www.recordedfuture.com Open in urlscan Pro
104.18.7.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Submission: On November 21 via api (November 21st 2022, 11:15:24 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 26 domains to perform 123 HTTP transactions. The main IP is 104.18.7.66, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.recordedfuture.com. The Cisco Umbrella rank of the primary domain is 715637.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 2nd 2022. Valid for: a year.

This is the only time www.recordedfuture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	104.18.7.66 104.18.7.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.66.216 151.101.66.216	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:8600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.123 13.224.189.123	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	18.195.235.189 18.195.235.189	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
11	184.24.7.242 184.24.7.242	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:350... 2a02:26f0:3500:890::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	52.22.1.175 52.22.1.175	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	54.231.138.218 54.231.138.218	() ()
123	36

32 104.18.7.66 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.216 (United States)

ASN54113 (FASTLY, US)

cms.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:8600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-123.fra2.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com

recordedfuture.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 184.24.7.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-7-242.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:890::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.1.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-1-175.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.138.218 (None, )

ASN- ()

qualified-production.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	recordedfuture.com www.recordedfuture.com — Cisco Umbrella Rank: 715637 cms.recordedfuture.com — Cisco Umbrella Rank: 695836 go.recordedfuture.com — Cisco Umbrella Rank: 408173	2 MB
12	qualified.com js.qualified.com — Cisco Umbrella Rank: 26596 app.qualified.com — Cisco Umbrella Rank: 27171 assets.qualified.com — Cisco Umbrella Rank: 28573	1 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 6507 c.6sc.co — Cisco Umbrella Rank: 9776 ipv6.6sc.co — Cisco Umbrella Rank: 6923 b.6sc.co — Cisco Umbrella Rank: 4655	15 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 ssl.google-analytics.com — Cisco Umbrella Rank: 285 region1.google-analytics.com — Cisco Umbrella Rank: 2536	81 KB
6	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 21788 recordedfuture.matomo.cloud — Cisco Umbrella Rank: 608104	127 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5922	934 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	934 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	318 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 355 www.linkedin.com — Cisco Umbrella Rank: 576 px4.ads.linkedin.com — Cisco Umbrella Rank: 6256	3 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2248 forms.hubspot.com — Cisco Umbrella Rank: 3126	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409	374 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
1	amazonaws.com qualified-production.s3.us-east-1.amazonaws.com	3 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 300	407 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 426	712 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 528	395 B
1	t.co t.co — Cisco Umbrella Rank: 475	376 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304	88 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 603	15 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2144	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2157	16 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4126	88 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 716	5 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2230	898 B
123	26

	Domain	Requested by
32	www.recordedfuture.com	www.recordedfuture.com
10	cms.recordedfuture.com	www.recordedfuture.com assets.qualified.com
9	b.6sc.co	www.recordedfuture.com
8	assets.qualified.com	www.recordedfuture.com app.qualified.com assets.qualified.com
5	www.google.de	www.recordedfuture.com
5	www.google.com	www.recordedfuture.com
5	www.googletagmanager.com	www.recordedfuture.com www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	recordedfuture.matomo.cloud	cdn.matomo.cloud
3	googleads.g.doubleclick.net	www.googletagmanager.com
2	track.hubspot.com
2	app.qualified.com	js.qualified.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	www.recordedfuture.com
2	js.qualified.com	www.googletagmanager.com www.recordedfuture.com
2	ssl.google-analytics.com	www.recordedfuture.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	cdn.matomo.cloud	www.recordedfuture.com
2	connect.facebook.net	www.recordedfuture.com connect.facebook.net
1	qualified-production.s3.us-east-1.amazonaws.com
1	go.recordedfuture.com
1	forms.hubspot.com	js.hsleadflows.net
1	sentry.io	assets.qualified.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	analytics.twitter.com	www.recordedfuture.com
1	t.co	www.recordedfuture.com
1	j.6sc.co	www.recordedfuture.com
1	ajax.googleapis.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.recordedfuture.com
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	snap.licdn.com	www.recordedfuture.com
1	js.hs-scripts.com	www.recordedfuture.com
123	40

This site contains links to these domains. Also see Links.

Domain
therecord.media
app.recordedfuture.com
go.recordedfuture.com
krebsonsecurity.com
www.nbcnews.com
www.zdnet.com
www.euronews.com
www.wsj.com
www.reuters.com
www.washingtonpost.com
www.bankinfosecurity.com
www.interfax.ru
www.justice.gov
arstechnica.com
www.rnbo.gov.ua
www.wired.com
www.trade.gov
data2.unhcr.org
www.youtube.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.recordedfuture.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-03-05`	a year	crt.sh
cms.recordedfuture.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.matomo.cloud Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.matomo.cloud Amazon	`2022-07-21` - `2023-08-19`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
app.qualified.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Frame ID: 036837C5BE4C63A10EBADD2987E1AC49
Requests: 110 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 55CD7E9E5022EBD6A2924BA8227989F8
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Frame ID: E04BEF9534E87FE21E0CC937DF806E53
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Russian Invasion of Ukraine and Sanctions Portend Rise in Card Fraud | Recorded Future

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

98 %
HTTPS

64 %
IPv6

26
Domains

40
Subdomains

36
IPs

4
Countries

4274 kB
Transfer

10034 kB
Size

45
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://therecord.media/?__hstc=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&__hssc=57501621.1.1669072517723&__hsfp=1059085154
Title: The Record

Search URL Search Domain Scan URL

URL: https://therecord.media/podcast/?__hstc=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&__hssc=57501621.1.1669072517723&__hsfp=1059085154
Title: Click Here Podcast

Search URL Search Domain Scan URL

URL: https://app.recordedfuture.com/live/login/
Title: Login

Search URL Search Domain Scan URL

URL: https://go.recordedfuture.com/demo
Title: Get a demo

Search URL Search Domain Scan URL

URL: https://therecord.media/fsb-raids-revil-ransomware-gang-members/?__hstc=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&__hssc=57501621.1.1669072517723&__hsfp=1059085154
Title: arrest of several REvil members

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2022/02/russian-govt-continues-carding-shop-crackdown/
Title: closure of several carding marketplaces

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/tech/internet/russia-nearly-isolated-online-mean-internets-future-rcna19389
Title: Lumen and Cogent to curtail operations in Russia

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/breaking-russias-internet-backbone/
Title: increase bandwidth congestion

Search URL Search Domain Scan URL

URL: https://www.euronews.com/next/2022/03/15/demand-for-vpns-in-russia-skyrockets-by-2-000-after-the-kremlin-bans-instagram
Title: sharp rise in Russian VPN use

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/major-freight-forwarders-suspend-russia-services-11646333994
Title: announced

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/finance/eu-excludes-seven-russian-banks-swift-official-journal-2022-03-02/
Title: and

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/exclusive-ecb-tells-banks-watch-all-russian-clients-widening-sanctions-net-2022-03-15/
Title: heightened monitoring

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/business/2022/03/08/ruble-dollar-exchange-barred/
Title: currency controls implemented

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/blogs/russias-cybercrime-rule-reminder-never-hack-russians-p-2888
Title: generally pursued a policy

Search URL Search Domain Scan URL

URL: https://www.interfax.ru/russia/826585
Title: Vladimir Putin stating that the government would not prosecute “economic crimes”

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/three-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyberattacks-and
Title: US Department of Justice

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/world/europe/russia-ransomware-cyber-crime/2021/06/11/e159e486-c88f-11eb-8708-64991f2acf28_story.html
Title: widespread suspicion

Search URL Search Domain Scan URL

URL: https://arstechnica.com/information-technology/2022/03/leaked-ransomware-documents-show-conti-helping-putin-from-the-shadows/
Title: Conti leaks

Search URL Search Domain Scan URL

URL: https://therecord.media/from-the-front-lines-of-the-first-real-cyberwar/?__hstc=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&__hssc=57501621.1.1669072517723&__hsfp=1059085154
Title: information provided to The Record

Search URL Search Domain Scan URL

URL: https://www.rnbo.gov.ua/
Title: National Security and Defense Council

Search URL Search Domain Scan URL

URL: https://www.wired.com/story/russian-techies-exodus-ukraine/
Title: 70,000 and 100,000 IT specialists

Search URL Search Domain Scan URL

URL: https://www.trade.gov/country-commercial-guides/russia-information-communication-technology
Title: 5-7% of the 1.3 million people

Search URL Search Domain Scan URL

URL: https://data2.unhcr.org/en/situations/ukraine
Title: 4.8 million refugees to leave Ukraine

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/russia-approves-first-step-towards-nationalising-assets-firms-that-leave-ruling-2022-03-09/
Title: potential nationalization of foreign companies’ property

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/RecordedFuture

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RecordedFuture

Search URL Search Domain Scan URL

URL: https://twitter.com/RecordedFuture

Search URL Search Domain Scan URL

URL: https://www.instagram.com/recordedfuture/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1669072515590%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%252Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=true&e_ipv6=AQKRLg-Lwr1PqQAAAYSceXXKd8JYz-OkgbWUcCeFlYiRKhOIbVjmlBJBBr4eNNEKYmY3kbiC

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud Show response
www.recordedfuture.com/ 115 KB
30 KB 497ms
463ms Document
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0e42642b6205245dc5c27dcec2921761d8d3e2dbbaa05690c7c4e0b98bdba619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: s-maxage=60, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76dd204fdf979043-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 21 Nov 2022 23:15:14 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
traceresponse: 00-1729bc9bee47e8324dda68d8a7d4860e-da8644a265becbd6-00
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4 i-72f68d9e5fc844fb8d11227fc18ff9f4
x-powered-by: Next.js
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 brand_logo_long_black_f2ead5b5c6.svg
cms.recordedfuture.com/uploads/ 4 KB
2 KB 109ms
88ms Image
image/svg+xml 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/brand_logo_long_black_f2ead5b5c6.svg?w=1920

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d0ca87959e23cb77cff2f1d7fe2337ecc770de12b1d20762373321d7d287183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
age: 0
traceresponse: 00-1726e878966814e0bf3a7708f2c6ced4-863cdcb7150a1d15-00
x-cache: HIT
content-length: 1262
x-served-by: cache-hhn4043-HHN
last-modified: Thu, 10 Mar 2022 10:37:46 GMT
etag: W/"6229d4fa-eab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
expires: Sat, 12 Nov 2022 18:10:16 GMT

