URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Submission: On November 07 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6812:621, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.
This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.18.12.124 13335 (CLOUDFLAR...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 104.111.233.140 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.223.61.136 16509 (AMAZON-02)
1 185.33.220.244 29990 (ASN-APPNEX)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
63 18
Domain Requested by
31 therecord.media therecord.media
5 b.6sc.co
3 cdnjs.cloudflare.com therecord.media
2 recordedfuture.matomo.cloud cdn.matomo.cloud
2 www.youtube.com therecord.media
www.youtube.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.matomo.cloud therecord.media
2 www.recordedfuture.com therecord.media
2 www.googletagmanager.com therecord.media
2 cdn.jsdelivr.net therecord.media
1 track.hubspot.com
1 secure.gravatar.com
1 c.6sc.co j.6sc.co
1 secure.adnxs.com j.6sc.co
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 static.cloudflareinsights.com www.googletagmanager.com
1 j.6sc.co therecord.media
1 js.hs-scripts.com therecord.media
63 19
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-18 -
2022-07-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.recordedfuture.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-23 -
2022-02-22
a year crt.sh
cdn.matomo.cloud
Amazon
2021-01-28 -
2022-02-25
a year crt.sh
*.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.6sc.co
DigiCert SHA2 Secure Server CA
2021-03-09 -
2022-03-16
a year crt.sh
*.matomo.cloud
Amazon
2021-08-20 -
2022-09-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2021-06-26 -
2022-06-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Frame ID: C47D42E671109F5CFCAEF744F0B84192
Requests: 63 HTTP requests in this frame

