT
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
x-transaction-id: aab329e3e316669d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 269ms
198ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=dacbc7a969fce24e19d693fbca249b5a&__hstc=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&__hssc=156209188.1.1683598203103&currentUrl=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d245e699bf8643f0ebfe0ea2117b8a44584fe60596125947bfa78626b1e867f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c2de0962-83e1-4b9d-9eb8-0231ece06721
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 66
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a35a0cbf-0c67-47f9-9454-e6788f3249a6
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://therecord.media
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV0iRb650BHgk%2FK9z1lZdXF%2B8I1Et%2FuTe%2B85IHIqMGgHLIFYE9z%2F7kxOzkE3%2BHtSW5k1d0RBIz5Sh048GhJXecUulguL4mTaOanfBdKPhz2kMDAzYPxh6%2BunFvfH%2B5tMRAj458oKqpCRkyO5rDFe"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7c466763bfb630ed-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-7kd2v

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 216ms
215ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A02%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame B945 43 B
95 B 140ms
139ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1683598203488%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22856813858445c%3A1682708899865%22%2C%22item_ids%22%3A%5B%221654610012457648129%22%5D%2C%22item_details%22%3A%7B%221654610012457648129%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A927.6000022888184%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 116
date: Tue, 09 May 2023 02:10:02 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 09 May 2023 02:10:03 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: bea3c7cc44bed310
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: dcf228c90d636af7dc02ebc3600a3c7e5cdde4c7bf3f3c332851d96c376729fd
content-length: 43

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
440 B 147ms
146ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=609496040&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&t=Iranian+state-sponsored+hackers+exploiting+printer+vulnerability&cts=1683598203676&vi=dacbc7a969fce24e19d693fbca249b5a&nc=true&u=156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1&b=156209188.1.1683598203103&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 27cd026f-2d63-49d7-bc0d-c04906ce43dc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2ccccde7-0595-405e-9cac-731a3833a1e0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgJeZZxZ1zzaWcQMfNWJZBw93HloPrFUtq3uW75se%2Bl8V38nULmye%2B66ggafHEaogL3uknnEETGmY5T5UPlxUw2I9lDAKNdI6SECRGioqvJZaT%2BhVGB%2F1p9OzEVxBb9wsjpqHrNyKmbxkMgSC%2FMe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-mkbm5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c4667650c5d9bbf-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 219ms
208ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 83 KB
85 KB 165ms
47ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphone-cd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-99167145604,P-252628,FLS-ALL
age: 991569
x-amz-request-id: G9G42AJZ7WKQ333Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphone-cd1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "f5c3d1b581a50e5c3637310137a43f0e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1674144065940
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 09 May 2023 02:10:04 GMT
strict-transport-security: max-age=31536000