GET
H2 200 fonts.css
www.recordedfuture.com/fonts/ 873 B
473 B 215ms
214ms Stylesheet
text/css 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/fonts/fonts.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bf162c4ea46c13d096a81bc878e36ab1cc96a63ad8f674f58e25789103b5ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
cf-cache-status: MISS
content-encoding: gzip
traceresponse: 00-1729bc9c022cb148fe490927e81a09f4-d64fac00f86450fc-00
x-cache: MISS
x-served-by: cache-hhn4070-HHN
last-modified: Thu, 17 Nov 2022 13:50:11 GMT
server: cloudflare
etag: W/"369-18485daaa38"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2052cad69043-FRA
x-cache-hits: 0

GET
H2 200 66271ce5138af309.css
www.recordedfuture.com/_next/static/css/ 38 KB
9 KB 32ms
31ms Stylesheet
text/css 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fa3907aff9be258d0ef019819517fe310d0db66b44174243cbfd9ab465207a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish
cf-cache-status: HIT
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
age: 4458
traceresponse: 00-1728646effb1c5246701292378262d6e-f69bc924c5b640dd-00
cf-polished: origSize=38695
content-encoding: gzip
x-cache: HIT
x-served-by: cache-fra-eddf8230082-FRA
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 13:57:42 GMT
server: cloudflare
etag: W/"9727-18485e18c37"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2052cad89043-FRA
x-cache-hits: 1

GET
H2 200 56b29f51d4caa783.css
www.recordedfuture.com/_next/static/css/ 11 KB
4 KB 33ms
32ms Stylesheet
text/css 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/css/56b29f51d4caa783.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc7a8ba51e3065036d8411d4b6e668198d5686ae5c48c41cc01f30c69ce1874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish
cf-cache-status: HIT
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
age: 4458
traceresponse: 00-17239aae5737a11317bf039be68a6e3c-166a135b3cfec968-00
cf-polished: origSize=11230
content-encoding: gzip
x-cache: HIT
x-served-by: cache-fra-eddf8230127-FRA
cf-bgj: minify
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"2bde-183406de2f8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2052cad99043-FRA
x-cache-hits: 1

GET
H2 200 252628.js Show response
js.hs-scripts.com/ 1 KB
898 B 427ms
407ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/252628.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa0e7b178595acc10affd564ee3e9d16ae106fa4d092bc580940392577d10b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 21 Nov 2022 23:10:05 GMT
server: cloudflare
x-hubspot-correlation-id: bf958ea0-c7d4-4de8-8d19-af167ecc33de
x-trace: 2B940BEC0A9C4A8FB3576EF7A7B7E26820D3CB92EF000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 76dd20531dcfbbcd-FRA
expires: Mon, 21 Nov 2022 23:16:15 GMT

GET
H2 200 webpack-5752944655d749a0.js Show response
www.recordedfuture.com/_next/static/chunks/ 2 KB
1 KB 33ms
24ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/webpack-5752944655d749a0.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-17235f45d0c719ccec5f960eac99e776-43c8020d2615bad4-00
x-cache: HIT
content-length: 840
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"673-183406de2e1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b129043-FRA
x-cache-hits: 1

GET
H2 200 framework-5f4595e5518b5600.js Show response
www.recordedfuture.com/_next/static/chunks/ 127 KB
41 KB 52ms
43ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-1725ca8fb7fe08054db3109d1f858bf8-e4e64d61ec772944-00
x-cache: HIT
content-length: 42154
x-served-by: cache-hhn4053-HHN
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"1fbbb-183406de1e0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b139043-FRA
x-cache-hits: 1

GET
H2 200 main-d977f1d2acb21ba7.js Show response
www.recordedfuture.com/_next/static/chunks/ 101 KB
28 KB 50ms
42ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c6a05bd0d89aa91521b0ebe9a14e367f6c41ebd64f585fbee07ba3a2124e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-1721293531836dc956be3c59a3b5bb44-b560c765a91b1010-00
x-cache: HIT
content-length: 28865
x-served-by: cache-fra-eddf8230026-FRA
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"193e5-183406de1ef"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b149043-FRA
x-cache-hits: 1

GET
H2 200 _app-d4660eb98af9b854.js Show response
www.recordedfuture.com/_next/static/chunks/pages/ 108 KB
35 KB 49ms
40ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/pages/_app-d4660eb98af9b854.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51edcb4f1d86f3d1074c1e6480c74eae2326a0a9f4787a67f5f043d752f45337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-17257c758a89d0906e036a2e99101e1f-cdea76cc7646ead5-00
x-cache: HIT
content-length: 35473
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"1b1ff-183406de224"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b179043-FRA
x-cache-hits: 1

GET
H2 200 355-b17464093f7d6aa1.js Show response
www.recordedfuture.com/_next/static/chunks/ 252 KB
76 KB 37ms
28ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/355-b17464093f7d6aa1.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b78540e3cc57340baea67144731066f483683ed3ddd83c67001ac122eec56c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-172806f0926a0117ebc40d5ed308fbc6-76e213ff5ba2bb23-00
x-cache: HIT
content-length: 77972
x-served-by: cache-hhn4075-HHN
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"3f026-183406de1be"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b1a9043-FRA
x-cache-hits: 1

GET
H2 200 266-a8d0f53ab855552c.js Show response
www.recordedfuture.com/_next/static/chunks/ 46 KB
13 KB 50ms
41ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/266-a8d0f53ab855552c.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

121e814eee3afd7958f7162e87ed7105a926db0b78ae29cd520a96b82e007f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-172363f94bcd8a1d8787fbdafb14c3ed-9c36faf198817aec-00
x-cache: HIT
content-length: 13622
x-served-by: cache-fra-eddf8230101-FRA
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"b8f3-183406de1ae"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b1c9043-FRA
x-cache-hits: 1

GET
H2 200 629-1f37c9285ae76721.js Show response
www.recordedfuture.com/_next/static/chunks/ 46 KB
12 KB 50ms
42ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/629-1f37c9285ae76721.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56d41f1db3891321e8dd447f1b30902d33bdf40f4a32c6498825cf7608012e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-17286432e19b7b079b1d65ff4f0752b4-ae6a3d6ba78d4eb4-00
x-cache: HIT
content-length: 12189
x-served-by: cache-hhn4024-HHN
last-modified: Thu, 17 Nov 2022 13:57:41 GMT
server: cloudflare
etag: W/"b711-18485e18b54"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b1d9043-FRA
x-cache-hits: 1

GET
H2 200 %5B%5B...slug%5D%5D-b11711cc6ba3d4b2.js Show response
www.recordedfuture.com/_next/static/chunks/pages/ 94 KB
18 KB 35ms
26ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-b11711cc6ba3d4b2.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b415488d203e87802982cfe3dc4e8cec9efcec6cee2954daeba27e4ef45d2b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4458
traceresponse: 00-172864c079c254b543c4a303651ec323-0dcc136bae902f1b-00
x-cache: HIT
content-length: 18334
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Thu, 17 Nov 2022 13:57:41 GMT
server: cloudflare
etag: W/"177f4-18485e18b8e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20530b1e9043-FRA
x-cache-hits: 1

GET
H2 200 _buildManifest.js Show response
www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/ 851 B
642 B 49ms
41ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/_buildManifest.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb7a29f417d6a4d6847d3618968d0d5fce0ea2472aaa9bf2f390f66b778055b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
cf-cache-status: HIT
age: 4458
traceresponse: 00-172887b522806b47a6eb4242aa60ef25-0f3f6f555b22ca2b-00
content-encoding: gzip
x-cache: HIT
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 17 Nov 2022 13:57:41 GMT
server: cloudflare
etag: W/"353-18485e18afa"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd20530b1f9043-FRA
x-cache-hits: 1

GET
H2 200 _ssgManifest.js Show response
www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/ 99 B
326 B 48ms
41ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/_ssgManifest.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
cf-cache-status: HIT
age: 4458
traceresponse: 00-17286432fe0d11165b9ca039aeee8cf9-a627e0eaa0b1d663-00
content-encoding: gzip
x-cache: HIT
x-served-by: cache-fra-eddf8230031-FRA
last-modified: Thu, 17 Nov 2022 13:57:41 GMT
server: cloudflare
etag: W/"63-18485e18b19"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd20530b209043-FRA
x-cache-hits: 1

GET
H2 200 _middlewareManifest.js Show response
www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/ 92 B
227 B 50ms
43ms Script
application/javascript 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/02pkxgl8PPNFDg5_w4XRf/_middlewareManifest.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
cf-cache-status: HIT
age: 4458
traceresponse: 00-1728648622d1970fc466310dec610d1b-b7581b5c1f38401c-00
content-encoding: gzip
x-cache: HIT
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 17 Nov 2022 13:57:41 GMT
server: cloudflare
etag: W/"5c-18485e18b08"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd20531b329043-FRA
x-cache-hits: 1

GET
H2 200 insikt_logo_blog_bc7d178f60.png
cms.recordedfuture.com/uploads/ 3 KB
3 KB 87ms
80ms Image
image/png 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/insikt_logo_blog_bc7d178f60.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

173f53c497a9c57ab13b1d1743662bc1fa02ebee595aed072c915ed912f4084b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 08:35:39 GMT
date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
age: 0
traceresponse: 00-17298c565172f85cfc56257d7a1c3e16-acfeb5053df814e2-00
x-cache: HIT
fastly-io-info: ifsz=3112 idim=300x48 ifmt=png ofsz=3112 odim=300x48 ofmt=png
fastly-stats: io=1
content-length: 3112
fastly-io-warning: Failed to shrink image
x-served-by: cache-hhn4043-HHN
etag: "Rd3A8+89szyIpFZP2BYHH0ovj8AJNlm0V6OHNQ9LyPU"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_1_c1b32884d7.png
cms.recordedfuture.com/uploads/ 111 KB
111 KB 831ms
827ms Image
image/png 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_1_c1b32884d7.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2824a1d605c04becc72dcf74b915d6867d7bba2ce2cd74abf81e8951eaaec7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 23:20:15 GMT
date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
age: 0
traceresponse: 00-1729bc9c10f997eec18cbdf0600c7d83-575a3a21507b3a56-00
x-cache: MISS
fastly-io-info: ifsz=113670 idim=985x750 ifmt=png ofsz=113670 odim=985x750 ofmt=png
fastly-stats: io=1
content-length: 113670
fastly-io-warning: Failed to shrink image
x-served-by: cache-hhn4043-HHN
etag: "tD/84jMcmvHEhONFHqCN60QQYOsrV5S4aw/isTUUDL8"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
fastly-transform-stats: tus=108663 cr=1.00
x-cache-hits: 0