Screenshot


Page Statistics

63
Requests

98 %
HTTPS

76 %
IPv6

16
Domains

19
Subdomains

18
IPs

5
Countries

957 kB
Transfer

2354 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
61 KB
13 KB
Document
General
Full URL
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33552950223a893ab31e75e809382ff2fa2764942c74b8a18db2f0fe3ffffbbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=600
link
<https://therecord.media/?p=8763>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains
x-pantheon-styx-hostname
styx-fe2-a-5bffbbcccc-9ssm9
x-pingback
https://therecord.media/xmlrpc.php
x-styx-req-id
bd113e53-3f69-11ec-811f-062b5d80bfed
x-served-by
cache-mdw17380-MDW, cache-bwi5023-BWI
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1636248392.760577,VS0,VE425
vary
Accept-Encoding, Cookie, Cookie
age
0
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6aa2c61e5f395b9e-FRA
content-encoding
br
style.min.css
therecord.media/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://therecord.media/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12205278
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-np279
x-cache
HIT, HIT
content-encoding
br
x-served-by
cache-mdw17350-MDW, cache-bwi5083-BWI
last-modified
Fri, 18 Jun 2021 14:42:50 GMT
server
cloudflare
x-timer
S1624043115.854483,VS0,VE1
etag
W/"60ccb0ea-e33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
573360ec-d067-11eb-b79d-3aa163f41238
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6244cf25b9e-FRA
x-cache-hits
1, 1
rf-rss-widget.css
therecord.media/wp-content/plugins/rf-rss-feed/public/css/
473 B
479 B
Stylesheet
General
Full URL
https://therecord.media/wp-content/plugins/rf-rss-feed/public/css/rf-rss-widget.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e8232dee29ca904e5726f29b02f784c6155de5e388e61570a74aedf61b69de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
1332112
cf-polished
origSize=944
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-644w6
x-cache
HIT, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17347-MDW, cache-bwi5020-BWI
last-modified
Fri, 22 Oct 2021 15:23:12 GMT
server
cloudflare
x-timer
S1634916281.927384,VS0,VE1
etag
W/"6172d760-3b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
21850fdb-334c-11ec-8013-ce1f3dd47c6f
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6245cf35b9e-FRA
x-cache-hits
1, 1
jquery.mCustomScrollbar.min.css
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/
42 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5217080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3359
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-a757"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcJx9Csh%2BKL062Li81cvjhfh%2FIQqgigfxnfXuBFneDdmm5ezo8SQ509g2eYTNmRLedtWXDdJb36ZjHibgaJiVTtZNT3jYigDc4wmh%2BuxCMRtX2FA3UTXqk7%2BmUcSfUzkWXaGa4a2AZOsaO2clIKXQBuc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aa2c6247b3568f2-FRA
expires
Fri, 28 Oct 2022 01:26:32 GMT
jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/
12 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1053579
x-jsd-version
3.5.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19144-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6aa2c6247fa642fd-FRA
style-v4.css
therecord.media/wp-content/themes/therecordmedia/assets/css/
345 KB
48 KB
Stylesheet
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31a805b14cdf1311a94debe97e7d5695f38eca4dddc65d98cb58e9c281cf36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
150568
cf-polished
origSize=459099
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-mzv6h
x-cache
MISS, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17369-MDW, cache-bwi5063-BWI
last-modified
Thu, 28 Oct 2021 15:47:43 GMT
server
cloudflare
x-timer
S1636097825.682192,VS0,VE148
etag
W/"617ac61f-7015b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
0235c6d1-3816-11ec-8a90-9e98479f2435
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6245cf55b9e-FRA
x-cache-hits
0, 1
custom-v8.css
therecord.media/wp-content/themes/therecordmedia/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/css/custom-v8.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01127152b090004aa159e0d56664e2268a1de5334ba6d9d6515388a0f53a3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
11263292
cf-polished
origSize=7291
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-59x78
x-cache
MISS, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17351-MDW, cache-bwi5032-BWI
last-modified
Tue, 29 Jun 2021 16:31:39 GMT
server
cloudflare
x-timer
S1624985100.589549,VS0,VE0
etag
W/"60db4aeb-1c7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
b97de432-d8f7-11eb-9f9d-26b2e6fca046
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
e31e4012037149c18539f2eb32ebdebd
cf-ray
6aa2c6245cf65b9e-FRA
x-cache-hits
0, 2
ytprefs.min.css
therecord.media/wp-content/plugins/youtube-embed-plus/styles/
6 KB
2 KB
Stylesheet
General
Full URL
https://therecord.media/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
6476890
x-pantheon-styx-hostname
styx-fe2-b-9c6567bff-dpnrq
x-cache
HIT, HIT
content-encoding
br
x-served-by
cache-mdw17355-MDW, cache-bwi5029-BWI
last-modified
Thu, 19 Aug 2021 07:48:05 GMT
server
cloudflare
x-timer
S1629771503.943666,VS0,VE1
etag
W/"611e0cb5-178c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
cb393b38-0105-11ec-a177-82c72c65dce1
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
e2c120c892b64b5dbcc2d82e5a2a0ba7
cf-ray
6aa2c6245cf75b9e-FRA
x-cache-hits
1, 1
cookieconsent.min.css
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieconsent.min.css
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21f3f80c9adfdf9070c994d881f2069818a2d409b62834c805a7f17f08c91ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
3238613
x-pantheon-styx-hostname
styx-fe2-b-56496ffc66-bczg7
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17369-MDW, cache-bwi5025-BWI
last-modified
Wed, 22 Sep 2021 16:58:27 GMT
server
cloudflare
x-timer
S1633009779.001439,VS0,VE1
etag
W/"614b60b3-519d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
x-styx-req-id
3d36d8a9-1cba-11ec-9a30-9625054942ed
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6245cf85b9e-FRA
x-cache-hits
0, 1
PrimaryLogo-RGB-Carrot.svg
therecord.media/wp-content/uploads/2021/06/
5 KB
2 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/06/PrimaryLogo-RGB-Carrot.svg
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6429c09d26d4abed1c51691f17eb89c9c1fedf440964890e2a0fe9801e93e653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12220929
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-jjb4g
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17377-MDW, cache-wdc5533-WDC
last-modified
Fri, 18 Jun 2021 14:43:58 GMT
server
cloudflare
x-timer
S1624027463.123564,VS0,VE1
etag
W/"60ccb12e-1421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6245cfb5b9e-FRA
x-styx-req-id
9f508062-d043-11eb-9cf1-ee94bcaaf0ad
x-cache-hits
0, 1
hacker-keyboard-computer-cybercrime.jpg
therecord.media/wp-content/uploads/2021/11/
139 KB
140 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/11/hacker-keyboard-computer-cybercrime.jpg
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf773718da7d5c04f384586325b0dd3ad827daea5741f119071463b9d051ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-2wb7t
x-cache
HIT, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
142812
x-served-by
cache-mdw17383-MDW, cache-bwi5066-BWI
last-modified
Wed, 03 Nov 2021 16:48:06 GMT
server
cloudflare
x-timer
S1636248393.735327,VS0,VE2
etag
"6182bd46-22ddc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-styx-req-id
563948bf-3cc6-11ec-a09e-227203492b43
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c6245cfd5b9e-FRA
x-cache-hits
1, 1
rocket-loader.min.js