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=229013
x-cache: RefreshHit from cloudfront
cache-tag: F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85082
x-amz-id-2: gK3A+ttn8cbmMmlo+E5H8ONg9maqfNARqhuMh9BybN7OMnemc8PG0E/z/SVwcHbeUzNpFds8buZpxrkGNvfLRCU/08FrTNfP
last-modified: Thu, 19 Jan 2023 16:01:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hGcT4j14Sw7el3K%2FwfkS4X4w%2BuShwmuWI6X9NbEugnG%2BbpG72bz0ELzt%2FaShrLZulWZbAW%2BMsM6%2BjyWwm7jPaMnQCnQpPe0pZdYTAN8k4rs9svPlxHeuEKVBSZgI%2BtlRqlOJaIkc40i2SJKfjsj24P%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7c46676bfde19195-FRA
x-amz-cf-id: VWUq_LCNpb6kVVuJOVQyFjZIsdsS9Y-hceRpcor0nASiQtsluik7pA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 208ms
208ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A04%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 216ms
215ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A05%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 216ms
216ms Image
image/gif 2.16.187.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&session=b9171943-eb16-4ea0-8cd1-6cc927d3bfdb&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2009%20May%202023%2002%3A10%3A06%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20based%20in%20Iran%20are%20exploiting%20a%20recently-discovered%20vulnerability%20affecting%20a%20popular%20printing%20management%20software%2C%20according%20to%20new%20research.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Iranian%20state-sponsored%20hackers%20exploiting%20printer%20vulnerability%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Firanian-state-sponsored-hackers-exploiting-printer-vulnerability&pageViewId=fa9093fb-a251-47b1-89fa-9a59e8a0a357&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-88.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://therecord.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:10:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.therecord.media/	1970-01-20 21:05:53	Name: _pk_id.2.de70 Value: 5439bb6552d75769.1683598202.
.therecord.media/	1970-01-20 11:40:00	Name: _pk_ses.2.de70 Value: 1
.therecord.media/	1970-01-20 21:15:58	Name: _ga Value: GA1.2.1156198149.1683598202
.therecord.media/	1970-01-20 11:41:24	Name: _gid Value: GA1.2.348997522.1683598202
.therecord.media/	1970-01-20 11:39:58	Name: _gat_UA-9153858-16 Value: 1
therecord.media/	1970-01-20 11:50:03	Name: _an_uid Value: 0
therecord.media/	1970-01-20 21:15:58	Name: _gd_visitor Value: 84ad9ffe-3b8b-4125-8eff-665a1c36fc67
therecord.media/	1970-01-20 11:40:12	Name: _gd_session Value: b9171943-eb16-4ea0-8cd1-6cc927d3bfdb
.6sc.co/	1970-01-20 21:15:58	Name: 6suuid Value: 54bb1002323601007aab5964fa020000263c0b00
.hubspot.com/	1970-01-20 11:40:00	Name: __cf_bm Value: uiHU0TthxmK1mcHtSvDUqDIf7IPZa3Z9xPFfzFt0nLQ-1683598203-0-AUjrOr35PF1paUJRMjcrlzr78x48IvfBEd023fDoJuMdMGMbE8oaaqXnZlNpKiJqDo2Ruh77yyehliXLYOkabkk=
.therecord.media/	1970-01-20 15:59:10	Name: __hstc Value: 156209188.dacbc7a969fce24e19d693fbca249b5a.1683598203103.1683598203103.1683598203103.1
.therecord.media/	1970-01-20 15:59:10	Name: hubspotutk Value: dacbc7a969fce24e19d693fbca249b5a
.therecord.media/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.therecord.media/	1970-01-20 11:40:00	Name: __hssc Value: 156209188.1.1683598203103
.go.recordedfuture.com/	1970-01-20 11:40:00	Name: __cf_bm Value: .81hMbyd_qMRw4ecOrsNM8StiRb9ZkivMxgifdXnUwY-1683598204-0-ARF2AbggqJa0b05J4SWwhL6OcQUifaVGDbX4ZdsL2ol6Xjy+n7+EvKk4lDfqOmL6KNjvIXYrEDC8Fa8XwQATcyA=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 659928ca4477158624127d71678439aa0fd544d7-1683598204