GET
H2 200 russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_2_5a593dac25.png
cms.recordedfuture.com/uploads/ 86 KB
87 KB 645ms
640ms Image
image/png 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_2_5a593dac25.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35ec79a2e623e921c37323cd2f2f40690771bad8511831f49af9f396b504a6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 23:20:15 GMT
date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
age: 0
traceresponse: 00-1729bc9c0c4ccc4c30c4997ab810acc6-18994ce5b645695f-00
x-cache: MISS
fastly-io-info: ifsz=88367 idim=1000x870 ifmt=png ofsz=88367 odim=1000x870 ofmt=png
fastly-stats: io=1
content-length: 88367
fastly-io-warning: Failed to shrink image
x-served-by: cache-hhn4043-HHN
etag: "xa0r296YnGSphKAyIlJyn+qEUAAX9nnjLYoX4DymJGk"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
fastly-transform-stats: tus=99622 cr=1.00
x-cache-hits: 0

GET
H2 200 russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_3_4_1024x660_2e26063369.jpg
cms.recordedfuture.com/uploads/ 111 KB
111 KB 732ms
728ms Image
image/jpeg 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_3_4_1024x660_2e26063369.jpg

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

74e9959fd5a06749bda6f0339e81373dcd1ee1ede424b2848bc5c8b1b8cfec4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 23:20:15 GMT
date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
age: 0
traceresponse: 00-1729bc9c10cf0bcb4ce88a42b1c950b9-043419b0eba56f20-00
x-cache: MISS
fastly-io-info: ifsz=113426 idim=1024x660 ifmt=jpeg ofsz=113426 odim=1024x660 ofmt=jpeg
fastly-stats: io=1
content-length: 113426
fastly-io-warning: Failed to shrink image
x-served-by: cache-hhn4043-HHN
etag: "hPgwjKDPwI8GM0v0rlTFhxk6jlOYynGWplpZQ9eHIS4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
fastly-transform-stats: tus=13240 cr=1.00
x-cache-hits: 0

GET
H2 200 russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_5_1024x877_8987a72f50.png
cms.recordedfuture.com/uploads/ 408 KB
409 KB 996ms
993ms Image
image/png 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_fig_5_1024x877_8987a72f50.png

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aac89ab8c300548f4e4d36c0bf64ca5e5e5e17e339843c6295aecffbd89d956f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 23:20:15 GMT
date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
age: 0
traceresponse: 00-1729bc9c10df61442f34c01ca6e97dfd-a4bd3d445726968b-00
x-cache: MISS
fastly-io-info: ifsz=425211 idim=1024x877 ifmt=png ofsz=418021 odim=1024x877 ofmt=png
fastly-stats: io=1
content-length: 418021
x-served-by: cache-hhn4043-HHN
etag: "T30H8fUGxC6QUHaT6tGLsbI9WtdwGom09xCPZGZxp08"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
fastly-transform-stats: tus=145491 cr=1.02
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495d4afe192ab4d5f4a550a952f4c54e9aac52f1b502772b594770db983995c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Inter-Regular.86422bf3.ttf
www.recordedfuture.com/_next/static/media/ 303 KB
144 KB 48ms
46ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/media/Inter-Regular.86422bf3.ttf

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4457
traceresponse: 00-17257fbed09e91e0252cbc198b10af30-8e95b957f0df304e-00
x-cache: HIT
content-length: 147167
x-served-by: cache-hhn4083-HHN
last-modified: Thu, 15 Sep 2022 09:14:47 GMT
server: cloudflare
etag: W/"4ba44-183406de374"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b429043-FRA
x-cache-hits: 1

GET
H2 200 Inter-Bold.0b1aaf81.ttf
www.recordedfuture.com/_next/static/media/ 309 KB
154 KB 45ms
43ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/media/Inter-Bold.0b1aaf81.ttf

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4457
traceresponse: 00-17239a0059288917fd9e1b143d2a50c8-3ba3f68bf3efd874-00
x-cache: HIT
content-length: 157388
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"4d2c4-183406de333"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b449043-FRA
x-cache-hits: 1

GET
H2 200 icomoon.ttf
www.recordedfuture.com/icons/fonts/ 5 KB
3 KB 230ms
228ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/icons/fonts/icomoon.ttf?j8daoh

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1bffb95aa906bfc9cfdc78a26496ba5b627521e1c9ee09edcf1cd7464405905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-content-type-options: nosniff
cf-cache-status: MISS
traceresponse: 00-1729bc9c05d9f4ed0f62cf33e18cf56c-04a3818003880b7a-00
x-cache: MISS
content-length: 3149
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Thu, 17 Nov 2022 13:50:11 GMT
server: cloudflare
etag: W/"152c-18485daaa38"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b469043-FRA
x-cache-hits: 0

GET
H2 200 Inter-SemiBold.ebaf29e9.ttf
www.recordedfuture.com/_next/static/media/ 308 KB
153 KB 35ms
33ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/media/Inter-SemiBold.ebaf29e9.ttf

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4457
traceresponse: 00-1721253a66e1381b7e0224df630a10b2-052833be3f632481-00
x-cache: HIT
content-length: 156755
x-served-by: cache-hhn4061-HHN
last-modified: Thu, 15 Sep 2022 09:14:47 GMT
server: cloudflare
etag: W/"4d16c-183406de38e"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b479043-FRA
x-cache-hits: 1

GET
H2 200 Inter-ExtraBold.d19caa02.ttf
www.recordedfuture.com/_next/static/media/ 309 KB
154 KB 35ms
34ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/media/Inter-ExtraBold.d19caa02.ttf

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4457
traceresponse: 00-172123595ae8c1675509730527011734-8579abd4feb89deb-00
x-cache: HIT
content-length: 157010
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"4d52c-183406de347"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b499043-FRA
x-cache-hits: 1

GET
H2 200 Inter-Medium.6ee661b3.ttf
www.recordedfuture.com/_next/static/media/ 307 KB
152 KB 35ms
34ms Font
font/ttf 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/media/Inter-Medium.6ee661b3.ttf

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/_next/static/css/66271ce5138af309.css
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3202
traceresponse: 00-1725874a1619b27d9f9b847de28c68ef-effd4cf6fde864f0-00
x-cache: HIT
content-length: 155503
x-served-by: cache-fra-eddf8230032-FRA
last-modified: Thu, 15 Sep 2022 09:14:47 GMT
server: cloudflare
etag: W/"4cd58-183406de362"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd20532b4a9043-FRA
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 42ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 21 Nov 2022 23:15:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VWts6ZfoRV7+w6HCwVbCvcJNfCnLs1ICkHP4CDX0SD9pTv/+JG4o9gkFIkzlU61DxaPXVA2Y4RChip2FGGqtnA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 278 KB
89 KB 145ms
48ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5768a88bf1ea0b2494bb74d88ee0273b10d1a785a59f929454f3fdd43821487b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90591
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 216ms
121ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9871f6d82bb90b28ac2625b45484a89eff6c71c160c32ab93fbbcc6223c40197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44701
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 198 KB
58 KB 33ms
9ms Script
application/javascript 2600:9000:223f:8600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e64eda59a1c2536d3ea595cfb6bf8efff98957f13c01cf2cf5707b7d2ffd523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:05:27 GMT
x-amz-version-id: 7Iod4X3mS7SmO.Y3BHKg1lMsUB7q4a4o
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 22:01:32 GMT
server: AmazonS3
etag: W/"68e452a57db35118c39f5187498f8cf5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: A3AmP70hvVVhlcnDCs6KzI197klrQ0TTHpa5BnwsPx6qFfO3hhWKAA==

GET
H2 200 container_nbhoRDM8.js Show response
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 238 KB
69 KB 47ms
24ms Script
application/javascript 2600:9000:223f:8600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_nbhoRDM8.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09a795f3f46833b83de9e9eb6adc8dfb60b132b392cb0329b231f628d54fda44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:06:20 GMT
x-amz-version-id: 34cMj_323Vb4YO9o.XFNw1FVVAO0lDC2
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 18536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 31 Oct 2022 23:36:55 GMT
server: AmazonS3
etag: W/"6e98d8e13b15593826d0dd2aa6c146c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: QYcjzi8JHFOGoZrDGy0sZ7oLWTSb78KlbgZdzptK5URpz8IqbrP5Ew==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 49ms
7ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=36300
accept-ranges: bytes
content-length: 4581

GET
H2 200 resources Show response
cms.recordedfuture.com/api/ 14 KB
15 KB 38ms
10ms XHR
application/json 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.recordedfuture.com/api/resources?populate[0]=cardImage&populate[1]=cardImage.desktop&populate[2]=cardImage.mobile&populate[3]=cardImage.tablet&populate[4]=countryTags&populate[5]=downloadResource&populate[6]=downloadResource.type&populate[7]=eventResource&populate[8]=eventResource.type&populate[9]=industryTags&populate[10]=integrationResource&populate[11]=integrationResource.tags&populate[12]=newsAndResearchResource&populate[13]=newsAndResearchResource.researchPreviewImage&populate[14]=newsAndResearchResource.researchPreviewImageDesktop&populate[15]=newsAndResearchResource.researchPreviewImageMobile&populate[16]=newsAndResearchResource.researchPreviewImageTablet&populate[17]=newsAndResearchResource.type&populate[18]=page&populate[19]=productTags&populate[20]=threatTags&populate[21]=topicTags&filters[$or][0][downloadResource][type][key][$in]=&filters[$or][1][eventResource][type][key][$in]=&filters[$or][2][newsAndResearchResource][type][key][$in][0]=blog&pagination%5BpageSize%5D=4&pagination%5Bpage%5D=1&sort%5B0%5D=eventResource.startDate%3Aasc&sort%5B1%5D=publishedAt%3Adesc

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/355-b17464093f7d6aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Strapi <strapi.io>