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 13:28:28 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6185317c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800, public
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6aa2c6245d015b9e-FRA
expires
Tue, 09 Nov 2021 01:26:32 GMT
complianz.min.js
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/
40 KB
9 KB
Script
General
Full URL
https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326d6c39524da9a4b3d35286c798b93738a4665b29ce498d5b5df959a3a19012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
3238613
x-pantheon-styx-hostname
styx-fe2-a-6b6d6f77d6-2h8pw
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17344-MDW, cache-wdc5581-WDC
last-modified
Fri, 24 Sep 2021 02:54:39 GMT
server
cloudflare
x-timer
S1633009780.604201,VS0,VE1
etag
W/"614d3def-9e2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
d3d16fdf-1d22-11ec-b5ec-8e8cf3dee576
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d1f5b9e-FRA
x-cache-hits
0, 1
postscribe.min.js
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/
17 KB
6 KB
Script
General
Full URL
https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/postscribe.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
2328281
x-pantheon-styx-hostname
styx-fe2-b-56496ffc66-8s28k
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17344-MDW, cache-wdc5553-WDC
last-modified
Sun, 26 Sep 2021 06:54:48 GMT
server
cloudflare
x-timer
S1633920111.464426,VS0,VE1
etag
W/"61501938-45f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
f070e800-1f28-11ec-85ab-0e5e40533d09
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d245b9e-FRA
x-cache-hits
0, 1
cookieconsent.min.js
therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/
25 KB
8 KB
Script
General
Full URL
https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/cookieconsent.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81dbdd695385ce9e3065e0cf1d8f058169de79244b1d1be4059b527e31d23c77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
777971
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-p85k9
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17356-MDW, cache-wdc5559-WDC
last-modified
Thu, 28 Oct 2021 15:47:42 GMT
server
cloudflare
x-timer
S1635470421.994134,VS0,VE1
etag
W/"617ac61e-6441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
37dcbcf5-3813-11ec-8d6c-a6abd588099d
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d255b9e-FRA
x-cache-hits
0, 1
fitvids.min.js
therecord.media/wp-content/plugins/youtube-embed-plus/scripts/
3 KB
1 KB
Script
General
Full URL
https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
9226776
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-qzl9f
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17352-MDW, cache-bwi5072-BWI
last-modified
Wed, 07 Jul 2021 15:27:39 GMT
server
cloudflare
x-timer
S1627021616.295313,VS0,VE1
etag
W/"60e5c7eb-aaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
2b878fd4-dfd6-11eb-ab67-3a80d45744de
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
928014bde77a4d1f82f5596e8b906c10
cf-ray
6aa2c6247d275b9e-FRA
x-cache-hits
0, 1
main.js
therecord.media/wp-content/themes/therecordmedia/assets/js/
24 KB
7 KB
Script
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a5d6deee5c86d1c86f8ab010b3dfcab1b0b500590024d8c7a44c279c96d443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12204930
cf-polished
origSize=45161
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-np279
x-cache
MISS, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17374-MDW, cache-bwi5067-BWI
last-modified
Fri, 18 Jun 2021 18:56:23 GMT
server
cloudflare
x-timer
S1624043463.515417,VS0,VE1
etag
W/"60ccec57-b069"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
570fb616-d067-11eb-b79d-3aa163f41238
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d285b9e-FRA
x-cache-hits
0, 1
jquery.fancybox.min.js
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/
67 KB
22 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1053579
x-jsd-version
3.5.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19164-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6aa2c6247fa842fd-FRA
jquery.mCustomScrollbar.min.js
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/
39 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4747082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10595
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-9cd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQo47W2kFH4cZ5%2F5Sjlxt8QxGK72%2BifAeleXGnzwnPb0IxDT6ipbnq9cHJbs3xQVShiVDq40Fr1Xc%2F9dtBnGhvx9D9XJDc4To2vbsQVH8SR%2FuomGO%2Ft52hXB5NzZbhVTYENjw0cKZt4Szivs5YHO%2BuWE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aa2c6247b3668f2-FRA
expires
Fri, 28 Oct 2022 01:26:32 GMT
custom-v2.js
therecord.media/wp-content/themes/therecordmedia/assets/js/
828 B
621 B
Script
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/js/custom-v2.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7b3c1c9a817380967e2d68f41c86b4649b68dba06b37a49dab55bb5c5a6eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12041456
cf-polished
origSize=1551
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-k527r
x-cache
MISS, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17335-MDW, cache-bwi5070-BWI
last-modified
Sun, 20 Jun 2021 16:33:59 GMT
server
cloudflare
x-timer
S1624206936.187959,VS0,VE1
etag
W/"60cf6df7-60f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
5b211bab-d1e5-11eb-ae7b-5e65bf8051b7
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d295b9e-FRA
x-cache-hits
0, 1
bundle.js
therecord.media/wp-content/themes/therecordmedia/assets/js/
276 KB
72 KB
Script
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df981a2e0d74a44530cfe140f2ce72ad4cb7be724706b7a3cfcb160bd06590f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
4747412
cf-polished
origSize=525445
x-pantheon-styx-hostname
styx-fe2-b-9c6567bff-5qtlq
x-cache
MISS, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17322-MDW, cache-bwi5075-BWI
last-modified
Sat, 21 Aug 2021 20:07:26 GMT
server
cloudflare
x-timer
S1631500980.357841,VS0,VE2
etag
W/"61215cfe-80485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
be4db0e1-0318-11ec-8d11-0a99b6d1f344
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
362234123dd944ff9642193a1cc6cdb5
cf-ray
6aa2c6247d2a5b9e-FRA
x-cache-hits
0, 1
js?id=UA-9153858-16
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9153858-16
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef0af8374f5f461615841a0310b1519bded90707a4702a79660de4280e28b9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36452
x-xss-protection
0
last-modified
Sun, 07 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Nov 2021 01:26:32 GMT
252628.js
js.hs-scripts.com/
984 B
905 B
Script
General
Full URL
https://js.hs-scripts.com/252628.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cf71d2598e09f6d774ddf02d6ffb687023648c66ed7b03ed75116fefc0a4f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
13cd5413-682e-47c3-9728-6b8488e3215f
last-modified
Sun, 07 Nov 2021 01:24:06 GMT
server
cloudflare
x-trace
2B53B339851EB8856ED3B24F273DBD19BB2828615B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://therecord.media
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6aa2c624ab0d1f4d-FRA
expires
Sun, 07 Nov 2021 01:27:32 GMT
ytprefs.min.js
therecord.media/wp-content/plugins/youtube-embed-plus/scripts/
10 KB
3 KB
Script
General
Full URL
https://therecord.media/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
11707098
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-59x78
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17357-MDW, cache-bwi5042-BWI
last-modified
Thu, 24 Jun 2021 13:21:22 GMT
server
cloudflare
x-timer
S1624541294.072034,VS0,VE1
etag
W/"60d486d2-26a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