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.matomo.cloud
cdn.syndication.twimg.com
cms.therecord.media
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
pbs.twimg.com
platform.twitter.com
recordedfuture.matomo.cloud
secure.adnxs.com
syndication.twitter.com
therecord.media
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.recordedfuture.com
104.18.6.66
104.244.42.8
18.157.122.248
2.16.187.88
2600:9000:224a:3800:c:7d55:b3c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67fe
2606:4700::6810:88ce
2606:4700::6811:806e
2606:4700::6812:19c4
2606:4700::6812:1c78
2606:4700::6812:853b
2606:4700::6813:9b53
2a00:1450:4001:806::2008
2a00:1450:4001:82a::200e
2a04:4e42:8e::159
35.156.45.170
37.252.171.85
01bd761e2e87caf2c223919c75b6a7c63d3c0a5c1d700e5d3a60a1c90114fa9f
0210bd6ee99e269e85fd4f173d0be67c0fb1aac30d467c581a8842d5fc751ca9
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
0553a78140562483e924790d3da300d14f862bc3b619ab3d7d9039eaadcae24c
07e1835f30ae821a746fe0cd7d21c3edccaa7ad62af61bf732508be16b1331c0
0b8276c283102a3e2476a2d9e353bf411fe23b78f1504a4a66a9cfb09d5f605f
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
1297fefccf6c837300ed29b805bed9173b2f68c0651885bbee6f66205e7c168c
161b931b202a933401abe5bd9744f50e4d77da48c34cc2af63c8f919f3878683
186f97c192e4095659b8a192ba3e0beac21b6b37b5e97e8b1963d7b788716c2d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eec82e35d12107df1f854eaa8e54fbc6d13d257d6d5303b8af6567009030e17
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2bdf5feaf639122c934edbcd88125339f9ce227c3250cb39b79d0689e68c73b6
2cc55f87a88132c7ff74f0e7681cee8a8f760be0f62c3e0b55d7ce2b02318b39
2ebe3f2ea3aec31e4502dbd0c26c8c020ec580ac688fb78a0be8e3f9bb3666ce
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3afd75153fa8d3552f0bb252c229d6bcd54334313cbca6779785ffc9bc04a6ab
3ef4e8d76f9bc70e42001ad2a045d866ac914f88d030ddd91b112882c82f3376
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4237d2ee4728643a6467fc9fddbce93bb735a61a4415cdc90cf23776d137ed51
4365c3d5820b44d4d301c209534e03461df0092405a986269876a551c3860bae
4585de074993b4da8a79534bcff1888de422aa3eeb91e4abe7c0717e208db0ea
462df041fa84cefbb1ba08c7550716caf6776d6387769a20ba3fbc92413fec7b
46f5944075854964fc9aa08110ae2c53e590c46cc526f4cf5cc25d5b7393ccd2
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
557712ae8239db68f6f218b721ac84aa00343b6bb016437e2e933d627845b0b1
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92
5f5a71f71da8cc160ae21a8bbce2d8bf41df7673e0f2a0993b1b412bfc4354b1
616143ec97209e1d948cd14dee4c1a02cb3f6241376637a3c4146d8c2b66f76e
629f47993f4df7ac5f42fe99cbc70a342ed2295ff278f7cbeb2af1a4edf8f87a
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
75ef329dcdc3a24cb69b9057b00d785e7ce58c751f55aed75205871c3c62809a
78f940ed1782542d019679bcd698bfead9887a76abd06e9143f8b253fce52469
7988b9de461445792d01a5920d592020b5c2bcdbdf1e6449bc3100df4014f373
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76
821e8c616a4a3ed93b1d335bb9e60cc1bd40335c83928965e94e7f60a17812ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8db68e69f60ed2b7d9053510cbd94f3176db0be9136d321139be4e7443e8fa8c
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8f747cdb56a6ab39c12ede219686c746531c30fecf37506b9d941baac2ea08c5
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68
93117b370d28507683c247323081934f33992aa7883ae826cec73e5574d38a10
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a502e91ab570efdd432119394b1f764aea253d13c4fbb51475c712904af8f4fc
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af15e418a854e426f6274ba5fbcea8d4d97a79d833df3cc50f92650653b4b0e9
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b3f620974953cc0b262c64779ff823d35cf7af59962411c5fa8e580d24f6d025
c4b10ed347c36c1d47de16c97b3b7f9734838486e6e9eb380252ba3737284f15
c88cdef147a7a7382080c8330bbe7bcc6283b53c6170fc7024f52fb91970201c
cc59e76acc0d203257697ec7fc1004799bccc89817c15c4b58b2f2c110b76034
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfa1de18b0f6898a42fa2d616926f2eebd6c76cebe780c5d1b51bfdcbcf2942e
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80
d245e699bf8643f0ebfe0ea2117b8a44584fe60596125947bfa78626b1e867f3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e29c6356ec040226586da902029e4c6a5377f0dd81c13437712b130981b7f4b3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e462bff299dcf3d0e319045b9b4d79cd70615adb8be2af3be5ba9f6c1700d7ab
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
fd413432459dc6593b964edf9e8da5deab0f269f7f34e8156c042f6c3e78fba4
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff5ec5d1ad5a45da4b7984e8fe29e8fed999915f4abab760aafa9ede76694347

therecord.media Open in urlscan Pro 2606:4700::6812:1c78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

68 %IPv6

15 Domains

23 Subdomains

20 IPs

3 Countries

2700 kBTransfer

6887 kBSize

16 Cookies

21 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

therecord.media Open in urlscan Pro
2606:4700::6812:1c78 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

23
Subdomains

20
IPs

3
Countries

2700 kB
Transfer

6887 kB
Size

16
Cookies

86 HTTP transactions
1 data transactions