Resource Hash

b970ae91596f4ec96c46c054e9e9a8556691e666b58b9b90ae6d0dc8bad93ff0

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date: Mon, 21 Nov 2022 23:15:15 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
x-permitted-cross-domain-policies: none
via: 1.1 varnish
traceresponse: 00-1729bba8651cb31137ae5c199a42eb95-05d5e31da5606755-00
x-powered-by: Strapi <strapi.io>
age: 1047
x-dns-prefetch-control: off
x-cache: HIT
content-length: 14787
x-served-by: cache-hhn4063-HHN
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
x-debug-info: eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_c4a64c8a06.jpg
cms.recordedfuture.com/uploads/ 156 KB
157 KB 835ms
834ms Image
image/jpeg 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/russian_invasion_of_ukraine_and_sanctions_portend_rise_in_card_fraud_c4a64c8a06.jpg?w=1920

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23a03c911ed25ed3f83e874333d3fa1b3b4992097085f966bc5c65956c62f089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Mon, 21 Nov 2022 23:20:15 GMT
date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-bac7380798664d7697b0cf11d33520e7, i-bac7380798664d7697b0cf11d33520e7
age: 0
traceresponse: 00-1729bc9c2abb651c5a8eb686b89c1b97-93139e2655bc2276-00
x-cache: MISS
fastly-io-info: ifsz=160078 idim=1920x440 ifmt=jpeg ofsz=160078 odim=1920x440 ofmt=jpeg
fastly-stats: io=1
content-length: 160078
fastly-io-warning: Failed to shrink image
x-served-by: cache-hhn4043-HHN
etag: "lZMMHrwEAu0gZXgNsCZT+Ei3xGK2S9DE49RJdyJvVR0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
fastly-transform-stats: tus=17719 cr=1.00
x-cache-hits: 0

GET
H2 404 predict.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 872ms
851ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/predict.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

8a32f586e32ae58cbe333e96ba3efa4d59f30001a58fa93d74a574a60860527f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2b509a9f0d6487141860327e-10f52eeb12210a6c-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230068-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdef9043-FRA
x-cache-hits: 0

GET
H2 404 careers.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 485ms
464ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/careers.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

7f02ade5567959a5353c345fefffa6feca3712b25e94e08562dd365407393ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c19ce2fe702a0b8d9316665ca-8b818750c169aac2-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230104-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdf09043-FRA
x-cache-hits: 0

GET
H2 200 contact.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 43 KB
9 KB 484ms
463ms Fetch
application/json 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/contact.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03fdc46e5ca4bc37b7ca096141db38521162e085713499fe253c7fd60f5b51b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2b3325ac8bee12070c6d2e65-4708095b2ef05ec5-00
x-cache: MISS
content-length: 8731
x-served-by: cache-fra-eddf8230088-FRA
server: cloudflare
etag: "ad8f-9LtmB/DSmkIvrghbek3qxqMRDyA"
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd2055bdf19043-FRA
x-cache-hits: 0

GET
H2 404 en.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/ 53 KB
10 KB 392ms
375ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

cb73f2f86050c86501187167d5ede61a0711c2b59a7ffae94d208583ea2b12e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c19bf4cec3f63372205ee4b40-a72ccf8d9201da5d-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230090-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdf29043-FRA
x-cache-hits: 0

GET
H2 404 platform.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 692ms
675ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/platform.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

bd8a03dc370a8c071f37c1c1523feffbb874dfcae22db8a9f24c6110028d2ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c263350a9c3928db4d6e2a45f-0147d658ac203e2b-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230024-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdf39043-FRA
x-cache-hits: 0

GET
H2 404 russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 667ms
651ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0defc1d53646c16e153850cf9d1cfca909bdde173fafd18f671df65bda377a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c25e4769545a28d605fd13200-b3c14a1b525be8ff-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230133-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdf59043-FRA
x-cache-hits: 0

GET
H2 200 research.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 110 KB
15 KB 586ms
572ms Fetch
application/json 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/research.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a5060eedbd8425b1dd121296fc4636c9abedf74efdae4d9eb37fcfd2150801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2b69b2cee4693e7f16241f2c-eb42662b35e37263-00
x-cache: MISS
content-length: 15618
x-served-by: cache-fra-eddf8230134-FRA
server: cloudflare
etag: "1b615-X90XjbxK8aBqxaIGDV1SqTULav4"
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd2055bdf79043-FRA
x-cache-hits: 0

GET
H2 404 resources.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 881ms
867ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/resources.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

962a7bf9f4a4d210303ae595a896fe4e861e27782d6055740dfe275e525013ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2b92395a4872a2ca89a46d84-238b00947141544d-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230132-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdf89043-FRA
x-cache-hits: 0

GET
H2 200 client-success.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/services-support/ 38 KB
8 KB 461ms
447ms Fetch
application/json 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/services-support/client-success.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b62e4c5c44e765dc45ebaa626d4bd7ecbe9bbaa4691549adc5978be5ce1faa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2bcfcae930fd7f2d98af984c-be8880b198351e69-00
x-cache: MISS
content-length: 7588
x-served-by: cache-fra-eddf8230094-FRA
server: cloudflare
etag: "9938-ovnV+4LFnFTIZldwl0n6Xb1bqcQ"
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=60, stale-while-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 76dd2055bdf99043-FRA
x-cache-hits: 0

GET
H2 404 company.json Show response
www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/ 53 KB
10 KB 778ms
765ms Fetch
text/html 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/company.json

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

a99487f0cfc6034aa4b950ec577aaac79ebb30ed0dc0d83c880c08ed167e471d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
age: 0
traceresponse: 00-1729bc9c2b6afe0b028349b0fd9d5ffd-0cd5090e7747f625-00
x-powered-by: Next.js
content-encoding: gzip
x-cache: MISS
x-served-by: cache-fra-eddf8230097-FRA
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd2055bdfa9043-FRA
x-cache-hits: 0

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 115ms
32ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05da620e7bac78cd141e1a7f7005bf9e1eaf93837514ff265d5efd9fdda7ee11

Request headers

Referer: https://www.recordedfuture.com/
Origin: https://www.recordedfuture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
x-amz-version-id: WdFozKBx4SUx.lzBGe8mkR8wgVUrEMev
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 24567
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js&cfRay=76dac88a8ccfbb8c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Nov 2022 02:20:30 UTC
server: cloudflare
etag: W/"74fae7dd863591ed0e85827bc178f500"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 76dd2056cc26bb89-FRA
x-amz-cf-id: 45iRJtXLTXhufFKs1f_zf8fX3WxIk5KWl4oRUVyu_IcF4f6gmYEQ8g==
x-hs-target-asset: lead-flows-js/static-1.1120/bundle/main/lead-flows-release.js

GET
H2 200 252628.js Show response
js.hs-banner.com/ 60 KB
16 KB 486ms
406ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8d7c0a33f3c73fabdcdbcf0929580f0d9070a4a419d37804c99dcf50367da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
x-amz-version-id: Ew8ew4QbAJKbDQxZ02JtMgMih03a82Hz
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: W4DC3S0Q30144XYS
x-amz-server-side-encryption: AES256
x-amz-id-2: f7PizZR9UOghIJIL+rje6FG392AJkkNweuB6YxsZxBic21ppXSOLdtGBW26ExDdcyo8gu6+7q+I=
last-modified: Tue, 25 Oct 2022 19:53:28 GMT
server: cloudflare
etag: W/"daa1efcd777f23cd67800159397a5860"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://go.recordedfuture.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 76dd2056ca16bb32-FRA
expires: Mon, 21 Nov 2022 23:20:15 GMT

GET
H2 200 252628.js Show response
js.hs-analytics.net/analytics/1669072500000/ 64 KB
20 KB 230ms
150ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1669072500000/252628.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8219d88c86522ac67a92507e2a5501ffc1518505fe52a658d6f74abdaa0974a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 0S7X05CKQ5RG4EGT
x-amz-server-side-encryption: AES256
x-amz-id-2: YVXTERcYv4yIBeAlA6wHzjpUd03I7oFWdl1CVk29amYDaIJiiN8NSagHO5jfXUm32eG+Q1zowTk=
last-modified: Fri, 04 Nov 2022 20:22:33 GMT
server: cloudflare
etag: W/"93ce41bda1e656d36cb8fceb249d7815"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 76dd2056ca3b6940-FRA
expires: Mon, 21 Nov 2022 23:20:15 GMT

GET
H2 200 194163687656043 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 25ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/194163687656043?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de5a7cee0e2529379efef472ad3872b9c80d3b1d85b084bebd0e9fa5afcdfac0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 21 Nov 2022 23:15:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86070
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VLOglVX5yFy4KeEs6CNcyaRFmaLMhsqtodJl0tq/y2NTxzSBEB3ivbvmNtO1nErJSJYjl6Oc/ry/IcK7mZRVAA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/26800/domain/recordedfuture.com/ 36 B
374 B 16ms
7ms XHR
application/json 13.224.189.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/26800/domain/recordedfuture.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-123.fra2.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 21 Nov 2022 23:01:06 GMT
content-encoding: gzip
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 849
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: BEvTZoiZP65ZcziCneT8dnmPMydeItb7vsEjSS2Gp_wGVEyKeQbE0Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26800%26time%3D1669072515590%26url%3Dhttps%253A%252F%252Fwww.recordedfuture.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=t...