e77377f0-d4ef-11eb-9f9d-26b2e6fca046
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d2b5b9e-FRA
x-cache-hits
0, 1
modernizr_2.8.3.js
therecord.media/wp-content/themes/therecordmedia/assets/js/
15 KB
6 KB
Script
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/js/modernizr_2.8.3.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82bfc506040c981ec142b63ec85a43e603310d9b5fac6598c5664a144f3c4e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12204930
cf-polished
origSize=15506
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-k527r
x-cache
HIT, HIT
cf-bgj
minify
content-encoding
br
x-served-by
cache-mdw17369-MDW, cache-wdc5539-WDC
last-modified
Fri, 18 Jun 2021 18:56:24 GMT
server
cloudflare
x-timer
S1624043463.559652,VS0,VE1
etag
W/"60ccec58-3c92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
570e3de9-d067-11eb-ae7b-5e65bf8051b7
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d2d5b9e-FRA
x-cache-hits
1, 1
jquery-migrate.min.js
therecord.media/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://therecord.media/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12204930
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-5mc9d
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17367-MDW, cache-bwi5046-BWI
last-modified
Fri, 18 Jun 2021 18:56:29 GMT
server
cloudflare
x-timer
S1624043462.471725,VS0,VE1
etag
W/"60ccec5d-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
570ce0e8-d067-11eb-878c-ae0a4d7663b5
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d2e5b9e-FRA
x-cache-hits
0, 1
jquery.min.js
therecord.media/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://therecord.media/wp-includes/js/jquery/jquery.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
777971
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-8pr5t
x-cache
MISS, HIT
content-encoding
br
x-served-by
cache-mdw17320-MDW, cache-bwi5068-BWI
last-modified
Thu, 28 Oct 2021 15:47:40 GMT
server
cloudflare
x-timer
S1635470421.934517,VS0,VE1
etag
W/"617ac61c-15d98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
x-styx-req-id
2ddeffd5-3814-11ec-b1cd-36fd5dbf0b73
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c6247d2f5b9e-FRA
x-cache-hits
0, 1
icomoon.ttf?fiuh6y
therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/
4 KB
4 KB
Font
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/custom/icomoon.ttf?fiuh6y
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6db13132ef5e4dc98723529dedf677f84b4993b7db70339cb1de93a910ffce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Origin
https://therecord.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
cf-cache-status
HIT
age
12220929
x-pantheon-styx-hostname
styx-fe2-a-58bcd5f458-jjb4g
x-cache
HIT, MISS
x-served-by
cache-mdw17349-MDW, cache-wdc5541-WDC
last-modified
Fri, 18 Jun 2021 14:42:44 GMT
server
cloudflare
x-timer
S1624027463.309480,VS0,VE20
etag
W/"60ccb0e4-107c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-font-ttf
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
cf-ray
6aa2c624ad5d5b9e-FRA
x-styx-req-id
a74dac77-d043-11eb-9cf1-ee94bcaaf0ad
x-cache-hits
1, 0
gudea-400-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/
8 KB
8 KB
Font
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-400-latin.woff2
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23ec5c633f64e45cdb8119ea2bd55f81bd2bf4a46131cc6e7aa415024db18f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Origin
https://therecord.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
9226263
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-59x78
x-cache
HIT, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
7856
x-served-by
cache-mdw17328-MDW, cache-bwi5061-BWI
last-modified
Wed, 30 Jun 2021 12:38:26 GMT
server
cloudflare
x-timer
S1627022129.495128,VS0,VE1
etag
"60dc65c2-1eb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
0d16f0b8d33b417ea8e1885ae1232aad
accept-ranges
bytes
cf-ray
6aa2c624ad5f5b9e-FRA
x-styx-req-id
1947e86c-da48-11eb-9f9d-26b2e6fca046
x-cache-hits
1, 1
oswald-400-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/
24 KB
24 KB
Font
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-400-latin.woff2
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Origin
https://therecord.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
934856
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-6m9mg
x-cache
MISS, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
24064
x-served-by
cache-mdw17352-MDW, cache-wdc5522-WDC
last-modified
Tue, 12 Oct 2021 07:54:51 GMT
server
cloudflare
x-timer
S1635313536.940167,VS0,VE80
etag
"61653f4b-5e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ad605b9e-FRA
x-styx-req-id
8fa416a2-2cf3-11ec-a383-3277ea497536
x-cache-hits
0, 1
oswald-700-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/
24 KB
24 KB
Font
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/oswald/oswald-700-latin.woff2
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Origin
https://therecord.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
11263291
x-pantheon-styx-hostname
styx-fe2-b-64744c95b6-5mc9d
x-cache
MISS, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
24064
x-served-by
cache-mdw17368-MDW, cache-bwi5021-BWI
last-modified
Tue, 29 Jun 2021 16:31:39 GMT
server
cloudflare
x-timer
S1624985102.703693,VS0,VE0
etag
"60db4aeb-5e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
pantheon-trace-id
424c6024d42a462786d6cf82ebe6d1dd
accept-ranges
bytes
cf-ray
6aa2c624ad625b9e-FRA
x-styx-req-id
b9b2e2f0-d8f7-11eb-878c-ae0a4d7663b5
x-cache-hits
0, 3
gudea-700-latin.woff2
therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/
8 KB
8 KB
Font
General
Full URL
https://therecord.media/wp-content/themes/therecordmedia/assets/fonts/gudea/gudea-700-latin.woff2
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d3367b895674ec706b02be65ae0ee7416f158836f88ddc1d3e469e3bdd6cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/wp-content/themes/therecordmedia/assets/css/style-v4.css
Origin
https://therecord.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
922624
x-pantheon-styx-hostname
styx-fe2-a-6b6d6f77d6-hws4p
x-cache
MISS, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
7932
x-served-by
cache-mdw17349-MDW, cache-wdc5563-WDC
last-modified
Wed, 29 Sep 2021 19:54:57 GMT
server
cloudflare
x-timer
S1635325768.238649,VS0,VE1
etag
"6154c491-1efc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ad635b9e-FRA
x-styx-req-id
b4bdd35b-21c8-11ec-987a-76bbec8dee9e
x-cache-hits
0, 1
Lockean-chain.png
therecord.media/wp-content/uploads/2021/11/
36 KB
36 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/11/Lockean-chain.png
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e331b9f3cc250a83492ca83902ca6bbd62cd955716a865a819d36b8e5dbe84d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-9l82c
x-cache
HIT, HIT
strict-transport-security
max-age=31536000; includeSubDomains
content-length
36708
x-served-by
cache-mdw17365-MDW, cache-bwi5047-BWI
last-modified
Wed, 03 Nov 2021 16:48:14 GMT
server
cloudflare
x-timer
S1636248393.830886,VS0,VE2
etag
"6182bd4e-8f64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-styx-req-id
7a2b52bd-3cc6-11ec-92da-66ca9ee36be7
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ed9a5b9e-FRA
x-cache-hits
1, 1
Lockean-post-exploitation.png
therecord.media/wp-content/uploads/2021/11/
5 KB
6 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/11/Lockean-post-exploitation.png
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3541fdf9d8da029f9c6f4e0a34940395e46f95a112b830d7f9f7acc9e5b8a392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
6312
cf-polished
origFmt=png, origSize=7612
x-cache
HIT, HIT
x-cache-hits
1, 1
content-disposition
inline; filename="Lockean-post-exploitation.webp"
cf-bgj
imgq:100,h2pri
content-length
5440
x-served-by
cache-mdw17341-MDW, cache-wdc5576-WDC
last-modified
Wed, 03 Nov 2021 16:48:26 GMT
server
cloudflare
x-timer
S1636242081.872691,VS0,VE1
etag
"6182bd5a-1dbc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
x-styx-req-id
7a2d6925-3cc6-11ec-a383-3277ea497536
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ed9c5b9e-FRA
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-6m9mg
Lockean-RaaS.png
therecord.media/wp-content/uploads/2021/11/
24 KB
24 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/11/Lockean-RaaS.png
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56c47b16f28b437878a4da97d3d57b03fe7fae1ef27087b709f3d9f40882ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
9180
cf-polished
origFmt=png, origSize=29761
x-cache
MISS, HIT
x-cache-hits
0, 1
content-disposition
inline; filename="Lockean-RaaS.webp"
cf-bgj
imgq:100,h2pri
content-length
24200
x-served-by
cache-mdw17352-MDW, cache-wdc5564-WDC
last-modified
Wed, 03 Nov 2021 16:48:31 GMT
server
cloudflare
x-timer
S1636239212.313482,VS0,VE1
etag
"6182bd5f-7441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
x-styx-req-id
7a2cd8b5-3cc6-11ec-8335-16a4686d8166
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ed9d5b9e-FRA
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-b4lkc
Lockean-victims.png
therecord.media/wp-content/uploads/2021/11/
52 KB
52 KB
Image
General
Full URL
https://therecord.media/wp-content/uploads/2021/11/Lockean-victims.png
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d1c3c8ec1a286ae4eecc079f48f5c91a6d6a1ad8145ca29abec55904934168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
age
9180
cf-polished
origFmt=png, origSize=65091
x-cache
MISS, HIT
x-cache-hits
0, 1
content-disposition
inline; filename="Lockean-victims.webp"
cf-bgj
imgq:100,h2pri
content-length
53008
x-served-by
cache-mdw17352-MDW, cache-bwi5062-BWI
last-modified
Wed, 03 Nov 2021 16:48:41 GMT
server
cloudflare
x-timer
S1636239212.356801,VS0,VE2
etag
"6182bd69-fe43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
x-styx-req-id
7a2e5f8c-3cc6-11ec-949c-2a1d1f5da7d2
expires
Tue, 08 Nov 2022 01:26:32 GMT
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c624ed9e5b9e-FRA
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-gsvkz
malware-vulnerability-trends-report-1024x235.jpg
www.recordedfuture.com/wp-content/uploads/
49 KB
50 KB
Image
General
Full URL
https://www.recordedfuture.com/wp-content/uploads/malware-vulnerability-trends-report-1024x235.jpg
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4a235e83977d477d1f72e32749358b1594a3e7122cd0b5496038d5ccd791cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
116624
x-pantheon-styx-hostname
styx-fe2-b-6cf4595974-gsvkz
x-cache
MISS, HIT
cf-bgj
h2pri
content-length
50439
x-served-by
cache-mdw17355-MDW, cache-bwi5035-BWI
last-modified
Tue, 31 Aug 2021 14:06:26 GMT
server
cloudflare
x-timer
S1636131769.587528,VS0,VE2
etag
"612e3762-c507"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
x-styx-req-id
39fa69c9-3d37-11ec-949c-2a1d1f5da7d2
expires
Sat, 05 Nov 2022 06:19:54 GMT
cache-control
max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c6251e2ec26d-FRA
x-cache-hits
0, 1
blackmatter-ransomware-protection-1024x235.jpg
www.recordedfuture.com/wp-content/uploads/
44 KB
45 KB
Image
General
Full URL
https://www.recordedfuture.com/wp-content/uploads/blackmatter-ransomware-protection-1024x235.jpg
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21533f30d64e48b8fdfc843f81198621a6c43d23dd66704c18abeb1d888aa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:32 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
116624
x-pantheon-styx-hostname
styx-fe2-a-5f44469ddc-9l82c
x-cache
MISS, HIT
cf-bgj
h2pri
content-length
45221
x-served-by
cache-mdw17368-MDW, cache-wdc5571-WDC
last-modified
Wed, 04 Aug 2021 14:20:02 GMT
server
cloudflare
x-timer
S1636131769.532378,VS0,VE0
etag
"610aa212-b0a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
x-styx-req-id
bb059e28-3d45-11ec-92da-66ca9ee36be7
expires
Sat, 05 Nov 2022 08:03:44 GMT
cache-control
max-age=31622400
accept-ranges
bytes
cf-ray
6aa2c6251e30c26d-FRA
x-cache-hits
0, 2
gtm.js?id=GTM-PVJ5W86
www.googletagmanager.com/
87 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b617436a0767ee70e0eaedfd7d423c998be25dcdd3c6a997a3c17a2317b692e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34069
x-xss-protection
0
last-modified
Sun, 07 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Nov 2021 01:26:33 GMT
matomo.js
cdn.matomo.cloud/recordedfuture.matomo.cloud/
191 KB
56 KB
Script
General
Full URL
https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:dc00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1519dacf01319cb5e0caa709cf1cb40794474a6ca4eb2de3d6fcb86c6157bf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:46:40 GMT
content-encoding
gzip
age
466794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sun, 17 Oct 2021 20:19:00 GMT
server
AmazonS3
etag
W/"7cb87695146dc95cd8d88df28207416b"
vary
Accept-Encoding
x-amz-version-id
6OU.jcK726xIXqmaHxPRdLJ.sc4VC7b9
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-cf-pop
FRA56-P5
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Jo-gV5t91NXj-FYA5EHdIGZyber5R3LsNN8Zpy_lYGG-HlAwtVqzUw==
container_41sBJe2I.js
cdn.matomo.cloud/recordedfuture.matomo.cloud/
25 KB
8 KB
Script
General
Full URL
https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:dc00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65c8182d14dac6f60e0865e949489e903cd1cd54689f04c08db049ba60ac644a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 19:17:04 GMT
content-encoding
gzip
age
194970
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sun, 17 Oct 2021 20:19:00 GMT
server
AmazonS3
etag
W/"6304dc15c11b8319dc9271b9f22417f3"
vary
Accept-Encoding
x-amz-version-id
DDB5xJvn165OAGokQb24SOTwfRkbjyjT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-cf-pop
FRA56-P5
content-type
application/javascript; charset=utf-8
x-amz-cf-id
rze477wRI3EFK-Y8TiLky-epR5cDJ9fwQtC0qCpnRVyz6i_An4RIdA==
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9153858-16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
5127
date
Sun, 07 Nov 2021 00:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 07 Nov 2021 02:01:06 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/
3 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
805233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utlqyuD%2BuB3Zo5dPcrYYFb%2Bszqc9r6aC%2BCe07TNKjkXeZy%2FZdpi6Als4QrzbtHOgxYG4yDfIc0%2F32eHAElrReLlm446qeECNHiUXBjjrDvtnw%2FVncRU9OFuw%2BrnDJ%2FGByFRSOOcd46TNqPPQQcJlUFTs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aa2c629294268f2-FRA
expires
Fri, 28 Oct 2022 01:26:33 GMT
iframe_api
www.youtube.com/
980 B
1 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/themes/therecordmedia/assets/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2aee396045e8313003eda4d9b0acc42c7a9cbd7c29b4a32480ba2489baacbecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Sun, 07 Nov 2021 01:26:33 GMT
6si.min.js
j.6sc.co/
27 KB
9 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
8575
Pragma
no-cache
Last-Modified
Thu, 07 Oct 2021 17:17:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615f2bb7-6a5f"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Sun, 07 Nov 2021 01:26:33 GMT
beacon.min.js
static.cloudflareinsights.com/
13 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 22:23:12 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6aa2c6296821693a-FRA
252628.js
js.hs-analytics.net/analytics/1636248300000/
63 KB
20 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1636248300000/252628.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f958b4527bcb3c4da9d038386657b0a8e498e40bb6d5eede4f0a42d4b1503221