0
264 B

232ms
176ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=true&e_ipv6=AQKRLg-Lwr1PqQAAAYSceXXKd8JYz-OkgbWUcCeFlYiRKhOIbVjmlBJBBr4eNNEKYmY3kbiC
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1255392853E6451FB4C6E4529E27287A Ref B: FRAEDGE1222 Ref C: 2022-11-21T23:15:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuAzp4Q/kMzaXPBumjWQ==

Redirect headers

date: Mon, 21 Nov 2022 23:15:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DBE409000E1F45B6A2A37FD8786BD3D7 Ref B: FRAEDGE1118 Ref C: 2022-11-21T23:15:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26800&time=1669072515590&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&liSync=true&e_ipv6=AQKRLg-Lwr1PqQAAAYSceXXKd8JYz-OkgbWUcCeFlYiRKhOIbVjmlBJBBr4eNNEKYmY3kbiC
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuAzpz3kIsBzL+V1n9bw==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/26800/domain/recordedfuture.com/ Frame 0
0 46ms
8ms Preflight 13.224.189.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/26800/domain/recordedfuture.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-123.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.recordedfuture.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 62525
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 21 Nov 2022 05:53:10 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id: qFSGp1bqU4Ia8wAGPbU8SJYaBoxMJtDD_W0w2gee96Gy8X79JjLSsw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
173 B 142ms
90ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=www.recordedfuture.com%2FRussian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&idsite=1&rec=1&r=094429&h=23&m=15&s=15&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&_id=99609a1bf940cf34&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=w1UDx8&pf_net=35&pf_srv=463&pf_tfr=4&pf_dm1=40&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.recordedfuture.com
date: Mon, 21 Nov 2022 23:15:15 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 60ms
18ms Script
application/javascript 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=ZAB6Cf&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 981e304a52d464351bda430da0310afa6b759bda76f6e27e1b18d974107ebbd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 65ms
6ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230046-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 183ms
34ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 21:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7161
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 21 Nov 2022 23:15:54 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 169ms
37ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 21:51:04 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5051
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 21 Nov 2022 23:51:04 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 161ms
37ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:19:19 GMT
x-content-type-options: nosniff
age: 3356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:19:19 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 30 KB
10 KB 69ms
10ms Script
application/javascript 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

aca17711b2bcab8335b7bd9c2880033b2aa69a0e9f33ce2e1a507dbb0f9cade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 20:55:46 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63360652-7700"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 9869
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H2 200 qualified.js Show response
js.qualified.com/ 248 KB
72 KB 119ms
19ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=Nx83j34ob1DXpWn5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eee031793efec7655713571561bc3d896a5d13b27ac34b4a72807012dd3257f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: gzip
via: 1.1 spaces-router (e13668ca8eb7)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 16141
x-xss-protection: 1; mode=block
x-request-id: 03a2c397-9d35-7913-3f09-8dbc946f69ec
x-runtime: 0.017551
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3eee031793efec7655713571561bc3d8"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76dd20583f569013-FRA
expires: Tue, 22 Nov 2022 03:15:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 165ms
68ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9153858-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1c09735b82fee1a6f401a29136a9e7ebe585d0b1d98cfcc08c1fcb2af9ecd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 166ms
69ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-539N74N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40f073b05eea04900a8af9205fdc6dc01825f19259b8458a20fcc470a30ee5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69749
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 72ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=194163687656043&ev=PageView&dl=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&rl=&if=false&ts=1669072515813&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669072515807.554856987&it=1669072515562&coo=false&exp=c0&rqm=GET

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 21 Nov 2022 23:15:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 91ms
78ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHTMF48BZH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1098469ae9726717ac93bf7a48a36ee5199c8747f6541bc435888a233cb4cdfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Nov 2022 23:15:15 GMT

GET
H2 200 configs.php Show response
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
290 B 86ms
7ms Script
application/javascript 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=0Ee3P4&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 80e86ff9258d3afe55e2fac83df328cc68024e1e21cc548d1c30279d7a4d5471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 adsct
t.co/i/ 43 B
376 B 290ms
107ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ae667266-cd63-4be6-8ff0-83513422e51e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=905bb20a-4e87-4289-9023-5a9a6c01f1af&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv0r6&type=javascript&version=2.3.29

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 102
date: Mon, 21 Nov 2022 23:15:15 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 27eda1e7c9d1c811
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aed21454510ad048c465da809a4a78b0b45a91e6417192316b5e1c6ee8240b04
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 293ms
110ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ae667266-cd63-4be6-8ff0-83513422e51e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=905bb20a-4e87-4289-9023-5a9a6c01f1af&tw_document_href=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv0r6&type=javascript&version=2.3.29

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 21 Nov 2022 23:15:16 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8ede36e6255b6714
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 532bd1892b670031d6fcc27358d8f89aef9c85951f0c88529809b9598e7b6c41
content-length: 43

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 209ms
82ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1754171413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&ul=en-us&de=UTF-8&dt=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAACAAI~&jid=597656043&gjid=808420086&cid=1392345956.1669072516&tid=UA-9153858-2&_gid=816936433.1669072516&_r=1&gtm=2wgb90539N74N&z=506910879

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 110 KB
43 KB 197ms
85ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MV8X7B7&t=gtag_UA_9153858_2&cid=1392345956.1669072516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86b41eb769c0712dc63c5856614778d0c0b2b558fba99b9e475f1eb6ce6737e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44060
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Nov 2022 23:15:16 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 193ms
65ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1780854909&utmhn=www.recordedfuture.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&utmhid=1754171413&utmr=-&utmp=%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&utmht=1669072516226&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D93161374.1392345956.1669072516.1669072516.1669072516.1%3B%2B__utmz%3D93161374.1669072516.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=6001048&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAABAAAE~

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
712 B 101ms
14ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Nov 2022 23:15:16 GMT
AN-X-Request-Uuid: ef1ce710-2c3d-4024-97a6-3778f35e5aa4
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.recordedfuture.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
207 B 88ms
5ms XHR
text/html 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-7-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.recordedfuture.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
260 B 92ms
0ms XHR
text/html 2a02:26f0:3500:890::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:890::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.recordedfuture.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::7e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Mon, 21 Nov 2022 23:15:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/ 2 KB
1 KB 172ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/?random=1669072516466&cv=11&fst=1669072516466&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&auid=1837948799.1669072516&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d23df38c6addca2226a155962fff6ed150cb8fb2d3d62562c1edf2dc7f18493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 71ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=597656043&gjid=808420086&_gid=816936433.1669072516&_u=YEBAAEACQAAAACAAI~&z=1652181219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/ 2 KB
1 KB 138ms
85ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/?random=1669072516552&cv=11&fst=1669072516552&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&auid=1837948799.1669072516&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de33cd468058032ddf5d3272dafd0bd12eb8f4d5833322c8a1851888ec270128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/ 2 KB
2 KB 106ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003136084/?random=1669072516561&cv=11&fst=1669072516561&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&auid=1837948799.1669072516&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1003136084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd94ee9f6ffce70785eafb1a09da52a4f63eeebddf1ff05827cd7b9e5e6b3ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 170ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHTMF48BZH&gtm=2oeb90&_p=1754171413&cid=1392345956.1669072516&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669072516&sct=1&seg=0&dl=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&dt=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHTMF48BZH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 matomo.php
recordedfuture.matomo.cloud/ 0
173 B 57ms
52ms Ping
text/plain 18.195.235.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recordedfuture.matomo.cloud/matomo.php?action_name=www.recordedfuture.com%2FRussian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&idsite=1&rec=1&r=561948&h=23&m=15&s=15&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&_id=99609a1bf940cf34&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=BlGl8G&pf_net=35&pf_srv=463&pf_tfr=4&pf_dm1=40&uadata=%7B%22brands%22%3A%5B%5D%2C%22platform%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.recordedfuture.com
date: Mon, 21 Nov 2022 23:15:16 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 291ms
257ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A16%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 285ms
256ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A7e%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 55CD 0
18 B 57ms
27ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.recordedfuture.com
Referer: https://www.recordedfuture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.recordedfuture.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 23:15:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 218ms
79ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=597656043&_u=YEBAAEACQAAAACAAI~&z=1849913207

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 221ms
81ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=597656043&_u=YEBAAEACQAAAACAAI~&z=1849913207

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003136084/ 42 B
548 B 203ms
75ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003136084/?random=1669072516561&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dform_submit&fmt=3&is_vtc=1&random=1157548727&rmt_tld=0&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003136084/ 42 B
154 B 210ms
82ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003136084/?random=1669072516561&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dform_submit&fmt=3&is_vtc=1&random=1157548727&rmt_tld=1&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003136084/ 42 B
108 B 206ms
81ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003136084/?random=1669072516466&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3991378913&rmt_tld=0&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003136084/ 42 B
108 B 209ms
83ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003136084/?random=1669072516466&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3991378913&rmt_tld=1&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003136084/ 42 B
108 B 115ms
79ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003136084/?random=1669072516552&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dform_start&fmt=3&is_vtc=1&random=4293615360&rmt_tld=0&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003136084/ 42 B
108 B 78ms
78ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003136084/?random=1669072516552&cv=11&fst=1669071600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&tiba=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&data=event%3Dform_start&fmt=3&is_vtc=1&random=4293615360&rmt_tld=1&ipr=y

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
69ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1754171413&t=pageview&_s=1&dl=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&ul=en-us&de=UTF-8&dt=Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=93161374.1392345956.1669072516.1669072516.1669072516.1&_utmz=93161374.1669072516.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1669072516751&_u=aGDCAUADQAAAACAAI~&jid=1485153644&gjid=924625948&cid=1392345956.1669072516&tid=UA-9153858-2&_gid=816936433.1669072516&_r=1&gtm=2oub90&z=515724667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56b29f51d4caa783.css Show response
www.recordedfuture.com/_next/static/css/ 11 KB
4 KB 41ms
35ms Fetch
text/css 104.18.7.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recordedfuture.com/_next/static/css/56b29f51d4caa783.css

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.7.66 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc7a8ba51e3065036d8411d4b6e668198d5686ae5c48c41cc01f30c69ce1874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish
cf-cache-status: HIT
x-platform-server: i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options: nosniff
age: 4459
traceresponse: 00-17239aae5737a11317bf039be68a6e3c-166a135b3cfec968-00
cf-polished: origSize=11230
content-encoding: gzip
x-cache: HIT
x-served-by: cache-fra-eddf8230127-FRA
cf-bgj: minify
last-modified: Thu, 15 Sep 2022 09:14:46 GMT
server: cloudflare
etag: W/"2bde-183406de2f8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 76dd205e3ee29043-FRA
x-cache-hits: 1

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 128ms
76ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=1485153644&gjid=924625948&_gid=816936433.1669072516&_u=aGDCAUADQAAAACAAI~&z=509721060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recordedfuture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 21 Nov 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recordedfuture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/Nx83j34ob1DXpWn5/ Frame E04B 5 KB
2 KB 361ms
127ms Document
text/html 52.22.1.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=Nx83j34ob1DXpWn5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.22.1.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-1-175.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2633873cf20bca38c85333a00436a4fdec4e91e89590e037cb774ebc5e6e1c63

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recordedfuture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1558
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Nov 2022 23:15:17 GMT
Etag: W/"2633873cf20bca38c85333a00436a4fd"
Link: <https://assets.qualified.com/packs/css/6-dec0a4bb.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-c9f10185.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (e13668ca8eb7)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 3f02fa40-135e-1d2d-0efc-02d937a195dd
X-Runtime: 0.017401
X-Xss-Protection: 1; mode=block

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 143ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=1485153644&_u=aGDCAUADQAAAACAAI~&z=489631592

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 141ms
49ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-9153858-2&cid=1392345956.1669072516&jid=1485153644&_u=aGDCAUADQAAAACAAI~&z=489631592