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
C6JK63HNCMPJ6VEP
x-amz-server-side-encryption
AES256
cf-ray
6aa2c6296c146945-FRA
x-amz-id-2
pOSB204hbizrJgP0eqp3r9a6SV/qhJYeN8eEY/VhPdZR9jnPBKyGBFJzE6u1DZzPsf0qMAWXRaE=
last-modified
Mon, 19 Jul 2021 13:55:02 GMT
server
cloudflare
etag
W/"eb683456778d317c80ce91826fab13f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Sun, 07 Nov 2021 01:31:33 GMT
252628.js
js.hs-banner.com/
61 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/252628.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e90135befb1cde3a65a625bd4b1947fe8241484d5248194fbb3ab8b3b9912706

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
88VQ1FRW34XET6YJ
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
eQDvpASNzdjQ2ujs1S93oZz3hk/8CQDjUBedRL648GXuW0th1NH7kR9paOCLA99Cw6STATB/nOM=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 19:24:49 GMT
server
cloudflare
etag
W/"e0c913f4a0cc31dc55b4467584a6d8e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
lq2tXQvbi9wr797yewJV6QQGCJrrtX2q
access-control-allow-origin
https://www.recordedfuture.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6aa2c6296c3d435d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Sun, 07 Nov 2021 01:31:33 GMT
matomo.php?action_name=therecord.media%2FCERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=6600...
recordedfuture.matomo.cloud/
0
167 B
Ping
General
Full URL
https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FCERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future&idsite=2&rec=1&r=660079&h=1&m=26&s=33&url=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&_id=81e17968988b5ea9&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fjy17I&fa_pv=1&fa_fp[0][fa_vid]=6OJV2C&fa_fp[0][fa_fv]=1&fa_fp[2][fa_vid]=HSq2lg&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=xg0Cig&fa_fp[3][fa_fv]=1&pf_net=28&pf_srv=938&pf_tfr=2&pf_dm1=21&pf_dm2=713&pf_onl=1
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://therecord.media/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://therecord.media
date
Sun, 07 Nov 2021 01:26:33 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
collect?v=1&_v=j93&a=518321722&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&ul=en-us&de=UTF-8&dt=CERT-France%3A%20Lo...
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=518321722&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&ul=en-us&de=UTF-8&dt=CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=943674730&gjid=95372103&cid=279673762.1636248393&tid=UA-9153858-16&_gid=324000522.1636248393&_r=1&gtm=2oub31&z=775195984
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://therecord.media/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Nov 2021 01:26:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therecord.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
configs.php?idsite=2&trackerid=ieW5nR&url=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/
116 B
291 B
Script
General
Full URL
https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=ieW5nR&url=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.61.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8b6f710f441cdbc2.awsglobalaccelerator.com
Software
Apache /
Resource Hash
1c1a5c3b528d661109a2e879b9fac186ea38a466b1146ead6e23017c565b2718