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 23:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6-dec0a4bb.chunk.css
assets.qualified.com/packs/css/ Frame E04B 35 KB
7 KB 23ms
23ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/6-dec0a4bb.chunk.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a07ba6298a82984a8c4fe8b19c118b16c7fdeb8e60519738e6c91e02f496fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: LRDb_sj_AwFgyAsE31oC_Gj4L6ZMYHIX
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:16:23 GMT
server: cloudflare
x-amz-request-id: GPNX7K0A438EHT4E
age: 3408
etag: W/"02e82a000181a6edf9321b244dc6ce82"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 76dd20617ae59013-FRA
x-amz-id-2: fVXj3dWFaE44iPjDX3l4KYYVI0F3sT7R+TkRAqrlmO/bbj4BMVAywfgWaEn2eyAxr7+VSAGopp8=
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H2 200 messenger-c9f10185.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame E04B 5 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-c9f10185.chunk.css
Requested by: Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: 6HqBHD8q3LEXSNxavdRtPoYA7mH7vlGX
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:16:23 GMT
server: cloudflare
x-amz-request-id: GPNXN89ZKRJ6VYQW
age: 3398
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 76dd20617ae69013-FRA
x-amz-id-2: NGsDCoz1MqAvx+XCA9GorZnr4p+GkLXfPVxxSi0GgUOaOI0UA4RASmb8zLkBqAFLlimuk+Xvook=
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H2 200 messenger~runtime-fb01f856cb6ca5ebf70f.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame E04B 2 KB
1 KB 25ms
22ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-fb01f856cb6ca5ebf70f.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc745f6bf802a416e299034e247b0ec3ce6545deaedbfce6323d572c916af5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: FiGw7lBeGg.KBi.1Gb2m7GnycxYwHUfI
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 01:08:38 GMT
server: cloudflare
x-amz-request-id: G62DFRCY0MX3Y8H7
age: 7136
etag: W/"f7512496d66aedd3da587253cf1566ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 76dd20618af99013-FRA
x-amz-id-2: GnWDRIiLvVkcg2KR525g2EdPGFap8Z13donkULbvFSCI80qD7aTwnrGCdmvNVcGdJsbIvEtizt8=
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H2 200 6-2a542d025a8d77058e71.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/ Frame E04B 1 MB
409 KB 33ms
30ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/6-2a542d025a8d77058e71.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc94ddda518bbc9dd8cb6a8c84e274cfc3723704de9155235b8bad2b3ff352fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: 354nXnxYRqZjgkzm01D37vvFlmBa_w6O
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 01:08:38 GMT
server: cloudflare
x-amz-request-id: G5XQGDRWTMX9NGJ4
age: 7011
etag: W/"335d13ae7a0c4a0b30b952fd85214da5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 76dd20618afc9013-FRA
x-amz-id-2: ci70K8eO9QGjB4THznVPJg5qJVyZRMg4d3AL/VBPTDWmAUhIUazxmBt/4tDp+bC+Bm5nm9+8W88=
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H2 200 messenger-5d0d51e7db68c686788b.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame E04B 655 KB
154 KB 60ms
59ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-5d0d51e7db68c686788b.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f02684969297bf0c03199dfc801446cf9dcea5e1a533fe105199aca96ed1313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: 6MWjZf2m2HawfjPMNVyBK0Vr2C_hMyuL
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:16:30 GMT
server: cloudflare
x-amz-request-id: GPNSQXJM5PTZM4Z2
age: 3415
etag: W/"f81889e87db40546f5181f47984cdd50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 76dd20619b199013-FRA
x-amz-id-2: uiEzc4Ep8FLfT5L5BZH1nsBXJJYj6dhgif54pZls1/1OKveEIvLQ+MekKmhG1JI94b7DEZM42/Q=
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E04B 97 KB
97 KB 95ms
55ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: .XKosrKvaIbSC3QrNAexxw0a3kgaC8fP
cf-cache-status: HIT
x-amz-request-id: 06PVNNKEW5N5K4K1
age: 5439344
content-length: 98868
x-amz-id-2: cFY+2S9HVlPnLUaVn3VTBEPGk+80qu4FmIuRwkFRWthb9D8qYM9WIbQmI73MirbIQNdS/HBK2xY=
last-modified: Tue, 20 Sep 2022 00:17:43 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 76dd2061cdcb90a3-FRA
expires: Wed, 22 Nov 2023 05:15:17 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E04B 103 KB
104 KB 78ms
39ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/Nx83j34ob1DXpWn5/messenger?uuid=8f2b92aa-15f2-4951-8059-8767dc6769f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-amz-version-id: nJnuwm4azXwKcjC6X9Kp5fi_4AKiM930
cf-cache-status: HIT
x-amz-request-id: V7C0RTJ0ATZA61X2
age: 5439423
content-length: 105804
x-amz-id-2: xftwMYT67fA2eeabquhU/+fZClfYhj//+Tg85Cu7G1EnkGv3yuUfQf4R/J6wMDP1d7yMFvtFT2M=
last-modified: Tue, 20 Sep 2022 00:17:43 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 76dd2061cdcd90a3-FRA
expires: Wed, 22 Nov 2023 05:15:17 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 249ms
248ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A16%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%221008%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1332833/envelope/ Frame E04B 2 B
407 B 485ms
115ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/6-2a542d025a8d77058e71.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 21 Nov 2022 23:15:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://app.qualified.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
898 B 195ms
143ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1059085154&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pu=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&t=Russian+Invasion+of+Ukraine+and+Sanctions+Portend+Rise+in+Card+Fraud+%7C+Recorded+Future&cts=1669072517727&vi=f6c990beaaf05801bf2527a50e96c4fb&nc=true&u=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&b=57501621.1.1669072517723&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 26bdc08f-5c10-42e1-aa03-f1479afe25d8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBePn05RyZuKcf%2FFnujhsmRs4s6BQJK1TeE1P62CTNKNTJ7G8IKWMSf19y5%2F4YtdRDLSQ9CKXJPVyryDA7sykyeqM2nlwR2E%2BIqkZaSaDiNPsar0NRCKYaaPZyOu4%2BgIc2s%2BeVeARiFMC4XYbUu%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76dd206438c09bc8-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 245ms
167ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=f6c990beaaf05801bf2527a50e96c4fb&__hstc=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&__hssc=57501621.1.1669072517723&currentUrl=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6d77d9ff390581ade27d11c69ac5583da913859a1c17579cf3ecf4207bf3703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 17effb90-40a8-481d-98a5-a18f7a2b06d3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.recordedfuture.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfBRG%2FpJOkRFkRXXuGwwF%2Bo7p0aHy3qyS8bXZZrXw3R5BwusHgrqlqr88%2BaxH%2B0CGbJ5p7rfqanrotLO8P2Y%2F2gpeISNqyT1eMSYrY6XRDTr%2F1hExk1GGd4spuuNywU3wy0a0ELO6pcacKdcQY4C"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 76dd20649c5490ef-FRA

GET
H2 200 qualified.js Show response
js.qualified.com/ 248 KB
72 KB 39ms
38ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=Nx83j34ob1DXpWn5

Requested by

Host: www.recordedfuture.com
URL: https://www.recordedfuture.com/_next/static/chunks/main-d977f1d2acb21ba7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eee031793efec7655713571561bc3d896a5d13b27ac34b4a72807012dd3257f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:17 GMT
content-encoding: gzip
via: 1.1 spaces-router (e13668ca8eb7)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 16143
x-xss-protection: 1; mode=block
x-request-id: 03a2c397-9d35-7913-3f09-8dbc946f69ec
x-runtime: 0.017551
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3eee031793efec7655713571561bc3d8"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76dd20642dd49013-FRA
expires: Tue, 22 Nov 2022 03:15:17 GMT

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
681 B 186ms
143ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=e887dce6-7b34-4ba5-9eac-4d2ca9a2983c&lfi=2694383&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1059085154&v=1.1&a=252628&rcu=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pu=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&t=Russian+Invasion+of+Ukraine+and+Sanctions+Portend+Rise+in+Card+Fraud+%7C+Recorded+Future&cts=1669072518032&vi=f6c990beaaf05801bf2527a50e96c4fb&nc=true&u=57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1&b=57501621.1.1669072517723&pt=0&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3d0d84b0-576f-46e6-8ae2-e827df074eb0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXNTn759DuwQq7JWRGwxZiQPGJ%2FDsSKcI2bmrbjaWmLUOqorhXH6gXyvwmB2eHtwDtdEsStwyDVZxQjwDTTAY92XaQhNHv%2F%2F6wUyOdxsfRBLwSb4%2F8uMUWbME8WrkizFMKcz0xhXW2lQVThqRuwG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 76dd2065fa725c8c-FRA
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 246ms
246ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A17%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222010%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 iphonex_mockup.png
go.recordedfuture.com/hubfs/ 190 KB
192 KB 120ms
38ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.recordedfuture.com/hubfs/iphonex_mockup.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ddb97a3966309b4797886170a224d94f37195a7b99a93ddf9a4856b1bbbf82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38679274737,P-252628,FLS-ALL
age: 453249
x-amz-request-id: CYSQX6Q6B2XDRJ1Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38679274737,P-252628,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="iphonex_mockup.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "8e4a9a910444dc630d9dde1cc3bd77f7"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607733110293
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Mon, 21 Nov 2022 23:15:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: r9ZOT95rdFsvuhynefdRWZgkO0lzhV1L
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=331559
x-cache: RefreshHit from cloudfront
cache-tag: F-38679274737,P-252628,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 195034
x-amz-id-2: upXAkBzRWeetgMlQf1bKO9rtHZS3Nhz+wZkF1osg98Ay9akAj/30pWJny0fw/zZZxVpWH82TQXY=
last-modified: Thu, 09 Dec 2021 17:00:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Bzg4mzf0nEsSpRwqnKsu5wWDhA%2BkQaoQMBubPEPF9J0DscU3E1fKO5%2Fz4U2uds21rj0eu%2BmdpyowdDprAVbqFpzdUunTUPfy45%2Bjy6kmPc91bc%2FNeQ2qLFtrWWvbGqTm%2FoUbjZn%2Fgsw1HrpPJmiMjxjVg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 76dd206c7e75bbf8-FRA
x-amz-cf-id: xASxndxz6wGB5luRaeJL1C-VIVfC3XiAQMKWAxAG4uFDjNReFDEKpA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 245ms
245ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A18%20GMT%22%2C%22timeSpent%22%3A%221006%22%2C%22totalTimeSpent%22%3A%223016%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 246ms
242ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224017%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 86c3c8f0c8ea49cc7ec9f7f37c7a5cb4b5eaa4b0a50e364cd866c9a1f16ec5f7.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame E04B 3 KB
3 KB 342ms
122ms Image
image/png 54.231.138.218