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/
143 KB
47 KB
Script
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b64f85d8068989c158ba9a881e4b5f4971eb769a6ec9ae697f5a0728ba294fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 20:15:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
18639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47334
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 06 Nov 2022 20:15:54 GMT
getuidj
secure.adnxs.com/
11 B
691 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Nov 2021 01:26:33 GMT
X-Proxy-Origin
91.199.118.155; 91.199.118.155; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
aa279fba-77bb-441e-af4e-5f5563470665
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://therecord.media
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
47 B
371 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
211e289aa6c6588438d8e32743816ec225dfb90bf9cacd2e404a4d5c92eebba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:33 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://therecord.media
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
?lang=en&locale=en_US&token=zetku
therecord.media/wp-json/complianz/v1/banner/
130 B
570 B
XHR
General
Full URL
https://therecord.media/wp-json/complianz/v1/banner/?lang=en&locale=en_US&token=zetku
Requested by
Host: therecord.media
URL: https://therecord.media/wp-content/plugins/complianz-gdpr-premium/assets/js/complianz.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3026cea7eff6a33625644f88eef3c6418831341116ff8f04054da6c7abc138f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://therecord.media/cert-france-lockean-ransomware-group-behind-attacks-on-french-companies/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
0
x-cache
MISS, MISS
x-cache-hits
0, 0
content-encoding
br
vary
Accept-Encoding
x-served-by
cache-mdw17366-MDW, cache-wdc5522-WDC
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
server
cloudflare
x-timer
S1636248394.602037,VS0,VE218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
x-styx-req-id
be2a2bdd-3f69-11ec-8937-3a0169694d83
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
cf-ray
6aa2c629eac95b9e-FRA
link
<https://therecord.media/wp-json/>; rel="https://api.w.org/"
x-pantheon-styx-hostname
styx-fe2-a-5bffbbcccc-vqjk6
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sun%2C%20...
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A33%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:33 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g
secure.gravatar.com/avatar/
3 KB
3 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f9dbfba2249f983c34ca80b4b4bbae5e4a0931683fdce8b2d5da86d90839960c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 07 Nov 2021 01:26:33 GMT
last-modified
Fri, 05 Mar 2021 15:49:20 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="5fcff613fdfb0dbe15ddb3c49d4f54cd.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/5fcff613fdfb0dbe15ddb3c49d4f54cd?s=96&d=mm&r=g>; rel="canonical"
content-length
3268
expires
Sun, 07 Nov 2021 01:31:33 GMT
__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&p...
track.hubspot.com/
45 B
1003 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=252628&rcu=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pu=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&t=CERT-France%3A+Lockean+ransomware+group+behind+attacks+on+French+companies+-+The+Record+by+Recorded+Future&cts=1636248393371&vi=5880654f380b22f3271facf7b586a56d&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 01:26:33 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
8c233145-eb10-4221-a0dc-49e2d6a04177
cf-ray
6aa2c62acd6c69a3-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs679TxBs19NVYquIckvBE90fMZY%2FEIIg9wkL0rJQEnpAvdAKkRwry9g90pVDYcvWBuuGZG30dLUJzPdkjzcdlMGwN%2FLqV%2FiChUHDXvbPQkiYONWpqQSr%2F6xjWjcjfGnVstVYsPf3%2BoF8RbzPPxU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun...
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A33%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:34 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun...
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A34%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:35 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun...
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A35%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:36 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun...
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A36%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-140.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 07 Nov 2021 01:26:37 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun...
b.6sc.co/v1/beacon/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=36bb10028b070000492b8761c40000003a0e0b00&session=b0bf6d9e-3ded-44ba-8713-231ee05409c8&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2007%20Nov%202021%2001%3A26%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Record%20by%20Recorded%20Future%20gives%20exclusive%2C%20behind-the-scenes%20access%20to%20leaders%2C%20policymakers%2C%20researchers%2C%20and%20the%20shadows%20of%20the%20cyber%20underground.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CERT-France%3A%20Lockean%20ransomware%20group%20behind%20attacks%20on%20French%20companies%20-%20The%20Record%20by%20Recorded%20Future%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fcert-france-lockean-ransomware-group-behind-attacks-on-french-companies%2F&pageViewId=2aa374e3-0873-4305-86ab-33ab098a83bd&an_uid=0

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __cfQR function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| _EPYT_ string| jsHomeUrl string| ajaxUrl object| dataLayer function| gtag object| _paq object| _mtm object| d object| g object| s object| google_tag_manager object| bootstrap object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| mCustomScrollbar object| layoutHandler object| videosHandler object| cookieconsent function| postscribe object| complianz boolean| __cfRLUnblockHandlers object| _6si object| _EPADashboard_ function| onYouTubeIframeAPIReady object| _hsp object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| MatomoTagManager object| gaplugins object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| __cfBeacon function| epdofitvids object| _hsq function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded boolean| _hspb_ran boolean| _hspb_loaded string| wp_consent_type

21 Cookies

Domain/Path Name / Value
therecord.media/ Name: wordpress_google_apps_login
Value: 5030ee40afb9cefd93f9b3d09bbf561f
.therecord.media/ Name: _pk_id.2.de70
Value: 81e17968988b5ea9.1636248393.
.therecord.media/ Name: _pk_ses.2.de70
Value: 1
.therecord.media/ Name: _ga
Value: GA1.2.279673762.1636248393
.therecord.media/ Name: _gid
Value: GA1.2.324000522.1636248393
.therecord.media/ Name: _gat_gtag_UA_9153858_16
Value: 1
.youtube.com/ Name: YSC
Value: YRLE8oQHVBg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 88C23uyudiI
.6sc.co/ Name: 6suuid
Value: 36bb10028b070000492b8761c40000003a0e0b00
therecord.media/ Name: _gd_svisitor
Value: 36bb10028b070000492b8761c40000003a0e0b00
therecord.media/ Name: _an_uid
Value: 0
therecord.media/ Name: _gd_visitor
Value: 1e6ae0e8-3633-4a80-8b6d-d34b6e3f30b7
therecord.media/ Name: _gd_session
Value: b0bf6d9e-3ded-44ba-8713-231ee05409c8
.hubspot.com/ Name: __cf_bm
Value: qL05AhlzVlRgMur01ubjqOIWgn0cYwxQYDfv_Hxw.ks-1636248393-0-ATDTdcLNWvd3tUcxda0Mp8YJ0MUy9w15MmgW8EGzZKruJaT4zBxhCJQxuPSTb+mhqCwJZkU49ZQH8yxAKI3fNvU=
.therecord.media/ Name: __hstc
Value: 156209188.5880654f380b22f3271facf7b586a56d.1636248393368.1636248393368.1636248393368.1
.therecord.media/ Name: hubspotutk
Value: 5880654f380b22f3271facf7b586a56d
.therecord.media/ Name: __hssrc
Value: 1
.therecord.media/ Name: __hssc
Value: 156209188.1.1636248393369
therecord.media/ Name: cmplz_policy_id
Value: 19
therecord.media/ Name: cmplz_functional
Value: allow
therecord.media/ Name: cmplz_statistics-anonymous
Value: allow

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
c.6sc.co
cdn.jsdelivr.net
cdn.matomo.cloud
cdnjs.cloudflare.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
recordedfuture.matomo.cloud
secure.adnxs.com
secure.gravatar.com
static.cloudflareinsights.com
therecord.media
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
www.recordedfuture.com
www.youtube.com
b.6sc.co
104.111.233.140
104.18.12.124
185.33.220.244
2600:9000:223f:dc00:c:7d55:b3c0:93a1
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:5f41
2606:4700::6811:46b0
2606:4700::6811:d6cc
2606:4700::6812:15bf
2606:4700::6812:621
2606:4700::6813:9b53
2a00:1450:4001:808::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a04:fa87:fffe::c000:4902
52.223.61.136
00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
13a5d6deee5c86d1c86f8ab010b3dfcab1b0b500590024d8c7a44c279c96d443
1c1a5c3b528d661109a2e879b9fac186ea38a466b1146ead6e23017c565b2718
211e289aa6c6588438d8e32743816ec225dfb90bf9cacd2e404a4d5c92eebba7
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2aee396045e8313003eda4d9b0acc42c7a9cbd7c29b4a32480ba2489baacbecc
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2f617a099ba9e73c30624d09ec9c8cb90ae3e784e8f89d94be4574dfe1496266
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
326d6c39524da9a4b3d35286c798b93738a4665b29ce498d5b5df959a3a19012
33552950223a893ab31e75e809382ff2fa2764942c74b8a18db2f0fe3ffffbbd
3541fdf9d8da029f9c6f4e0a34940395e46f95a112b830d7f9f7acc9e5b8a392
4a6db13132ef5e4dc98723529dedf677f84b4993b7db70339cb1de93a910ffce
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5b617436a0767ee70e0eaedfd7d423c998be25dcdd3c6a997a3c17a2317b692e
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6429c09d26d4abed1c51691f17eb89c9c1fedf440964890e2a0fe9801e93e653
65c8182d14dac6f60e0865e949489e903cd1cd54689f04c08db049ba60ac644a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77d1c3c8ec1a286ae4eecc079f48f5c91a6d6a1ad8145ca29abec55904934168
77e8232dee29ca904e5726f29b02f784c6155de5e388e61570a74aedf61b69de
7cf773718da7d5c04f384586325b0dd3ad827daea5741f119071463b9d051ecb
81dbdd695385ce9e3065e0cf1d8f058169de79244b1d1be4059b527e31d23c77
82bfc506040c981ec142b63ec85a43e603310d9b5fac6598c5664a144f3c4e3e
8df981a2e0d74a44530cfe140f2ce72ad4cb7be724706b7a3cfcb160bd06590f
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
9b64f85d8068989c158ba9a881e4b5f4971eb769a6ec9ae697f5a0728ba294fb
9f7b3c1c9a817380967e2d68f41c86b4649b68dba06b37a49dab55bb5c5a6eab
a01127152b090004aa159e0d56664e2268a1de5334ba6d9d6515388a0f53a3b9
a3026cea7eff6a33625644f88eef3c6418831341116ff8f04054da6c7abc138f
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b31a805b14cdf1311a94debe97e7d5695f38eca4dddc65d98cb58e9c281cf36d
c1519dacf01319cb5e0caa709cf1cb40794474a6ca4eb2de3d6fcb86c6157bf5
c21f3f80c9adfdf9070c994d881f2069818a2d409b62834c805a7f17f08c91ef
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d56c47b16f28b437878a4da97d3d57b03fe7fae1ef27087b709f3d9f40882ebf
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e21533f30d64e48b8fdfc843f81198621a6c43d23dd66704c18abeb1d888aa5d
e331b9f3cc250a83492ca83902ca6bbd62cd955716a865a819d36b8e5dbe84d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3367b895674ec706b02be65ae0ee7416f158836f88ddc1d3e469e3bdd6cd4
e5cf71d2598e09f6d774ddf02d6ffb687023648c66ed7b03ed75116fefc0a4f0
e90135befb1cde3a65a625bd4b1947fe8241484d5248194fbb3ab8b3b9912706
ea4a235e83977d477d1f72e32749358b1594a3e7122cd0b5496038d5ccd791cc
ef0af8374f5f461615841a0310b1519bded90707a4702a79660de4280e28b9d4
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f23ec5c633f64e45cdb8119ea2bd55f81bd2bf4a46131cc6e7aa415024db18f1
f958b4527bcb3c4da9d038386657b0a8e498e40bb6d5eede4f0a42d4b1503221
f9dbfba2249f983c34ca80b4b4bbae5e4a0931683fdce8b2d5da86d90839960c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62