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/86c3c8f0c8ea49cc7ec9f7f37c7a5cb4b5eaa4b0a50e364cd866c9a1f16ec5f7.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.138.218 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0baa5b9b9a0b81f0b6be5dd144cd2bda682a011a2f65eabd9bdff6bc2b8e13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 23:15:22 GMT
Last-Modified: Wed, 11 May 2022 14:26:34 GMT
Server: AmazonS3
x-amz-request-id: KPREA1DFEWB9BCSW
ETag: "bab65ebecf652fd81118542d690db72c"
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2593
x-amz-id-2: mqcyXpoQz1deJSXSM6xSLIsPSDJW80Ox7HTngWNSwm/z+wsC3j1E+hFvJqlSPe8KRSOf6aOBh74=

GET
H2 200 brand_logo_long_black_f2ead5b5c6.svg
cms.recordedfuture.com/uploads/ Frame E04B 4 KB
1 KB 36ms
22ms Image
image/svg+xml 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/brand_logo_long_black_f2ead5b5c6.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d0ca87959e23cb77cff2f1d7fe2337ecc770de12b1d20762373321d7d287183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 1
date: Mon, 21 Nov 2022 23:15:21 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
age: 2
traceresponse: 00-1728432ff521ae2286bf5069c1d3debc-930b11ce922dc118-00
x-cache: HIT
content-length: 1262
x-served-by: cache-hhn4043-HHN
last-modified: Thu, 10 Mar 2022 10:37:46 GMT
etag: W/"6229d4fa-eab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
expires: Thu, 17 Nov 2022 04:03:55 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 401ms
381ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A20%20GMT%22%2C%22timeSpent%22%3A%221008%22%2C%22totalTimeSpent%22%3A%225025%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E04B 222 KB
222 KB 34ms
33ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
Requested by: Host: assets.qualified.com
URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-c9f10185.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-c9f10185.chunk.css
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:21 GMT
x-amz-version-id: qVc_S7vCHEolBCi74u6R_K3kfwHbJGXo
cf-cache-status: HIT
x-amz-request-id: MJ6QE2PV2EFWV5A7
age: 5439267
content-length: 227180
x-amz-id-2: BAnz8r8xLtnT6N/Guh12ZlKEd10QfXkl4t7ZIRlzF0rmj3dl58Y5h5a2fmLpTLJzUEvOIab70Dc=
last-modified: Tue, 20 Sep 2022 00:17:43 GMT
server: cloudflare
etag: "66c6e40883646a7ad993108b2ce2da32"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 76dd207b6c2390a3-FRA
expires: Wed, 22 Nov 2023 05:15:21 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 250ms
249ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A21%20GMT%22%2C%22timeSpent%22%3A%221018%22%2C%22totalTimeSpent%22%3A%226043%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 brand_logo_long_black_f2ead5b5c6.svg
cms.recordedfuture.com/uploads/ Frame E04B 4 KB
1 KB 12ms
5ms Image
image/svg+xml 151.101.66.216
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.recordedfuture.com/uploads/brand_logo_long_black_f2ead5b5c6.svg

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/6-2a542d025a8d77058e71.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d0ca87959e23cb77cff2f1d7fe2337ecc770de12b1d20762373321d7d287183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 2
date: Mon, 21 Nov 2022 23:15:22 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-platform-server: i-be21b5795622437d8136c8a0cedbd8d0, i-be21b5795622437d8136c8a0cedbd8d0
age: 3
traceresponse: 00-1728432ff521ae2286bf5069c1d3debc-930b11ce922dc118-00
x-cache: HIT
content-length: 1262
x-served-by: cache-hhn4043-HHN
last-modified: Thu, 10 Mar 2022 10:37:46 GMT
etag: W/"6229d4fa-eab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=300
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
expires: Thu, 17 Nov 2022 04:03:55 GMT

GET
H/1.1 206
Partial Content 7bfc614b2b8cf39efbfb3b15da61c94a.mp3
app.qualified.com/packs/ 6 KB
6 KB 111ms
110ms Media
audio/mpeg 52.22.1.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/7bfc614b2b8cf39efbfb3b15da61c94a.mp3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.22.1.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-1-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3814cdd9f44b721f9c1cb111462e040b4a885d07cb143ee37b680d871cbfa94e

Request headers

Referer: https://www.recordedfuture.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 21 Nov 2022 23:15:22 GMT
Via: 1.1 spaces-router (e13668ca8eb7)
Last-Modified: Mon, 21 Nov 2022 17:58:20 GMT
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-5869/5870
Cache-Control: max-age=315360000, public
Content-Length: 5870
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 244ms
243ms Image
image/gif 184.24.7.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A22%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%227047%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.7.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-7-242.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recordedfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:15:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=8d199402-15e4-4f60-8eeb-15267907279c&session=29ab66da-5ec2-43dc-808d-df4379bff76e&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2021%20Nov%202022%2023%3A15%3A23%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%228051%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20report%20analyzes%20technical%2C%20political%2C%20and%20socioeconomic%20factors%20contributing%20to%20the%20scale%20of%20card%20fraud%20conducted%20by%20Russia-based%20threat%20actors%20within%20the%20context%20of%20the%20Russian%20invasion%20of%20Ukraine.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Russian%20Invasion%20of%20Ukraine%20and%20Sanctions%20Portend%20Rise%20in%20Card%20Fraud%20%7C%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.recordedfuture.com%2Frussian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud&pageViewId=9b7ed7fa-2735-4bf3-8c36-7c4212c1cc91&an_uid=0

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.recordedfuture.com/	1970-01-20 17:03:47	Name: _pk_id.1.e343 Value: 99609a1bf940cf34.1669072516.
.recordedfuture.com/	1970-01-20 07:37:54	Name: _pk_ses.1.e343 Value: 1
.www.recordedfuture.com/	1970-01-20 07:39:18	Name: ln_or Value: d
.recordedfuture.com/	1970-01-20 09:47:28	Name: _gcl_au Value: 1.1.1837948799.1669072516
.linkedin.com/	1970-01-20 08:21:04	Name: UserMatchHistory Value: AQI0tU7_rBYpLwAAAYSceXJ1gcutHwK4VLahtBiaYAWPbUkLTONV4BwwQvxhR4asWpqVpFMH8FBEIQ
.linkedin.com/	1970-01-20 08:21:04	Name: AnalyticsSyncHistory Value: AQJEQBo677PUIAAAAYSceXJ1f7Qi4r5OrtugJtvL5pSMVgPK0_gUxU6JvTBz6Bam58D-lIV5xIEOiwWH3uSPiQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:23:28	Name: bcookie Value: "v=2&f53fd369-9d16-4701-8a77-df3af71aab96"
.linkedin.com/	1970-01-20 07:39:18	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2426:u=1:x=1:i=1669072515:t=1669158915:v=2:sig=AQHqN6F-_05q9Bgqed8Pi94QkyPguvV8"
.recordedfuture.com/	1970-01-20 09:47:28	Name: _fbp Value: fb.1.1669072515807.554856987
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:23:28	Name: bscookie Value: "v=1&20221121231516f265c0cc-7026-4f18-8503-735f32fc7980AQHF_esO32Z5bCpYmQGJPcrtIxCoRAVb"
.linkedin.com/	1970-01-20 11:57:04	Name: li_gc Value: MTswOzE2NjkwNzI1MTY7MjswMjHky2Y5UHboG159ll599XGHihNeiWE5URfSPIv5FXZJ+Q==
.recordedfuture.com/	1970-01-20 07:39:18	Name: _gid Value: GA1.2.816936433.1669072516
.recordedfuture.com/	1970-01-20 07:37:52	Name: _gat_UA-9153858-2 Value: 1
.recordedfuture.com/	1970-01-20 17:13:52	Name: __utma Value: 93161374.1392345956.1669072516.1669072516.1669072516.1
.recordedfuture.com/	1969-12-31 23:59:59	Name: __utmc Value: 93161374
.recordedfuture.com/	1970-01-20 12:00:40	Name: __utmz Value: 93161374.1669072516.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.recordedfuture.com/	1970-01-20 07:37:53	Name: __utmt_sfga Value: 1
.recordedfuture.com/	1970-01-20 07:37:54	Name: __utmb Value: 93161374.1.10.1669072516
.t.co/	1970-01-20 17:13:52	Name: muc_ads Value: f76c6fff-7844-4854-9e4a-a6dad956ece7
.twitter.com/	1970-01-20 17:13:52	Name: personalization_id Value: "v1_e+OFic8HLbtXRLi8wSapZw=="
.recordedfuture.com/	1970-01-20 17:13:52	Name: _ga_MHTMF48BZH Value: GS1.1.1669072516.1.0.1669072516.0.0.0
.recordedfuture.com/	1970-01-20 17:13:52	Name: _ga Value: GA1.1.1392345956.1669072516
www.recordedfuture.com/	1970-01-20 07:47:57	Name: _an_uid Value: 0
www.recordedfuture.com/	1970-01-20 17:13:52	Name: _gd_visitor Value: 8d199402-15e4-4f60-8eeb-15267907279c
www.recordedfuture.com/	1970-01-20 07:38:06	Name: _gd_session Value: 29ab66da-5ec2-43dc-808d-df4379bff76e
.doubleclick.net/	1970-01-20 07:37:53	Name: test_cookie Value: CheckForPermission
.recordedfuture.com/	1970-01-20 07:37:52	Name: _gat_gtag_UA_9153858_2 Value: 1
.6sc.co/	1970-01-20 17:13:52	Name: 6suuid Value: 9ef010022571000084067c63a7030000f92c0600
.recordedfuture.com/	1970-01-20 11:57:04	Name: __hstc Value: 57501621.f6c990beaaf05801bf2527a50e96c4fb.1669072517723.1669072517723.1669072517723.1
.recordedfuture.com/	1970-01-20 11:57:04	Name: hubspotutk Value: f6c990beaaf05801bf2527a50e96c4fb
.recordedfuture.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.recordedfuture.com/	1970-01-20 07:37:54	Name: __hssc Value: 57501621.1.1669072517723
.hubspot.com/	1970-01-20 07:37:54	Name: __cf_bm Value: ObPg.ZJ7yjpryUmtTwHXFKdQoSh739Yt2Sz_JLvtJoI-1669072517-0-AZNNrRM+ohH+Vn+t9dD6VkqIaY61kw0SHc0DzpZUNY4NG/ZOgfbnRbnD0n7oOIFO4S9iy2acOcrHv4k3It6u6Cc=
.recordedfuture.com/	1970-01-20 07:39:18	Name: source Value: (direct)
.recordedfuture.com/	1970-01-20 07:39:18	Name: medium Value: (none)
.recordedfuture.com/	1970-01-20 07:39:18	Name: content Value: undefined
.recordedfuture.com/	1970-01-20 07:39:18	Name: keyword Value: undefined
.recordedfuture.com/	1970-01-20 07:39:18	Name: campaign Value:
.recordedfuture.com/	1970-01-20 07:39:18	Name: landing_page Value: /russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
.recordedfuture.com/	1970-01-20 07:39:18	Name: conversion_page Value: /russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud
.go.recordedfuture.com/	1970-01-20 07:37:54	Name: __cf_bm Value: FAD3sgOhYQjniA7hb0GoagBIS308KYMnsHvLo5Nyi9Q-1669072519-0-AaZAvOSYuNvpm1FuWu8rwvqtfBFeAqoM0ct8itSbtdP3maW6rxMxB7VdzgYxAdV3bnqq/cE2h4CmahZ9/MecArg=
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: d8afabf23d7420e60e0344febb4c1fdc8742a0d4-1669072519
.recordedfuture.com/	1970-01-20 17:13:52	Name: __q_state_Nx83j34ob1DXpWn5 Value: eyJ1dWlkIjoiOGYyYjkyYWEtMTVmMi00OTUxLTgwNTktODc2N2RjNjc2OWYyIiwiY29va2llRG9tYWluIjoicmVjb3JkZWRmdXR1cmUuY29tIiwibWVzc2VuZ2VyRXhwYW5kZWQiOmZhbHNlLCJwcm9tcHREaXNtaXNzZWQiOmZhbHNlLCJjb252ZXJzYXRpb25JZCI6IjEwMTQyMzkzOTg4NDc2MTEyNzQifQ==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/careers.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/russian-invasion-of-ukraine-and-sanctions-portend-rise-in-card-fraud.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/platform.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/company.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/predict.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.recordedfuture.com/_next/data/02pkxgl8PPNFDg5_w4XRf/en/resources.json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
app.qualified.com
assets.qualified.com
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
cdn.matomo.cloud
cms.recordedfuture.com
connect.facebook.net
forms.hubspot.com
go.recordedfuture.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.qualified.com
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
recordedfuture.matomo.cloud
region1.google-analytics.com
secure.adnxs.com
sentry.io
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.recordedfuture.com
b.6sc.co
104.18.7.66
104.244.42.3
104.244.42.5
13.107.42.14
13.224.189.123
146.75.116.157
151.101.66.216
18.195.235.189
184.24.7.242
185.89.210.122
2001:4860:4802:34::36
2600:9000:223f:8600:c:7d55:b3c0:93a1
2606:2c40::c73c:67fe
2606:4700:4400::ac40:9a55
2606:4700::6811:43b0
2606:4700::6811:d2cc
2606:4700::6811:e7cc
2606:4700::6812:1005
2606:4700::6812:1105
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:806::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9d
2a02:26f0:3500:890::1c91
2a02:26f0:480:f::213:7ec6
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.188.42.15
52.22.1.175
54.231.138.218
03c6a05bd0d89aa91521b0ebe9a14e367f6c41ebd64f585fbee07ba3a2124e89
03fdc46e5ca4bc37b7ca096141db38521162e085713499fe253c7fd60f5b51b4
05da620e7bac78cd141e1a7f7005bf9e1eaf93837514ff265d5efd9fdda7ee11
09a795f3f46833b83de9e9eb6adc8dfb60b132b392cb0329b231f628d54fda44
0baa5b9b9a0b81f0b6be5dd144cd2bda682a011a2f65eabd9bdff6bc2b8e13d1
0defc1d53646c16e153850cf9d1cfca909bdde173fafd18f671df65bda377a3f
0e42642b6205245dc5c27dcec2921761d8d3e2dbbaa05690c7c4e0b98bdba619
1098469ae9726717ac93bf7a48a36ee5199c8747f6541bc435888a233cb4cdfe
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
121e814eee3afd7958f7162e87ed7105a926db0b78ae29cd520a96b82e007f4b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
173f53c497a9c57ab13b1d1743662bc1fa02ebee595aed072c915ed912f4084b
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1d0ca87959e23cb77cff2f1d7fe2337ecc770de12b1d20762373321d7d287183
23a03c911ed25ed3f83e874333d3fa1b3b4992097085f966bc5c65956c62f089
2633873cf20bca38c85333a00436a4fdec4e91e89590e037cb774ebc5e6e1c63
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2e64eda59a1c2536d3ea595cfb6bf8efff98957f13c01cf2cf5707b7d2ffd523
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35ec79a2e623e921c37323cd2f2f40690771bad8511831f49af9f396b504a6af
3814cdd9f44b721f9c1cb111462e040b4a885d07cb143ee37b680d871cbfa94e
3bf162c4ea46c13d096a81bc878e36ab1cc96a63ad8f674f58e25789103b5ee2
3eee031793efec7655713571561bc3d896a5d13b27ac34b4a72807012dd3257f
40f073b05eea04900a8af9205fdc6dc01825f19259b8458a20fcc470a30ee5ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
495d4afe192ab4d5f4a550a952f4c54e9aac52f1b502772b594770db983995c2
4b78540e3cc57340baea67144731066f483683ed3ddd83c67001ac122eec56c1
4f02684969297bf0c03199dfc801446cf9dcea5e1a533fe105199aca96ed1313
51edcb4f1d86f3d1074c1e6480c74eae2326a0a9f4787a67f5f043d752f45337
56d41f1db3891321e8dd447f1b30902d33bdf40f4a32c6498825cf7608012e5f
5768a88bf1ea0b2494bb74d88ee0273b10d1a785a59f929454f3fdd43821487b
5b62e4c5c44e765dc45ebaa626d4bd7ecbe9bbaa4691549adc5978be5ce1faa6
5cc7a8ba51e3065036d8411d4b6e668198d5686ae5c48c41cc01f30c69ce1874
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
67a5060eedbd8425b1dd121296fc4636c9abedf74efdae4d9eb37fcfd2150801
6a07ba6298a82984a8c4fe8b19c118b16c7fdeb8e60519738e6c91e02f496fc6
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
74e9959fd5a06749bda6f0339e81373dcd1ee1ede424b2848bc5c8b1b8cfec4a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b8d7c0a33f3c73fabdcdbcf0929580f0d9070a4a419d37804c99dcf50367da4
7ddb97a3966309b4797886170a224d94f37195a7b99a93ddf9a4856b1bbbf82b
7f02ade5567959a5353c345fefffa6feca3712b25e94e08562dd365407393ed9
80e86ff9258d3afe55e2fac83df328cc68024e1e21cc548d1c30279d7a4d5471
8219d88c86522ac67a92507e2a5501ffc1518505fe52a658d6f74abdaa0974a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b41eb769c0712dc63c5856614778d0c0b2b558fba99b9e475f1eb6ce6737e9
8a32f586e32ae58cbe333e96ba3efa4d59f30001a58fa93d74a574a60860527f
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
90fa3907aff9be258d0ef019819517fe310d0db66b44174243cbfd9ab465207a
962a7bf9f4a4d210303ae595a896fe4e861e27782d6055740dfe275e525013ff
981e304a52d464351bda430da0310afa6b759bda76f6e27e1b18d974107ebbd0
9871f6d82bb90b28ac2625b45484a89eff6c71c160c32ab93fbbcc6223c40197
9d23df38c6addca2226a155962fff6ed150cb8fb2d3d62562c1edf2dc7f18493
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a1c09735b82fee1a6f401a29136a9e7ebe585d0b1d98cfcc08c1fcb2af9ecd47
a99487f0cfc6034aa4b950ec577aaac79ebb30ed0dc0d83c880c08ed167e471d
aac89ab8c300548f4e4d36c0bf64ca5e5e5e17e339843c6295aecffbd89d956f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca17711b2bcab8335b7bd9c2880033b2aa69a0e9f33ce2e1a507dbb0f9cade3
b415488d203e87802982cfe3dc4e8cec9efcec6cee2954daeba27e4ef45d2b67
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b970ae91596f4ec96c46c054e9e9a8556691e666b58b9b90ae6d0dc8bad93ff0
baa0e7b178595acc10affd564ee3e9d16ae106fa4d092bc580940392577d10b1
bd8a03dc370a8c071f37c1c1523feffbb874dfcae22db8a9f24c6110028d2ecf
c2824a1d605c04becc72dcf74b915d6867d7bba2ce2cd74abf81e8951eaaec7a
c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f
c6d77d9ff390581ade27d11c69ac5583da913859a1c17579cf3ecf4207bf3703
cb73f2f86050c86501187167d5ede61a0711c2b59a7ffae94d208583ea2b12e7
cc94ddda518bbc9dd8cb6a8c84e274cfc3723704de9155235b8bad2b3ff352fd
cd94ee9f6ffce70785eafb1a09da52a4f63eeebddf1ff05827cd7b9e5e6b3ef8
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc745f6bf802a416e299034e247b0ec3ce6545deaedbfce6323d572c916af5ea
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de33cd468058032ddf5d3272dafd0bd12eb8f4d5833322c8a1851888ec270128
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de5a7cee0e2529379efef472ad3872b9c80d3b1d85b084bebd0e9fa5afcdfac0
e1bffb95aa906bfc9cfdc78a26496ba5b627521e1c9ee09edcf1cd7464405905
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a29f417d6a4d6847d3618968d0d5fce0ea2472aaa9bf2f390f66b778055b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.recordedfuture.com Open in urlscan Pro 104.18.7.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

64 %IPv6

26 Domains

40 Subdomains

36 IPs

4 Countries

4274 kBTransfer

10034 kBSize

45 Cookies

28 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.recordedfuture.com Open in urlscan Pro
104.18.7.66 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

64 %
IPv6

26
Domains

40
Subdomains

36
IPs

4
Countries

4274 kB
Transfer

10034 kB
Size

45
Cookies

123 HTTP transactions
2 data transactions